… Or the pinnacle of business appropriateness when selecting strategy?
Whenever you ask a professional about which option you should choose, the answer generally comes back in some form as ‘well, it depends..’ It sounds like the regular cop-out, but it couldn’t be more accurate.
Last year Wetherspoon’s stopped sending out a newsletter to email subscribers, citing the risk of data breaches as a feature in this. https://gdpr.report/news/2017/06/30/jd-wetherspoon-purposely-deletes-entire-mailing-list/
Fundamentally, a company has to balance the risk of holding data against the benefit of using it. Somewhere Wetherspoon’s decided that this marketing was not of substantial benefit to the company. They decided that processing this personal data was not helping them to increase custom nor develop the company. Perhaps a good time to check what you are getting from that mailing list you treasure so much!
And then, Wetherspoons recently announced it was deleting all of its social media accounts. http://metro.co.uk/2018/04/16/wetherspoon-close-900-pubs-head-offices-social-media-accounts-trolling-7470251/
Essentially this is the same idea. If the posts are of people complaining when you wish they would have said something in the pub at the time, then this isn’t going to be a pivotal feature of gaining customers. If social media is beneficial to your audience, you either need frequent communication or lots of new products to show. Maybe you want people to be drawn to your website of instore browsing is not an option for your business. Maybe you like to Tweet your new stock, or Facebook that new special offer. This isn’t about saying if Wetherspoon made the right choices, just that they boldly did what was most appropriate for them.
Then again, we are talking about the pub chain who made an app so you never have to go to the bar and lose your seat again?! An app that is perfect for a pub, because let’s be honest everyone would rather stay chatting with their friends than stand in a massive queue trying to get the bar staff’s attention when here is an app that put all of the orders in a nice long list and no one gets irate! The app uses your email address, and your location to say which pubs are near, and it keeps your orders. It doesn’t store card details though. It’s a smart example of not collecting excessive amounts of data when you do not need it.
So, what can you learn here?
The answer is choosing the right things to invest in for your business, and use cost benefit analysis. If your social media campaign is what keeps your company afloat, then choose appropriate controls for processing that data. However, if that piece of in-house software is an integral part of your business, don’t waste your time social media. (Of course the two aren’t mutually exclusive and your strategy has to be about getting the balance right.) The point is, it’s about choosing controls that are suitable to the risk. You wouldn’t worry about putting even more controls on the perimeter, if the threat was posting documents to the wrong address, and you wouldn’t ask someone what their favourite colour was, if you only needed their name and bank details for payroll.
A strategy is simply using the appropriate amount of data in a fair and transparent way, and then implementing appropriate technical and organisational security – straightforward right?
Probably your strategy will not be refined in such a public way, but the lessons are just the same.
Choose right for your organisation.