The Influence Of GDPR On E-Commerce Sites

The GDPR effects multinational e-commerce by reducing the ability to collect and share browsing and purchase data with marketing partners or sharing the data with in-store teams. Today’s retail, both online and in physical stores, environment is moving towards offering personalized services and without the ability to effectively collect data it will be difficult to effectively grow business online.

Contributors: Steven Losco from Runway Court of Opinion

The influence of GDPR is already being felt; in fact starting in May of this year, consumers were flooded with a tidal wave of We've updated our terms email, which was a direct result of GDPR going into effect that month.  Where both businesses and consumers will see the most visible influence of GDPR in the near term is in the area of personal data collection, use, and storage.

For example, businesses can no longer play fast and loose with the collection and storage of personal data, and consumers will see a corresponding reduction in business mailings for which they did not sign up, and an increase in the number of data confirmation and protection notices they receive.  It should be noted that GDPR only protects consumers in the EU, however, businesses everywhere must comply with it as GDPR specifically states that it will be enforced against any business with respect to a consumer in the EU, regardless of where in the world the business is located.

Contributors: Anne P. Mitchell from Institute for Social Internet Public Policy

One aspect of e-commerce which is likely to be affected is the quantity of personal data being requested by the e-commerce site. The GDPR request necessity and proportionality, or data minimization. Where the processing and completion of an e-commerce transaction don't need a particular personal data item, it cannot be justified for collection. Take for example, asking for home address if the item is to be supplied electronically via email.

Contributors: Chris Payne from Advanced Cyber Solutions

Marketing strategies will either have to change or become more transparent. eCommerce sites, in particular, are masters of cookie tracking and behavioral analytics. This is not prohibited by the GDPR, however the way in which personal data such as online identifiers needs to be made clear to the customer and where unjustifiable, not happen at all.

Contributors: Chris Payne from Advanced Cyber Solutions