We are days away from the implementation of the GDPR, Europe’s General Data Protection Regulation. Enforcement starts May 25th, 2018.  This law, as well as a variety of new data privacy changes in the apps businesses love to use, will greatly impact how fashion companies operate when it comes to collecting and handling consumer data. Here are three ways new privacy concerns will affect businesses in the fashion industry.

Please use this as general information, not as legal advice. If you have any questions regarding privacy laws, please consult an attorney.

#1 Less data will be available for influencer marketing

Facebook’s recently updated privacy policy had a great impact on influencer marketing. Instagram’s parent company decided to modify third-party access to data which means that the features third-parties once relied upon do not exist anymore. For instance, platforms that tracked likes to send registered users targeted emails with shopping information directly related to the post a user had liked will need to find alternative ways to provide fashion companies with direct shopping features. Fashion businesses who were relying upon websites that scraped Instagram to find potential influencers and their follower demographic are also deeply affected by this change, as access to influencer data will become more and more complicated.

#2 “Privacy by design” will be more relevant than ever in the fashiontech scene

We’ve addressed the importance of thinking about data protection at the very beginning of your product development in a previous blog post about fashiontech concerns. This happens to be even more relevant as concepts like “privacy by design” are integrated into laws like GDPR. As privacy regulations become more and more restrictive (and it is not impossible to see a shift towards GDPR-strength protection in other parts of the world), handling less data will relieve fashiontech businesses from a massive burden as well as make compliance far easier.

#3 Internal processes and documents will need to be reviewed

One of the many positive aspects of new privacy concerns is full transparency. Online fashion retailer will need to review the information they provide their users with through website privacy policies and terms and conditions. These changes are necessary in order to ensure that consumers are not only fully aware of what data is collected and how, but also able to understand these documents, which need to part ways with typical legalese.

Stricter privacy laws will also require fashion businesses to assess their internal processes to ensure they are ready for events such as data breaches and the required subsequent notifications. Internal processes must also be reviewed to properly understand how data flows through companies and whether or not there are ways to simplify data handling.

Finally, old contracts with third-parties will need to be revisited to ensure that all entities handling data are also under the same privacy obligations. New privacy concerns will also require the drafting of new documents (laws such as the GDPR require data processing agreements to be signed between data controllers and data processors). Considering the amount of players in the fashion industry (retailers, distributers, website hosts, manufacturers, etc), this task will definitely have an impact on how the industry does business on a regular basis.

As with all Law on the Runway posts, please use this as general information, not as legal advice. If you have any questions regarding privacy laws, you may email hello {@} lawontheruway.com.