The growth of hybrid and omnichannel events is creating added pressure for the events industry to understand the importance of data and legal compliance to avoid heavy financial and reputational damages.
Jaya Janwani, head of marketing at tech platform Eventcombo believes that the growing demand for a combination of digital and in-person experiences is placing the industry at risk of failing to adequately comply with data and legal requirements, as hybrid omnichannel events, along with the rapidly maturing metaverse events, become goldmines for data and sensitive information.
She says; “The events industry is an ever-increasing target of cybercrime, and hackers are growing increasingly sophisticated in their approach to targeting the digital spaces. As digital events utilise huge amounts of data – more so than in-person events – event organisers must adapt to have much stronger data capabilities to ensure they comply with data and legal requirements.”
The Covid-19 pandemic altered the future of the events industry by accelerating the need for improved digital connectivity, which ultimately transformed the ways in which events could interact and engage with their audiences. While increased data collection is a crucial element to the success of digital events, it also creates a massive influx of personal and sensitive information that is even more vulnerable to breaches in protection.
Data protection regulations have strengthened over the last few years, changing the way companies collect, process and protect the personal information of citizens. Now, it has become essential to have an informed strategy regarding the processing of personal data from event attendees, as well as an awareness of regulations like GDPR and CCPA, to avoid major fines.
Yet, research a year on from the enforcement of GDPR found that 90% of event planners were still facing a number of challenges meeting GDPR requirements, with only 81% believing they are complying with the new regulations. On top of this, there are new or revised data protection regulations coming into effect across a global scale.
Janwani says; “Data protection should be at the top of every event organiser’s agenda.
“Clear understanding of how the events industry can be affected by regulations across a global scale is critical, particularly with trends like personalisation driving more data-driven approaches to the way events are organised and tailored to attendees. Without it, organisers are at risk of considerable financial and reputational consequences.”
Last year alone reported the highest number of recorded data breaches, with a 68% increase from last year and a company falling victim to a cyberattack every 39 seconds. In Europe, there were around £245.3m worth of fines imposed for a range of GDPR infringements.
While many in the industry are complying, companies can be fined up to £20m, or 4% of annual global turnover depending on which is greater.
To meet regulations, organisers need to be targeting four key areas that have had the highest amount of issues; attendee consent, event registration, data sharing, and opt-outs, Janwani says. These four areas are where attendees should have the ability to access their data records, and provide consent for their data to be collected during the registration process, as well as the ability to opt-out at any chosen moment and have their collected data erased.
Jaya explains; “It sounds simple, but small things like providing options of consent can easily be forgotten during the wider process of planning and organising an event. But these areas are crucial, not only ensuring the correct and legal collection of data but also for protecting the company from accessing any unauthorized data.”
There are also three vital checks that every event organiser should be doing to improve compliance with regulations:
- carrying out regular, essential security checks and updates on current data collection software to ensure any vulnerabilities are mitigated.
- ensuring that all IT systems in use have regular audits and that any data stored is through systems that have complied with audits.
- proactively upgrade to new, advanced security systems, especially as cybercriminals increasingly become more sophisticated in their attacks.
Jaya concludes, “We cannot remain passive on this, nor expect data breaches not to happen. As hackers grow more sophisticated, we should be meeting them step for step to protect our businesses, our industry, and our attendees. The changing nature of the industry is shaping the way our audience interacts with events, and it is vital that proper data protection and compliance occurs now so that the industry can continue to prosper and innovate in the long run.”
“As an industry dependent on data, effective and up-to-date data management and protection can limit the risks of sensitive information being compromised, and prevent event organizers from breaching stringent data protection regulations. With constantly new technology on the rise, event organizers must remain vigilant and proactive to meet any and all new digital threats.”