The European Union’s GDPR and Its Effect on Data-Driven Marketing Strategies

This research paper analyzes the developing effect that the European Union’s (EU) recently developed General Data Protection Regulation (GDPR) will have on the marketing strategies of firms that rely on big data. Big data is identified as consisting of data and data analytics involving a huge volume of data, a diverse variety of data, and a high velocity of data capture and collection. This analysis begins with some discussion of the concept of big data and follows this up with overviews of both the GDPR and big data use in the marketplace. The EU replaced its older Data Protection Directive or DPD with the GDPR. The GDPR consists of a series of chapters and articles that require, among other things, consent to collect and store data, the anonymization of data, announcement in 72 hours of a data breach, provision of encryption and the identification of a Data Protection Officer. Marketing and the marketing function can implement emergent technologies that augment big data and its analysis while simultaneously achieving compliance with regulatory frameworks like the GDPR. These marketing related solutions are those such as blockchain marketing applications like Brave Browser and Blockstack among others. The report also examines the way in which enterprises use big data in their marketing strategies and how they are affected by it now that it has come into effect. Some of the more marketing-oriented uses and applications of big data are found in sophisticated loyalty programs, demand forecasting and customization either of experience or product/service. This study also offers some final recommendations related to GDPR compliant marketing strategies. These include the development of a comprehensive program to purchase consumer data directly from consumers and the introduction of blockchain as a means to facilitate a smoother transition to GDPR compliance.

the use and analytic objectives of big data focus on consumer-centric factors such as forecasting demand, isolating trends and identifying problems to be addressed through product/service development strategies and so forth (Bradlow, Gangwar, Kopalle, & Voleti, 2017). The observation is such that big data that focuses on marketing will especially damage marketing driven solutions because anonymization of the data prevents personalization of the data for marketing purposes. Big data consists of enormous amounts of data that has been amassed for ulterior purposes such that it is characterized by three specific elements: 1) volume which refers to relatively less dense and unstructured information, 2) velocity which refers to the rapid nature with which such data builds up and 3) variety which refers to the sheer diversity of data forms, types and information that is collected (Gerrard, Mooney, & Thompson, 2018). Understanding how these three qualities intersect produces improved understanding of what big data is and what it can accomplish if structured appropriately as the figure below demonstrates: Figure 1. Big data and the three vs Source: Sivarajah, Kamal, Irani & Weerakkody, 2017. This graphic reveals how important it is to house such data in structured databases that support analytical processes. In this fashion, it becomes evident that data itself is not unusual but rather how it is collected, what is collected and the way in which it is analyzed is shifting.
Big data makes direct reference to almost existential amounts of data and types of data that, until it is converted into some sort of intelligence, has little value and is a resource drain. However, once appropriately converted into intelligence through computing power, big data produces an equally enormous amount of value to an enterprise. Once the appropriate analytical processes are applied to big data enterprises that make use of it can accomplish a variety of inherently valuable outcomes (Bhadani & Jothimani, 2016;Yaqoob, Hashem, Gani, Mokhtar, Ahmed, & Vasilakos, 2016): 1) Retailers are able to utilize big data collected over time to predict consumer behavior and consumer attributes such as when a consumer is pregnant and even when the baby is due based on historical and current purchase patterns 2) Insurance companies apply big data to consumer demographics and behavior as a means to improve the predictive accuracy of their actuarial tables 3) Organizations apply big data to human resources in order to develop more accurate psychographics of employees as a means to improve hiring practices and track group dynamics 4) Dating and social media apps utilize big data to improve user experiences such as more accurate matches for the former and more targeted advertisement placement for the latter 5) Scientific centers utilize big data and distributive computing as a means to analyze signals received from space and to examine other scientific problems 6) Civic infrastructure and services utilize big data for such things as management of the smart grid to improve electrical grid efficiency and similar outcomes There are many, many other applications of big data literally across all industries and sectors. The amount of data that is generated in all segments of life is enormous and thus the amount of computing power that must be leveraged to analyze this data is equally large.
Given the extreme shift to big data as a strategic marketing device, it is necessary then to re-examine the efficacy of traditional data collection practices. That is, it is vital to ask if traditional data collection methods, traditional forms of data and traditional applications of data are even relevant within the context of big data and big data analytics in the contemporary space. One of the biggest issues facing marketers and marketing units is that traditional data sources and their respective data collection methods are, despite only being a few decades old, are antiquated by comparison to current and emergent data collection processes. These antiquated platforms include data collection points such as customer relationship management (CRM), enterprise resource planning (ERP) and enterprise data warehouses (EDW) platforms which all collect data in a rigid manner that lacks any form of adaptability to real-world shifts in context (Massaro, Vitti, Lisco, Galiano, & Savino, 2019). In effect, these traditional data collection points tend to collect data that is arbitrary in character. These are data points such as customer age, birth date or perhaps education level and so forth. While useful, this type of data fails to provide any sort of real-time consumer insights. Additionally, it can only be collected at the initiation of an enterprise-customer relationship.

The EU and Privacy Protections
At the very beginning of the digital age in the early and mid-1990s, the EU recognized the need for some sort of legislative and legal framework to protect the private data and information of its constituents. Thus, in 1995, the EU's European Parliament body implemented an early legal framework to accomplish this privacy protection within the common market. This early effort at protecting individual and corporate data and information was referred to as the Data Protection Directive or the DPD which detailed a series of 7 specific objectives that the DPD and any other legislative framework should enforce regarding privacy and data protection (Mayer-Schonberger & Padova, 2015): 1) provide ample notice to constituents that data is being or will be gathered, 2) state the reason that such data is or will be collected, 3) provide an opportunity for the affected party, individual or corporate, to consent to this collection, 4) develop a robust security platform that will host this data, 5) provide full disclosure regarding exactly who and what entities are collecting the information, 6) provision of access to the data that has been collected as well as the ability to make corrections if necessary, and 7) some sort of accountability process in which the parties collecting private data can be reprimanded accordingly for violations of these principles. The EU recognized that the DPD had to be replaced. Beginning in 2012, the EU began to develop the General Data Protection Regulation or the GDPR to replace the DPD. Thus, by 2016 the GDPR was generally agreed upon by all member states of the EU and came into force in 2018 in which the core principles of the framework are (Hoofnagle, Van der Sloot, & Borgesius, 2019): 1) gather the consent of the individuals or parties whose data is subject to collection, storage and processing, 2) ensure that all data is anonymized as a means to protect the relevant party's identity and privacy, 3) publicly announce when and how any breach of collected data has occurred, 4) securely manage any transfer of data from one party to another either in market or across national boundaries, 5) require specific types of companies to have a "data protection officer" in place to manage GDPR compliance within the EU.

The GDPR Framework
The GDPR in its final form consists of a series of standards that have been condensed into a number of chapters and articles that allows for legal and enforcement application. The ultimate purpose of the GDPR is to provide the citizens within the EU with a greater amount of personal control over the data that is collected by various entities about and for them. The GDPR is centered on the recognition that every single facet of daily life is now associated in one way or another with data. This means that either everyone has to have data to accomplish something or produces data as a product of consumption or relies on access to data to transact some sort of activity. Hence, of the 91 articles included in the GDPR, the following articles are seen as the most critical in terms of data protection, privacy and security (Hoofnagle, Van der Sloot, & Borgesius, 2019;General, 2019): 1) Both articles 17 and 18 relate to personal control over one's own data and specifically these two articles guarantee the "right to portability" which allows transference of data and the "right to erasure" which allows removal of data 2) Articles 23 and 30 both relate to the obligation of firms to maintain methods to secure and protect consumer data 3) Article 31 requires firms that experience a data breach to notify what are referred to as "supervising authorities" of a data breach no later than 72 hours after a breach is discovered 4) Article 32 mandates that firms that have a data breach notify the individuals whose data has been affected of such a breach as rapidly as possible 5) Article 33 mandates that firms operating in the EU have a "Data Protection Impact Assessment" on hand as part ijms.ccsenet.org International Journal of Marketing Studies Vol. 12, No. 1;2020 of their risk management program 6) Article 35 is the article that mandates firms assign a "Data Protection Officer" that is responsible to ensure the firm is in and remains in compliance with the GDPR 7) Article 45 of the GDPR relates to international firms that either operate in the EU or transact data of EU citizens which requires such firms to also be in compliance with the GDPR 8) Finally, Article 79 relates to the actual enforcement of the GDPR wherein firms that are non-compliant with the GDPR can be formally penalized as much as 4% of their overall annual revenues at the EU's discretion The EU is very serious about ensuring the data privacy and data protection of its citizens. The accountability and enforcement functions are overseen by the aforementioned Supervising Authorities or SAs to whom firm Data Protection Officers or DPOs report and to whom all firms must demonstrate GDPR compliance (Mondschein & Monda, 2019). The GDPR awards far more regulatory authority to these SAs than prior enforcement mechanisms had. SAs within the GDPR framework can cite a firm for non-compliance, undertake data privacy and security audits to verify compliance, mandate that data be made more secure or even deleted, prevent firms from the transfer of data within or even without the EU as well as issue fines at their discretion (Mondschein & Monda, 2019). In other words, the GDPR has far more administrative teeth than the DPD ever had.

How Firms Use Big Data
In many instances, firms are setting up and implementing bid data related processes with purely efficiency in mind. These innocuous big data operations may include nothing more than improved tracking of a consumer's activity on social media or on news reading habits online as a means to isolate future purchasing habits and so forth (Ducange, Pecori & Mezzina, 2018). These types of big data activities do not require personal information from the consumer but should still respect the privacy of the user. This general and innocuous application of big data is characterized in the following chart: As the above information makes clear, much of the use that enterprises find in big data is aimed at improved forecasting, reducing expenses and improving productivity. In fact, as the chart reveals, reducing expenses seems to be of significant importance in developing the rationale to implement big data processes within a firm.
Of course, many firms are intent on monetizing the big data that they collect and in developing additional revenue streams derived from their big data operations. It is these types of big data expectations and applications that can lead a firm into conflict with privacy laws such as the GDPR or simply into conflict with privacy expectations on the part of the consumer. With respect to big data, there are virtually limitless ways in which it can be garnered as a competitive strategy. Yet, some of the more prominent applications in the real world include the following marketing focused examples (Williams, 2016): 1) The soft drink and sports beverage company Coca-Cola developed a big data driven consumer loyalty program that integrated consumer activity on social media platforms tracking likes, content accessed and comments made in order to better align its advertising targeting with specific consumer groups ijms.ccsenet.org International Journal of Marketing Studies Vol. 12, No. 1;2020 2) Netflix, the online video streaming service, is an excellent example of an early adopter of big data collection, analysis and feedback. The company developed a series of targeted algorithms to analyze the enormous amount of data that it was able to collect through its online platform from its consumers. This data included its sophisticated recommendation system, historical viewing patterns, trailers viewed and time spent on the platform among other datapoints 3) Amazon is perhaps one of the best examples of a major enterprise that leverages big data across virtually all of its operations and businesses. Amazon collects, secures and applies big data as a means to feed purchase recommendations to its consumers, make product suggestions online, identify future product innovations based on product reviews and feedback, identify future markets based on product inquiries and demand, and, increasingly, to build-out its own supply chain and logistics operations which utilizes big data to place logistics hubs, distribution centers and map out delivery routes among many other applications 4) Financial institutions such as JP Morgan Chase have developed very sophisticated big data analysis platforms in order to manage risk in the marketplace. JP Morgan Chase in particular leverages Hadoop which is a series of applications that collect, manage and analyze big data related to credit card transactions that allows the bank to almost immediately spot illicit transactions, fraudulent accounts and defaults from across its consumer base Perhaps the one common denominator across all of these real-world applications of big data is that the discipline of statistical analysis is applied to extremely large datasets. Regardless of the analyses applied to big data, it is also apparent that the character of data being analyzed has shifted.
In response to these shifts in the character of data and the way in which data is being collected, enterprises are changing the way that they collect data. There is a need to retain these traditional data collection methods, but the emergence of social media, social shopping, and social enterprise platforms has meant that firms must innovate their data collection processes. The very character of big data means that data collection has to evolve in tandem with the management and analysis of such data. For instance, big data in the current commercial space is vastly bigger than in previous eras; big data is extremely fast moving or is generated at extremely high velocity; emergent datapoints require entirely new ways to extract and to analyze them and often rely on equally new systems such as artificial intelligence (AI); and finally the growth rate in the amount of data being generated requires ever new ways to curate that data (Johnsen, 2017). The fact is that big data may very well be evolving at a faster rate than the underlying technology that is responsible for it.
Social media and social technology platforms in general vastly contribute to the amount, type and velocity of data being generated by customers, clients, consumers as well as businesses. By most estimates, it is expected that the overall volume of data that is generated from social platforms will exceed 44 trillion gigabytes globally by the end of 2020 alone (Helbing, 2019). What has contributed to this incredibly high volume and variety of data has been social media status updates, user/member generated photos and videos, user/member responses to posts (likes, loves, dislikes, etc…), and user/member feedback in socially supported feedback loops. Furthermore, the things that enterprises and even smaller firms can do with these newer forms of big data are quite astounding. From a marketing perspective, one of the biggest strategic developments to arise from these emergent forms of big data and the management of this big data is personalization. Personalization is a marketing strategy that allows enterprises to personalize either products and services at an individual level of specific consumers or, alternatively, to personalize the brand image and branding messages that target an enterprise's consumers (Helbing, 2019). Regardless of the specific solution that a marketer or marketing firm adopts as a means to act on this emergent big data, the outcome is improved targeting, deeper market penetration and even more efficient product/service development.
Essentially, big data provides an effective mechanism to identify new products, product extensions and innovations that can be monetized. It is then up to the firm to develop marketing strategies that leverage big data in the market. Big data provides a means by which enterprises can directly leverage the data that they may already collect. As the granularity of data has increased with the digital age, firms of all sizes are now able to track and analyze consumer data in a way that allows them to isolate trends such as consumer feedback or reviews that tend to speak about the same thing which can then be used to develop a product or service that addresses this need (Akter & Wamba, 2016). The result is such that the firm is able to specifically target a new product or service or a product or service extension based not on academic research but rather on real-world feedback from consumers.

GDPR Impact on Big Data
There is little doubt that the GDPR is having and will have a significant impact of how firms are able to leverage big data. The very purpose of the GDPR is govern the way in which firms leverage big data in the marketplace. Therefore, what is really left to understand is the actual character of this impact vis-à-vis the way companies apply ijms.ccsenet.org International Journal of Marketing Studies Vol. 12, No. 1;2020 their big data analytics in the marketplace. Some researchers have noted that one effect of the GDPR initially is that it restores equality to the competitive marketplace. Big data is a competitive differentiator and the larger, more resource rich a firm is then the more capacity it has to leverage those resources towards capturing data at a scale that most companies cannot envision (Hofacker, Malthouse, & Sultan, 2016). By extension, if big data is seen as a competitive differentiator and those firms that amass enormous amounts of data effectively know their consumers more, companies that cannot capture as much or any data perhaps end up being marginalized in their target markets.
The response by firms to the shifting character of big data and the way in which data is collected is diverse. However, the one quality that is universal among all the various strategies is that the prioritization of big data has become even more critical from a competitive advantage perspective. Marketers understand that customers, either business or retail, now expect a significant level of personalization due to the two-way communication channels, feedback loop and dialogue mechanisms facilitated through social technology platforms. This personalization within the context of big data in the contemporary business space is described in the following way: "This can help them [marketers] discover hidden patterns such as the way different groups of customers interact and how this leads to purchase decisions. Equipped with these insights, companies can then develop targeted marketing campaigns that cater to the customer's individual preferences" (Svilar, Chakraborty, & Kanioura, 2019). Furthermore, it is also the sources of data that has altered the big data landscape as well.
As the consumer space has become ever more infused with interconnected technology platforms, computing devices and connected appliances, data has literally come pouring in as it were. Of course, some of the data and data sources remains traditional but has been greatly augmented by the influx of all of these emergent datapoints. The table below details the distinctions between old big data versus new big data characteristics if one were to put it in this way: In this regard, it becomes readily apparent to even the most casual observer, that the data produced through emergent sources such as mobile devices and so forth is much more nuanced in character. Additionally, capturing such data involves much more extensive partnership building in order to either facilitate collection or to source the data itself.
One issue with the GDPR with respect to its compliance framework is how emergent technologies can be integrated into it or even if the GDPR will stifle such innovations. For instance, blockchain is an emerging technology format directly involving big data and data manipulation. When one speaks of blockchain one is referring to a decentralized type of network referred to as a distributed ledger in when records or data are organized as blocks which are encrypted (Camilleri, 2019). This technology is so innovative because of the architecture of the network which makes it extremely secure. The image displayed below characterizes the way in which a decentralized, distributed network differs in its core architecture from other configurations: The network model on the right of the image above demonstrates the way in which nodes in a blockchain network are distributed to every other node. This architecture allows for the monitoring and accountability for all data within the system. Blockchain's distributed ledger system and its encryption ensures that once formed, its blocks of data cannot be changed or manipulated without the permission of everyone in the network (See Appendix 1 of this report).
As mentioned, big data and emergent technologies such as blockchain are completely altering the entire concept of marketing and how traditional marketing functions. Traditionally, big data tended to be a one-way street with businesses and organizations being able to gather, collect and analyze customer or consumer data with little to no return benefit to consumers or little to no way for consumers to mediate this data transaction. Blockchain, in the context of marketing, changes this one-sided relationship into a bilateral one whereby the consumers now regain some degree of control over their own data as well as potentially having the ability to monetize their own data. There are certain web-browsers in development, such as Brave Browser, which is built on blockchain technology that allows consumers to retain control over the degree, type and form of advertising that they are presented with while online through the use of token technology (McEvily, Novaes, Panesar, Moyer, Karr, Ng, & Ryan, 2018). This blockchain enabled browser distributes what are referred to as Basic Attention Tokens or BATs to web users in exchange for them interacting with advertisers and marketing messages (McEvily, Novaes, Panesar, Moyer, Karr, Ng, & Ryan, 2018). Hence, online consumers are basically compensated through these BATs to view and/or interact with marketing messages that they are presented with.
Likewise, another blockchain enabled internet/web-based solution with significant marketing implications is Blockstack. Since the development of the web and online browsing, consumers have been required at certain junctures in the online environment to provide some type of personal data whether it is just their name or more extensive data such as age, gender and marital status and so forth. Consumers have become inured to these requirements to some degree but blockchain technology has the capacity to restore control of one's own personal data to the consumer. Blockstack essentially creates an entirely new network in which data security forces apps and websites online to require a security key that only temporarily unlocks the personal data of an online consumer (Rodriques, Bocek, & Stiller, 2018). This type of system only works because of the technological innovation of Blockchain which supports encryption technologies, data privacy and the ability to pull data back from parties on the network.
An accounting of the scale of available data is all that one needs in order to understand the effect that the GDPR will have on big data related activities throughout the EU. Big data itself and big data related activities must be curtailed in some respect in order to comply with the GDPR restrictions to its use. This is not to say that big data and related activities cannot take place within the EU for they surely can and will. The observation is such that before the typical uses of big data can be implemented within the EU, the criteria for such use as spelled out in the GDPR must be met:  Google, for instance, retains over 1m petabytes of data in its servers and daily processes through some 25 petabytes of data Searches on social media There are more than 32b unique searches made monthly on the social media platform Twitter alone Video storing and viewing YouTube has an estimated 1b unique visitors monthly with almost 7b viewing hours in that same time period Data mass and creation An estimated 90% of the data that exists presently has only been created over the past 2 years Data growth It is estimated that the amount of data available will double during a 2-year period Amount of data Globally the amount of online/cloud data will be more than 40-42 zettabytes/5250 gigabytes for each individual on the planet Source: Garrett, 2018;Camilleri, 2019. When viewed from this perspective, the effect that the GDPR is and will have on big data uses in the EU marketplace are sure to be significant.
Any data, as mentioned previously, is only useful after it has been converted into some form of intelligible format and then had an analytical process applied to it. Since the GDPR requires firms that collect big data to anonymize all of the data that they collect, some of the specificity down to individual consumers will be lost in the analytical portion of this conversion of big data to intelligence (Yeh, 2018). Within the GDPR framework, the element of consent to collect and then use data that firms are required to secure prior to collecting the data from consumers is not a universal permission to continue to collect data, to sell and market that data for downstream activities and to utilize permissions/consent as a means to forcefully gain access to an application (require users to accept a user agreement providing consent in order to have a social media profile for example) (Schiffner, Berendt, Siil, Degeling, Riemann, Schuab, & Polonetsky, 2018). The GDPR develops restrictions on these types of approaches to big data collection. This changes the way that big data is analyzed, marketed and sold.
In terms of actionable marketing solutions that allow marketers, marketing firms and marketing departments to leverage big data in the contemporary marketplace, there are a few that are becoming a prerequisite to competitive parity. One such marketing solution that has emerged over the past several years as a mechanism to leverage big data within the marketing space is the Next Best Action or NBA strategy. The NBA strategy is a marketing strategy that is derived through real-time data, feedback and embedded datapoints that allow marketers to make executive product/service decisions in real-time (Kovachev, 2019). More traditional marketing strategies tend to create a marketing solution first and then present this to consumers or clients as the case may be. However, with NBA, it is consumer/client interests and desires that stimulate the enterprise to create, through the use of big data analytics, uniquely customized marketing solutions for customers/clients. Consequently, it is apparent that NBA and other contemporary big data marketing solutions have become so sophisticated that they isolate what consumers are actually trending towards and then anticipating what product/service will meet this demand. It is useful to note that consumers or clients themselves may not even fully be aware of what they are demanding yet but big data and big data analytics leveraged through solutions such as NBA allow marketers to anticipate this emergent demand. Thus, NBA is centered on a sophisticated set of algorithms that parse social media, streaming and click-stream data channels in order to develop accurate predictive models: Without the introduction of and access to all of these newly emergent real-time data channels, it would be impossible to develop this type of consumer/customer driven marketing strategy. NBA and similar big data marketing solutions allow enterprises to become more responsive to market-based insights that would otherwise go completely unnoticed.

Conclusions
This report discusses the GDPR in the EU which is a series of privacy protections, standards and regulations that govern how corporations use private data collected from consumers. The specific focus of the analysis has been on the ways in which the GDPR has and will continue to affect the way in which enterprises use big data in order to achieve their business objectives with respect to the EU marketplace. The GDPR is identified as the new data protection framework that replaced the prior framework identified as the DPD which was first developed in 1995. While first released in 2016, the GDPR did not fully come into effect until 2018 so the ways in which it has affected the use and application of big data in particular remain not fully explored or known at this time. Marketing strategies designed to leverage big data take the form of strategies such as loyalty programs referred to as predictive spending programs, consumer experience customization such as developing targeted advertising for related products and of course forecasting demand or identifying a market need (Erevelles, Fukawa, & Swayne, 2016). In terms of identifying whether or not the GDPR will have a negative effect on innovation in the marketplace, the main argument for this is its apparent conflict with blockchain.
Blockchain technology has been shown in this report to be more of a system architecture design than any specific product or service. The discussion of the GDPR underscores just how much of an impact the law is and will have on those firms that transact in big data. Thus, as these firms attempt to innovate and adopt emergent technologies such as blockchain, they must first determine if these technologies are in conflict with the GDPR if they involve data management. However, blockchain is also a technology that shares the privacy and protection of all data in the same exact way that the GDPR seeks to enforce (Gerrard, Mooney, & Thompson, 2018 the GDPR may actually be ideally suited for each other. This is because blockchain networks can actually be configured in multiple ways such that it can manage data in compliance with GDPR while still benefiting from its distributed ledger format. Blockchain networks can be configured to support public permissions, fully permissioned networks and also fully private blockchain networks (Al-Zaben, Onik, Yang, Lee, & Kim, 2018). While the level of distribution lessens with each configuration, the underlying architecture of the blockchain remains the same.
It appears that one major issue within marketing relative to the GDPR and data-driven marketing solutions is that traditional data sources and their respective data collection methods are becoming outdated. The discussion demonstrates that there is a need to retain tradition data collection methods, but the dominance of social media, social shopping, and other social enterprise solutions have meant that firms have had to evolve the way they collect data and how they analyze this data. Thus, marketing strategies like the Next Best Action or NBA strategy have been developed to derive through real-time data, feedback loops and embedded datapoints, analyses that allow marketers to make marketing decisions in real-time. Also, the discussion revealed that some web-browsers, such as Brave Browser, which is built on blockchain technology, allow consumers to retain control over their own data while online through the use of token technology. Still another blockchain supported marketing solution, Blockstack, creates an entirely new network in which data security forces apps and websites online to require a security key that only temporarily unlocks consumer personal data.

Recommendations
There are a range of solutions that can be recommended for enterprises that use and leverage big data in the EU marketplace. Consumers in the EU certainly benefit from the GDPR and its stringent privacy protections. Nowhere is this benefit more apparent than in the realm of big data. The GDPR essentially takes control of private data from private enterprises and returns it to the consumers to which it ultimately belongs. This overarching principle of autonomy and control over one's private data is summarized best in the GDPR itself which posits that consumers should, "not be subject to a decision based solely on automated processing, including profiling" (Article 22, 2019). Given the rise in prominence of movements seeking to give consumers make some control over their personal data, it is little wonder then that companies are struggling to develop an effective strategy to accommodate the GDPR.
Perhaps one of the most basic recommendations that can be made is that enterprises that transact in big data create a financial case for mediating consumer data. For the most part, consumers are kept out of the monetization process of their private data. That is, consumers traditionally do not profit in any way from the collection and use of their private data by for-profit enterprises that use it for a multitude of ways that result in positive cash flow and returns. Several studies have found that a majority of consumers would generally be agreeable to sell their private data if the given price-point were sufficiently large in the range of $150 to about $170 on a monthly basis (Rao & Ng, 2015). Of course, this price-point is quite high and effectively place a rental fee on their data for the firms that would use this data which is too high for them to profit off of it.
However, the fact that consumers in general are open to a discussion to sell their data outright or to effectively lease it provides a window of opportunity for firms to achieve compliance with the GDPR and still leverage big data effectively. Thus, the first recommendation is that enterprises that rely on big data in the EU should develop a plan to purchase consumer data along the following lines: 1) Offer two options for consumers: a) sell their private data outright or b) lease their data on a monthly basis 2) The price-point should be based on actuarial tables developed for this purpose in which the relevance of the data is based on the lifecycle of the consumer and represents 1-2% of the expected returns from that data over the life of its relevance 3) The price-point is a mechanism to blanket consent over the lifetime of the contract While this type of solution may not be feasible for every enterprise, it certainly is for those that deal regularly with big data-either as a consumer of big data or a generator of big data or both. Furthermore, even just implementing this strategy partially provides both an avenue for revenue generation as well as higher quality data.
One final recommendation that can be made relates to compliance with the GDPR and technology innovation. It is clear that emergent marketing related solutions such as Brave Browser and Blockstack can actually bring marketing firms and departments into compliance with the GDPR and other territorial regulatory frameworks while actually improving the responsiveness of big data driven marketing solutions. When developing a blockchain network, privacy-encryption-consent-permissions among others, are all built into the platform and selectable from the outset (Wirth & Kolain, 2018). Interestingly then, the initial reaction is to dismiss blockchain as antithetical to the GDPR, but in reality, it is ideally suited to achieving GDPR compliance.

Copyrights
Copyright for this article is retained by the author, with first publication rights granted to the journal.
This is an open-access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/4.0/).