Give consumers control: the General Data Protection Regulation (GDPR) aims to protect personal information and give individuals the power to choose. Consumers must give consent for the use of their data, and companies must be clear about how they use it.
Know exactly what personal information you process: Nigel Jones says firms should assess where data is; what rights they have in relation to it; what they do with it; who they share it with; how they protect it; and what they do with it when they no longer need it.
Build trust through compliance: Jones says businesses must "understand what they do with their customers' data and be transparent to build customer trust".
Don't try to find loopholes in the regulation: "In order to comply with the spirit of data laws with transparent and principled data practices, professionals need to implement data ethics into their governance," says Caroline Carruthers.