Securely online

Legislation sets clear boundaries for the utilisation of user data, says Santtu Elsinen, Chief Digital Officer at Alma Media.

Data has become the foundation of media business. At the same time, scandals related to the user data of social media services, for example, have made consumers restless. How does a responsible media company operate in such an environment?

Our operations are, of course, based on legislation and authorities’ instructions. In addition, we follow the recommendations of our industry. We operate as transparently as possible and clearly explain our reasons for collecting data, the purposes of their use and the parties to whom we may disclose data. We respect consumers’ rights and fulfil any requests concerning data files as quickly as possible. We are developing our services so that, in the future, reliably authenticated consumers will be able to directly access their data in a self-service system.

It is important to note that while customer data is important to us in terms of service development, for example, selling the data of an individual customer to third parties is not the core of our business operations. This clearly sets us apart from social media operators.

The General Data Protection Regulation of the European Union guarantees extensive rights to consumers concerning the use of data. What types of rights are included?

Consumers are entitled to clear and transparent information on the processing of data. They have the right to access their data and to request rectification to their incorrect or expired data. They can also object to the processing of their data or to request restricting of the processing. In addition, under certain conditions, consumers also have the right to data portability and to be forgotten if there are no longer justified reasons to retain the data. A lifespan must be determined for any data stored in data files and the data must be erased from the systems at the end of said lifespan. In addition, collecting information on online behaviour, for example, requires that the consumer is informed and, partially, asked for consent.

How has the GDPR affected the operations of Alma Media?

We carefully prepared for the regulation by updating our systems and data protection agreements and training our employees. When the regulation entered into force, the demand for programatically purchased advertising momentarily dropped throughout Europe due to general uncertainty. Since then, programmatic sales have nearly regained their original standing. In practice, the regulation has increased the number of consents requested from consumers in terms of location and cookie data, among other things.

Increased digitalisation means increased information security threats. What has Alma Media done to detect such threats?

We constantly monitor the situation and have increased our technical capacity in terms of managing malware and viruses, phishing and access control. We have improved the technological information security and surveillance of our online services to ensure efficient recovery in case of any disruptions. Phishing through e-mail and false invoicing attempts occur often, which is why it is important to educate and actively inform users.

How can a customer know that their advert is published in a secure environment?

Share article