Monthly Archives: February 2018

CIPR Artificial Intelligence (#AIinPR) panel kicks off – and we need your help!

11362_CIPR_AiPR_Twitter_1024x512_1#AIinPR group kicks off work with crowdsourced tool project

The CIPR has launched a panel to explore the impact of artificial intelligence on public relations and the wider business community.

The panel is kicking-off a much-needed discussion around the use of new technologies with a view to explore the potential opportunities and threats of AI on the PR workforce and the future of the profession. As part of this, we will aim to define a capability framework for AI in PR, which will showcase the most anticipated changes in PR and how we can best prepare for them, offering greater clarity and certainty around this for professionals.

In a nutshell, the panel will aim to tackle three projects in 2018:

  1. A crowdsourcing exercise to characterise technology and tools that are helping public relations practitioners work smarter and more efficiently
  2. A skills framework that will seek to estimate the likely impact of artificial intelligence on the public relations workforce. It will aim to produce a paper for the World PR Forum in April
  3. A literature and content review to explore the impact of artificial intelligence on the public sphere. This project will aim to produce a discussion paper for practitioners

The panel has started its first project by inviting practitioners to submit examples of tools that characterise the impact of technology on public relations. Everyone who participates in the project will be cited in the results.

The panel is made up of the following people all of whom have expertise in this developing area. It will be chaired by Stephen Waddington Found.Chart.PR, Hon FCIPR.

  • Chris Dolan Dip CIPR, FCIPR, Independent consultant
  • Kerry Sheehan MCIPR, Weber Shandwick
  • Stephen Waddington Found.Chart.PR, Hon FCIPR, Ketchum
  • Alastair McCapra, CIPR Chief Executive
  • Matt Silver MCIPR, Ketchum
  • Sharon O’Dea, MCIPR, Independent consultant
  • Andrew Smith MCIPR, Escherman
  • Maria Loupa, MCIPR, Liberty Communications
  • Professor Anne Gregory Hon FCIPR, University of Huddersfield
  • Jean Valin Hon FCIPR, Valin Strategic Communications
  • Ben Verinder, Found.Chart.PR MCIPR, Chalkstream
  • Dr Jon White Chart.PR, FCIPR, Independent consultant

The CIPR Artificial Intelligence panel will contribute and help lead the conversation around technology and public relations. It will publish guidance for practitioners from each of its projects during 2018.

The panel is a great step towards the right direction, with many opportunities for anyone who would like to get involved.

If you are a PR practitioner and you are using any ‘smart’ tools that make your life easier, feel free to add your recommendations to our crowdsourcing project or use #AIinPR hashtag on Twitter. More AI-focused content to follow soon!




An introduction to the General Data Protection Regulation (GDPR): What you need to know

35440117101_cbfe2c9d2b_zImage credit: Descrier

With a whopping 2.5 quintillion bytes of data now being produced every single day, the debate around data privacy is showing no signs of slowing down;  consumers and businesses are still asking the same fundamental question – how, where and by whom is our data gathered and stored? This issue is at the heart of the upcoming EU General Data Protection Regulation (GDPR). Designed to bring more transparency and structure to data protection, it is the first major legislative change to European Data Protection law since Directive (95/46/EC) in 1995, which regulated the processing of personal data.

Despite the importance of this regulation, lots of British companies are seemingly unaware of it. This has been partially due to indecision on the part of UK businesses about whether to invest resources in achieving GDPR compliance, given the lack of clarity around the power of European directives and acts post-Brexit. However, following the UK government’s confirmation that it will implement the GDPR, despite the decision to leave the EU, businesses will need to be compliant by 25 May 2018 or face enforcement action.

In light of this, now is a good time to look at exactly what the GDPR is, what it will mean for UK businesses and how your organisation can prepare for it.

What is it?

Simply put, the GDPR is the new regulation framework to create tighter limits on the processing of personal data and give greater rights to individuals. It essentially protects the right of European residents to regain control over how their personal information is shared and used. It will apply to EU-based organisations, as well as the data processing activities of those who target EU data subjects – meaning that if your business is involved in the acquisition, use, transmission, storage, destruction and breach of personal data in any way, you will be affected, regardless of whether your business stores or processes data on EU soil.

The act contains eight principles data processors must abide by when it comes to personal data – these include provisions that data need to be processed fairly and lawfully, be obtained only for specific purposes, be accurate and kept up to date. Finally, anyone holding the data must take measures to protect it, with data not transferred to a country outside the EU unless that country also has rules in place to adequately protect it. There are also new limitations surrounding consent, as data owners must grant separate consent for different processing activities and can withdraw them at any time, or have their data erased under the GDPR. Furthermore, if a company has already made information public, then they have an obligation to pass the deletion request along to others.

It is important to note that GDPR only applies to Personably Identifiable Information (PII), which may comprise a very small percentage of an organisation’s data. However, GDPR covers a wide range of PII and can include URLs, pseudonymised data, physical data and so on. Personal details such as email, for example, may not hold PII and therefore do not need to become part of the compliance envelope.

Why you should care

As discussed, the GDPR will define how organisations can collect, use and transfer personal data. Not only will businesses need to adhere to local laws governing information retention in every market they operate in, but they also need to re-evaluate their individual business requirements and risk appetite. Failure to comply with the GDPR risks a maximum penalty of either €20 million or 4 percent of worldwide turnover (whichever is greater) – it can cost your business money, reputation, credibility and more. Equally, the first organisations to become compliant can use it as an accolade, highlighting that personal data is safe in their hands.

In addition, service providers or ‘data processors’, which  were not previously subject to the more restrictive aspects of data protection legislation, will also now be affected. Organisations that use third parties will have to ensure that their data provider complies with the regulations as, in case of a breach, both data processor and data controller will be considered to have shared liability and will be penalised. Furthermore, all public authorities and organisations where core activities involve ‘regular and systematic monitoring of data subjects on a large scale’ or large-scale processing of ‘special categories of personal data’ will be required to employ a dedicated Data Protection Officer.

Always be prepared

Ahead of the GDPR, it is very likely that most businesses will need to overhaul their framework to ensure compliance and that they are aware of what data they hold, why they hold it, where it’s kept and how long it should be kept for. They will also need to re-think what data is actually needed to manage business and employment relationships.

Organisations will be required to build a transparency framework that re-thinks how they engage with individuals, from contracting and permissions processes to providing clear and comprehensive information on how they handle personal data. The next step is to review contracts with third parties, and include a right of audit in their contracts. As part of this process, there is a huge education element involved. Regular data protection training will of course be required and will have to be extended to contractors and other third parties.

Becoming GDPR compliant will no doubt be a long and laborious task, but will also be a significant achievement, and potentially one of the screening criteria for tenders in the future. Let’s not forget that all businesses handling personal data will be required by law to become GDPR compliant by 25 May 2018, so it’s crucial to start planning and revisiting your data strategy today.

*Blog first published on Liberty Comms’ company blog here.

**Worth noting that, for PR Professionals, CIPR has issued an ‘introduction to GDPR’ guide, which is accessible for members via this link.


%d bloggers like this: