The European Commission’s New Deal for Consumers will apply to traders that target consumers in the EU from 28 May 2022. Organisations impacted by the New Deal have two years to get into shape – which is advisable, because the New Deal empowers regulators across the EU to impose GDPR-style fines for breaches of consumer legislation. Like the GDPR before it, the changes will affect most functions within businesses affected by the New Deal. Organisations can leverage a lot from their experience getting ready for the GDPR to smooth the path to compliance with the New Deal. See below our top five tips.
1. Start prepping early.
Two years is plenty of time to prepare for the New Deal: two months is not. Now is the time to:
a) Understand the new requirements
Some aspects of the New Deal are new. For example, traders must take steps to improve transparency in relation to ranking and search results and personalised pricing, and existing consumer rights will apply to digital content and services that are provided for free.
Other aspects of consumer law are unchanged by the New Deal, such as the requirement for transparency and fairness in consumer terms and conditions, but the introduction of meaningful fines means that there may be areas where your current approach carries a level of risk that will be harder to accept in the context of GDPR-style fines for infringements.
b) Assess which parts of your business will be affected
The New Deal is likely to affect pricing, advertising and marketing, product development and legal departments. Work out who within those teams can help develop the strategy, drive change, and embed and disseminate institutional knowledge.
2. Prioritize effectively.
Identify the changes that will require the longest lead-time, and are the highest risk from a regulatory enforcement perspective. Focus on these first.
In the context of the GDPR, organisations prioritised developing compliant user consent flows and establishing mechanisms for users to exercise their data subject rights. This made sense for a variety of reasons: regulators across Europe opined extensively on these topics, while making the technical changes required to comply was complex and time-consuming.
Similarly, traders should focus on ensuring that consumer touchpoints meet the objectives of the New Deal. Prioritise the consumer purchase flow (focusing on transparency of ranking and search results and the presentation of pricing) and establishing practical processes to address and respond to consumer enquiries and complaints. These are open to audit by consumers seeking to enforce their enhanced rights and regulators seeking to use their improved enforcement powers.
3. Communicate with internal stakeholders
Explain the key changes to senior stakeholders and those with Board-level responsibilities – the sooner, the better.
Public awareness of privacy rights grew rapidly as GDPR implementation date approached. This led to a degree of panic in boardrooms worldwide. Develop a proactive strategy for engaging and educating senior decision-makers so they know what is coming and are prepared to accept and promote a degree of organisational change.
4. Upskill your business
In the six months ahead of implementation, deliver training to all areas of the business, especially advertising and marketing teams and anyone in a direct consumer-facing role.
Are existing resources sufficient? The GDPR saw a huge growth in privacy roles – with intense competition to recruit experienced candidates. Although the New Deal is unlikely to merit an expansion on the same scale, the enhanced fines and improved rights for individuals may justify an increase in headcount dedicated to delivering the New Deal for consumers.
5. Monitor regulatory attitudes and activity
As we are seeing post-GDPR, market practice and enforcement priorities will evolve over time. Keep a close eye on what regulators are saying in the run up to implementation of the New Deal and identify enforcement priorities.
It is likely that regulators with responsibility for enforcing the New Deal will expand significantly over the next two years. By comparison during 2018-2019, the Information Commissioner’s Office increased its workforce by 40%.
Regulators in some jurisdictions will be more active than others. Consider which regulators are most likely to take an interest in your business, taking account of the geographic spread of consumers that access your products and services and focus on the priority areas they identify
Our global consumer protection practice is well-versed in advising on multijurisdictional compliance programs. If you have any questions on any of the above or need advice on preparing for the Consumer New Deal, you can contact us below.
