As the European Union’s new regulation has already been in effect for over a year, the warnings to companies to comply with the General Data Protection Regulation (GDPR) have now passed. It is expected that data privacy violation fines will begin to take hold in the market. Meanwhile, The California Consumer Protection Act CCPA is set to go into effect 1/1/2020 and there are active discussions of making this set of regulations a Federal standard across the United States.
Now, while business cards form a social contract for contacting the person who handed the business cards. There are still some tiny little details one needs to pay attention to and avoid a potentially devasting 4% of Annual Rev / $20M fine.
Follow Up Emails or Spam
The main spirit of GDPR is consent. The person you just collected data from must have given consent to the use of his/her data. When someone hands you their business card, they are giving you consent to contact them. It is an explicit, direct, transparent, opt-in, specific purpose for you to personally contact them.
But what about adding the newfound email address to a mailing list via submission to fish-bowl? Did the person expect to be contacted with an automated email marketing drip campaign, sent from a ‘no-reply’ corporate email account? Probably not. Or did the person’s details on the business card expect them to be leaked to other 3rd parties to be targeted by ads or other promotions? Unlikely.
Privacy 1st Business Card Scanner
This is exactly where Folocard shines. Folocard does not:
- Send emails, it prepares drafts in your email app.
- Require an active server/internet connection in order to scan business cards or draft emails.
- Collect the business card image or details. The information is local to the app user’s device.
- Gather the email template data (template name, email subject or email body). This information is also local to the users’ device.
- See personal business intelligence on who / where / what you are
meeting / working on. - Share its aggregate insights.
Privacy by Design
Folocard does allow users to
This should serve as a warning to all business card scanner apps and users. Some paid and free business card scanner apps collect the details of the contacts uploaded to the apps in order to resell this data to 3rd parties. The notice for this is hidden in the Privacy Policies and Terms of Service (TOS) of the apps. The potential for leakage is apparent and in clear violation of GDPR articles.
Buyer Beware
Without naming names, there are several business card apps that utilize 3rd party server-side-based machine vision/text recognition solutions. This means the business cards you are scanning are sent to a different company to process the OCR and send the result back to the app. Furthermore, this means that you are sharing the contact information with another entity. This possibly means that the card scanner app you are using is also privy to sensitive data. However, they may still claim not to look at the Personal Identifiable Information (PII) they handle.
scanner apps are collecting massive business card databases…selling such datasets to 3rd parties
– Folocard
It has come to our attention that some free business card scanner apps are collecting massive business card databases both for creating future products/offerings within their apps or worse by selling such datasets to 3rd parties
In some cases, the business cards you scan into your app, are used to build personal profiles for the apps,
Therefore, buyer beware. Check that your business card scanner app is compliant with new data protection laws.
Excellent article. Keep posting such kind of info on your blog. Im really impressed by it.