Commissioned by ForgeRock
1 Executive Summary
The EU GDPR (General Data Protection Regulation), which becomes effective May 25th, 2018, will have massive impact on the way businesses interact with their customers and consumers. With the requirements it brings around consumer rights, such as the “right to be forgotten,” or the right to edit PII (Personally Identifiable Information) that is held by the business, and particularly with the requirements for gaining consent per purpose, it will affect the interaction between businesses and their customers.
Businesses must rethink which PII they collect and how they convince the customer and consumer[^1] of giving consent. In consequence, this might affect business models, but also leads to new opportunities for businesses, by building tighter relationships with their consumers.
To manage these relationships in compliance with the EU GDPR, organizations must change the way they manage consent and their overall consumer relations. CIAM (Consumer Identity & Access Management) moves to the forefront, delivering the interface and consistent management of consent and access to PII. The days of building apps, portals, and websites independently are past. Businesses must enter the age of centralized CIAM platforms, which deliver these services to all their current and new consumer interfaces that are built in the age of Digital Transformation.
Identity Platforms must scale for the vast number of customers and consumers that many organizations already have and allow for growth. They must provide the capabilities to manage, authenticate, and authorize access of customers and consumers in a multi-channel fashion, but also standardize the services that are required for GDPR compliance.
ForgeRock delivers such a platform, the ForgeRock Identity Platform. It delivers a broad set of capabilities for managing the identities and access of customers and consumers, with the scalability that is required for these use cases. Furthermore, and most importantly in the context of the EU GDPR, it delivers the foundation for regulatory compliance and creating the consumer interaction for the future.