EUROPE: Data and tech governance for the connected retail sector 2. Retailers as tech operators

In the previous post we discussed how sound personal data governance will help retailers to seize the opportunities provided by digital transformation.

Retailers are aiming to grow globally, in part to offset the limited growth available in mature markets. Within such a wider perspective, governance should also address reputational risks with a holistic approach. Data governance should be linked to policies and procedures affecting specific business lines (including fraud, anti-money laundering sanctions, financial integrity and ethical sourcing), with adequate cross-business training programs.

In addition to traditional social media management policies, specific crisis management, incident response and investigations plans should be set out, to also mitigate class action risks.

In this new connected technology environment, retailers are also becoming “tech operators”. Partnerships with tech companies will have to be carefully devised, considering the role of all involved parties, including software developers, device manufacturers and connectivity providers.

Policies should also consider cybersecurity and contracting strategies, addressing cloud contracts, loss of data and responsibility for back-ups.

When dealing with connected devices and technologies, marketability standards have to be assessed: devices must meet the essential requirements and safety characteristics set out by the EU harmonization legislation, including for EU directives regulating radio frequency spectrum.

IPRs have to be carefully managed, including the underlying software policies and architectures. It should also be assessed which type (or portion) of open source software is used to ensure that there are no issues for future usages and that the same software is supported by an adequate community of developers (also for cybersecurity purposes).

Other intellectual property issues should be addressed, including copyright and/or patents infringements. In this respect, formal copyright assignments, prior patent searches and warranties from contributing developers are useful risk management practices.

The retail market is changing rapidly. A wide-ranging tech governance not only will allow grasping the benefit from the connected scenario, mitigating substantial risks, but also will help in fostering high quality services and protecting the image of the products being distributed, thus avoiding in certain cases unnecessary (vertical) restraints.

Let us know if you want to further discuss this topic!