The EU's General Data Protection Regulation (GDPR) is coming on the 25th May 2018 - so how will
I had a look at some of the things I’d been working on recently and realised that between a couple of White Papers, a strategy doc and a brief on the upcoming EU General Data Protection Regulation, they all had one thing in common. Everything came across as if it had been drafted by the most cynical, doom mongering, dilapidated crone ever to have put gnarled fingers to keyboard.
It was a little disturbing at first - that was until I remembered that I had a birthday coming up, and not one of the hallmark ones. I was to turn 41, which meant very little to me, to be honest. I ramble more and party less – totally normal degradation, apparently.
In my mind, I was turning just ever so slightly more boring. Thus, not a huge amount to celebrate. 41st birthdays are, I’ve decided, crap.
While ‘42’ may well be the meaning of life, there is nothing remotely special about turning forty one. Maybe I do complain that Grime sounds a little like a posse of angry, Fanta-filled children trying to talk over each other and that I’ve found more meaning in my morning constitutional than anything ever said by the Kardashian clan.
But who cares what I think? Not advertisers, obviously. They’re far too busy trying to corrupt young minds, dodge taxes and exploit meaningless trends with Dank Memes™.
I seem to hold very little interest for them whatsoever.
I’ve migrated from ‘…aspirational single, mid-twenties drinker-smoker with a dodgy credit rating and a tendency for fiscal frivolity’ via ‘…no kids, self-centred thirties, travelling consumer’ and popped out into, well, what can only be described as a demographic segment Dead Zone.
I can only assume that Google’s data mine (which I like to imagine as a cross between Spectre’s HQ and a dilapidated Olympic velodrome somewhere under Iceland) has me pinned as ‘early forties spendthrift. Decent earner, doesn’t do much, marketing cynic and loser’ or something similar. This was proven on my birthday when I received precisely one targeted email.
Step forward Young’s Pub Group, specifically the Leather Bottle Pub in Earlsfield.
They emailed to offer me a free birthday pint. And one for my wife so I didn’t have to blow off the froth on my own. Targeted, appropriate, concise and well received. That’s good CRM right there.
Now, I understand that I received so few sell-o-grams on my birthday largely because I’ve opted out of everything, so apologies to Amazon, Capital One and Snotfox (Sorry, old habit - Foxtons) who I imagine have been trying valiantly to negotiate their way around my spam filter for a while now. However come the 25th of May and these efforts will be even more hindered with the introduction of The EU General Data Protection Regulation.
GDPR is designed to enhance the rights of consumers and how their personal data is used by businesses. It’ll do this by penalising companies that break the rules. Those that send emails without appropriate permissions will come a cropper, according to the Information Commissioners Office (ICO) an independent UK authority that upholds and enforces information rights in the UK public’s interest. The proposed fines for slow coaches and rule breakers alike is purported to be up to four percent of turnover.
If you’re a brand owner and you haven’t got yourself set up for the godamned privacy rules yet, it’s not too late (although someone, somewhere in your organisation should start washing their interview pants if that’s the case - it’s been coming for a while). There are a thousand and one consultancies just a Google search away that are itching to take your panic budget and teach you something you could find for free on the ICO site here.
Having had a sniff around, one thing became abundantly clear. For all the advice and scaremongering available to businesses, I couldn’t for the life of me work out what a consumer was meant to do if they received a non-solicited email that breached GDPR on the 26th of May.
I dropped a mail to the ICO to find out – and oddly enough their auto-reply was a font of useful knowledge, with invaluable GDPR guidance under headlines such as:-
If you have raised a new information rights concern
If you have requested advice
If you have reported receiving spam email
I found this a little odd. Surely the entire purpose of GDPR is to benefit consumers and give them more control over who has access to their data and how they are communicated to. With something as impactful as GPDR that effects every adult in Europe outside a couple of Greek goatherds, you’d have thought the biggest source of breach reporting, namely these very consumers, would have reams of websites outlining how they benefit from GDPR and what they need to do if they see something fishy.
But no – this advice has been ferreted away on the ICO site here alongside a handy 12 step guide to compliance & free self-assessment toolkit (Sorry not sorry, pricey consultancies – you’ve always got Brexit paranoia packages to sell next year).
The site has seen an increase in traffic over the past six months with a spike between January 2018 (1.15 million visits) and March (1.5 million visits) as you might expect for pan-European consumer regulation on the cusp of becoming mandatory. So some folk are up to speed, but when you consider that property porn dream crusher Rightmove had 141 million visits in January, it’s not as many as you’d expect.
Maybe I’m jumping the gun. There might be an all-singing ad campaign in the post for May and Euro-consumers will have their ‘right to complain’ opportunities laid out for them in gleaming technicolour by Trevor McDonald, Emily Maitliss or an equivalent trusted broadcaster of public service repute.
If there’s not, there should be – because like it or not GDPR is coming. It’s not only beneficial for the ethical wellbeing of the marketing industry but more importantly an essential weapon in the consumer’s dwindling arsenal – even if they don’t know it yet.