By Jon Cano-Lopez
So, it is 184 days – or six months if you prefer – since The General Data Protection Regulation – aka GDPR – became enforceable.
In the run up to the enforcement date – and in the months following – there has continued to be a huge amount of uncertainty and misinformation around GDPR and in some cases some down-right panic mongering. The avalanche of re-permissioning messages in the weeks preceding May 25th was testament to a prevalence of some database damaging advice.
One data protection lawyer we know likened it to watching lemmings throwing themselves off a cliff!
However, despite the hysteria and here-say the threatened “GDPR data apocalypse” has not materialised. And as we reflect on 2018 and the period since “GDPR day” here are some reasons to be cheerful…
Embracing the spirit of GDPR
REaD Group have been consistent in our view that GDPR is a good thing for consumers – and for business.
And six months on, our view has not changed. In fact, we are even more confident that embracing the principles of the GDPR will only enhance direct marketing – increasing transparency and trust and leading to more positive, long term and profitable relationships between consumers and brands.
The Regulations are not about catching out businesses (who are doing the right thing!). They are about the enforcement of practices that should be in place anyway. Keeping your customers and their rights, privacy and preferences at the heart of your business and being transparent in how you are processing personal data will not only help to protect you from the risk of fines but also enhance your brand reputation, value and relationships. Ultimately, if you are doing things right, it will be reflected in your bottom line.
The Data Economy is thriving
And although the reference to data being the “new oil” has been somewhat over-used, there is truth in the concept. Projections from European Data Market Study for the growth of data economy are extremely positive, with the value of the data economy in Europe projected to be worth €739 billion by 2020.
The rise of the CDO!
Gartner have predicted that through 2019, 90% of large organizations will have hired a CDO.
Another indicator of the growing importance of data is the rise of the Chief Data Officer (CDO) – elevating data strategy to Board level. The appointment of a CDO in many organisations – and across diverse industries – indicates a growing recognition of data as a driver of value and competitive advantage. Data driven decisioning is increasingly becoming a business imperative.
Results from the latest IPA Bellwether Report also provide cause for cautious optimism, with total marketing budgets revised higher during the third quarter of 2018, extending the current period of growth to six years.
After an initial period of post-GDPR caution and inertia, there has been some signs of resurgence for direct marketing, with many businesses successfully utilising third party data and direct mail for acquisition marketing campaigns under the Legitimate Interest basis.
The industry view is also optimistic. In independently conducted research, over 78% of direct brands asked have projected equivalent or an increase in spend on data driven marketing.
Third party data – use it responsibly and reap the rewards
Well, we have been saying this for some time, but to borrow from the recently published DMA advice: Using third party data under the GDPR.
“There is nothing in the GDPR that prohibits the use of third-party data provided that it is undertaken in the right way, with the appropriate safe guards.”
The message is clear – and provides much needed clarity for marketers. The direct marketing industry should have the confidence and conviction to continue to use responsibly sourced and permissioned third party data to optimise the quality and value of their data and data strategy.
Plus, new ways of utilising open source data have provided more opportunities to target direct marketing to addresses – using postcode level data to send partiality addressed mail.
GDPR data quality obligations – don’t bury your head in the sand!
There is a growing realisation that the data quality obligations introduced by GDPR cannot be ignored. Article 5.1 (d) is clear – reasonable and demonstrable efforts must be made to keep all personal data held and processed by a business clean and up to date -or deleted.
Our independent survey indicated those who utilise data quality services appreciate “not having to worry about the accuracy of contact lists when launching marketing campaigns”.
And data quality is now being seen as a ‘must do’ to ensure compliance with GDPR, minimise wasted communications and limit potential reputational damage.
Rapid innovation in technology is also impacting positively on data driven marketing – with developments in DaaS, AI and machine learning delivering even greater opportunities for data optimisation, enrichment and real-time interaction.
Key take aways from the last six months? Businesses and marketers should see GDPR as an opportunity to be more responsible and accountable, to get their data and data strategy in order – get it right and the future is bright!
By Scott Logie, MD, Insight at REaD Group
At our recent GDPR briefing, a mere 3 days before May 25th, we asked those attending to sum up their final thoughts and feelings on the new regulation in 1 to 4 words. Needless to say, we received quite a range of responses! Many were whole-heartedly optimistic – ‘About Time Too!’, ‘An Opportunity’ while another begrudgingly conceded that it was a ‘necessary evil’. And one (we certainly hope they were being tongue in cheek!) simply labelled it ‘a pain in the a**e!’ – GDPR has been labelled as the 4 letter word.
‘Necessary’ seems like a very appropriate word. GDPR’s predecessor (the Data Protection Act) was introduced in 1988 – long before much of the technology involved in today’s marketing practices had been developed and before the amount of contactable data available exploded! Analogue legislation for a digital world.
There is no doubt that the last two years plus spent preparing for GDPR have been a challenging period for many. Particularly smaller companies who have more limited resources to ensure that they meet all of the new regulation’s requirements (of which there are quite a few).
Don’t give up!
Those who find themselves still just short of readiness, now that we are on the other side of the deadline, should not fall into utter despair just yet. To quote some sage advice from Hannah Crowther of renowned law firm, Bristows LLP – as long as you can clearly evidence that you are working towards adhering to the new Regulation (but haven’t quite crossed every ‘t’ and dotted every ‘i’), it is extremely unlikely that the ICO will come a-knocking. Information Commissioner, Elizabeth Denham, has been quite clear that they would rather use the carrot than the stick!
However, those who consider themselves to be ‘GDPR ready’ should not be taking their foot off the pedal – far from it! As a regulation, GDPR demands ongoing compliance which is no small task. Undoubtedly, once you have the proper systems and procedures in place and they have been adopted into company culture, this task should only become easier.
A ‘New Challenge’
While some are concerned that GDPR signals an end to marketing practice as we know it, this is hardly a bad thing! ‘Inbox bombing’ has become widespread practice over the last few years, to the extent that consumers have definitely become desensitised to email offers.
Marketing will not cease to exist now that GDPR is law, it will simply require some refinement and a change in approach – as well as a renewed focus on the consumer. There will certainly be a substantial dip in terms of contactable individuals initially, as companies determine which legal bases they intend to process data under.
Nevertheless, by using data intelligently to understand your customer base and utilising techniques such as segmentation and modelling, marketers will be able to offer consumers more personalised communications that they are actually interested in receiving. A ‘new challenge’ as one attendee aptly described it.
What is more, GDPR champions openness and transparency – consumers that are being contacted should now actually EXPECT to receive these communications.
Another word to crop up was simply the word ‘consent’. Truth be told this has been the main concern for the majority of marketers since GDPR was first incepted – and the media furore has hardly helped matters. However, in the FIRST statement of the ICO’s recent consent guidance it clearly says:
“The GDPR sets a high standard for consent. But you often won’t need consent. If consent is difficult, look for a different lawful basis.”
Don’t forget that there are five other legal bases for processing data, and in many instances consent may not be the right one to use. When it comes to honing your marketing strategy under the new legislation, it seems as though Legitimate Interest is in many cases the most obvious and appropriate for contacting prospective customers.
Mail has been found to be a much more trustworthy and tangible form of communication for consumers – and much more likely to yield a positive response. Furthermore it is a channel that has a much greater scope for creativity, as opposed to email which can be limiting, presenting an opportunity to create some truly engaging campaigns.
While our word collection was a fun exercise aimed at providing some levity before the big deadline, it was reassuring to see that so many people seem to appreciate GDPR as an opportunity and a change for the better. Regardless of people’s opinions towards GDPR, the fact remains that it is now LAW – no ifs, ands or buts!
See the full list of people’s GDPR words in the video below: