What digital marketers need to know about the GDPR
As a Data Protection Officer, one of the most common questions I am often asked by our customers and at networking events is, what are the impacts of GDPR on Marketing?
Historically, the way we have obtained consent to personal information within digital and direct marketing has often been a grey area. The Data Protection Act 1998 was predicated around the Data Protection Directive (DPD), established well over 21 years ago. It could not have possibly predicted, or have catered for the digital age where big data has become big business. The premise of organisations getting as much data as they can, then figuring out how to process, profile and analyse that data in order to get as much value out of it has been marketing best practise for some time. Marketers have also invented clever ways to obtain your personal…
Flybe and Honda are fined £83,000 for breaking data rules
The EU's General Data Protection Regulation (GDPR) is coming into effect in May 2018 and businesses have to prepare for this new rigorous regulation. Because of this, companies are beginning to panic and the Information Commissioner's Office (ICO) will not tolerate misuse of people's personal information. These two examples of email reactivation campaigns attracting fines is a warning to all businesses since this is a tactic which is commonly used by marketers to re-engage inactive email subscribers using the techniques in our best practices guide to e-mail engagement.
In August 2016, Flybe sent emails with the subject line, "Are your details correct?" to over 3.3 million people in their database, who had previously opted out of marketing emails. The ICO have now fined the airline £70,000 for breaking the Privacy and Electronic Communication Regulations (PECR) - read enforcement notice and fine details.
Be alert to the danger of new government Digital Economy bill
Its hard to believe, but digital marketing may be at its most critical point to date. Day-to-day it continues selling services and products, and maintaining purchasing loyalty while many of those involved are unaware of why a government bill could change everything forever.
The act is nearing its final phase of Westminster consideration before Royal Assent is the Digital Economy Bill, and the element of danger in what is wide and far reaching legislation is a section that instructs the Information Commissioners Office to produce new direct marketing guidelines, which incorporates anything to do with consumer data relating to digital marketing.
This in itself may seem fairly innocuous until the background is considered. The ICO will be instructed to produce new recommendations for ministers to consider. But it knows and understands acutely that the…
Every B2B marketer's holy PECR is on the chopping block
So, you thought the Privacy and Electronics Communications Regulations, your precious PECR, was going to save you from the new ePrivacy rules. Unfortunately not. The PECR appears to be on the chopping block and there is only one way it is going: to fall in line with the new EU General Data Protection Regulations.
"Oh!" I hear you cry. "But I didn't listen to the GDPR changes because I assumed it didn't apply to B2B marketers!"
Well, I have good news and bad news for you. Let's start with the good news, shall we? You've got the rest of this year and until 25th May 2018 to make sure your marketing data does comply with the GDPR. There are 17 months between now and then, giving you plenty of time to make sure that anyone on your email mailing lists has given you…
Digital Economy Bill update: New Marketing Code Sanctioned By Commons Committee
The Committee stage of the Digital Economy Bill has passed with a change to the Data Protection Act 1998. The key consideration is that the Information Commissioners Office is being given powers to put forward rules for a new direct marketing code that will apply to relevant areas of digital marketing.
The significant element of the act will be the instruction to the ICO to prepare a code that includes practical guidance in accordance with the Data Protection and Privacy and Electronic Communications Acts, plus introduce any other appropriate measures necessary to promote good practice.
The act gives the ICO a broad remit to put forward new rules, but must take into account the views of trade associations, members of the public and bodies that represent members of the public.
The EU's GDPR law requires compliance by 2018. Even with Brexit predicted to occur in 2019 or after, it can't be ignored.
Last month, I woke up in the blissful world of B2B marketing. I could create campaigns, upload my purchased data lists, segment them as appropriate and set up my lead nurturing series to send. Then it happened. That thud that resounded throughout my perfect little marketing world and shattered that blissful bubble. The judges hammer as the EU General Data Protection Regulation was put into force.
It has taken me a while to come to terms with what the EU GDPR means for my marketing. Below is an account from my marketing journal through this year, with the questions that kept me awake at night, and the answers I discovered along the way. I hope you find it useful!
29th April 2016
So, I've just heard about the EU GDPR. I…
With GDPR on hold because of Brexit, new UK legislation is set to come into force
With the UK's Brexit vote, the adoption and implementation of the proposed European General Data Protection Regulation (GDPR) is now seeming less likely. In this briefing, I will cover the latest announcements and explain about new legislation that UK marketers will need to be aware of that will influence future rules governing the use of consumer data.
Parliament has now approved the first reading of the Digital Economy Bill that will instruct the Information Commissioner to prepare a code of practice on direct marketing with a clear instruction that relevant parties from within the direct marketing industry must be consulted.
In addition, Minister of State at the Department of Business Energy and Industrial Strategy, Baroness Neville Rolfe, has called for contributions in shaping the future of regulation by declaring…
12 steps to becoming GDPR compliant
On the 25th of May, 2016, the GDPR became law. The multitude of provisions to protect users privacy are a bit of a legal minefield for marketers, who are always hungry to use customer data where ever possible so they can better target customers with propositions. Given its importance, we have shared much advice from legal specialists on the Implications of the GDPR for marketing in UK and Europe.
In this post we're alerting you to the opinion that matters most in the UK - that of the Information Commissioner's Office who is responsible for implementing GDPR in the UK. In this new guidance of implementing the GDPR in the UK the ICO provides more information to help companies become GDPR compliant over the next few months, so make sure to utilise the resources they produce to help your business.
The good news is lawmakers have given businesses a full…
An update on the announcement of the new 'Privacy Shield' which means that transatlantic data transfers could be suspended
Importance: [rating=5] (For International marketers and customer data managers)
Recommended source: EU Press release rejecting the Privacy Shield
31 May 2016 update: Just when it looked like the EU and US were starting to see eye to eye on privacy, or at least the need for a deal, things changed and suddenly the deal is looking less likely. Yesterday Giovanni Buttarelli, the European data protection supervisor, said in a press release that the new privacy shield is "not robust enough" and needed significant improvements.
You can read his comments from his press release below:
"I appreciate the efforts made to develop a solution to replace Safe Harbour but the Privacy Shield as it stands is not robust enough to withstand future legal scrutiny…
A 3 layer compliance model you can use to check that you're ready for the GDPR Countdown
When it comes to European data protection, things are changing faster than ever! The countdown has officially started for the GDPR (General Data Protection Regulation), with this coming into force on 25 May 2018. This will bring in greater protection for consumers, giving them more control over how their personal information is collected, stored, shared and used.
In the UK, the ICO will be stronger in their enforcement of the GDPR, meaning marketers will need to ensure they comply with the laws before the deadline date. What many companies fail to realise is that collecting consumer information for email marketing campaigns in particular is valuable, however it’s easy for this information to be neglected. One area where companies can, and are, abusing the value of data is within their deployment of privacy information…