GDPR- 'Knee Jerk' re-action, corporate vandalism or something else?

I was sad to hear that Wetherspoons have felt it necessary to delete their email database in the prelude to what are still unconfirmed rules about consent for marketing within the proposed GDPR legislation. I and over 300 others still await the response of the ICO to the consultation process that concluded on March 31st this year. I understand that their response is to be published in the 'summer' and seemingly that sounds like an 'Indian Summer' or Autumn? The reality is that only then can action be finally confirmed albeit with little time to put things right before the rules become law on 25th May 2018. In the interim, I suspect that GDPR will cause further 'knee jerk' reactions and or potential 'corporate vandalism' that are largely unnecessary as 'best practice' is confused with the law. At this moment in time the Privacy and Electronic Communication Regulation covers this area and when that was brought in back in 2003, I recall that business data was exempt and legacy data email data collected and evidenced as collected prior to that data was also exempt. Since then businesses and organisations have spent millions legally and correctly capturing and using data according to the guidance and the law. I accept that it is unlikely that there will be such exemptions this time for legacy data but we don't yet know and neither does the ICO who seemingly present 'best practice' as the law which it isn't. To be clear, I am not against the proposed changes and I both understand the need for greater privacy and the ideals of moving towards an interdependent position where organisation and 'data subject' respect each others rights and aim to help simplify that, but some of the perceptions at the moment are simply wrong. I am not a lawyer but as a marketer I have in the past been advised by the ICO on how to 're-permission' databases and how to communicate with data subjects without consent to marketing and have been supported by the ICO whilst doing that. I would also argue as a data user that data has other values and even if not used for communication, it has other significant uses and can in fact be used for marketing communication when the perception is that it can't. Last year, we had a project to untangle a database that delivered the bulk of the revenue for a business and recognising that the database itself didn't hold the evidence of consents that had been captured, they contacted the help desk at the ICO and they were told in no uncertain terms to stop marketing or risk fines! The reality was that over 2/3 of the data was correctly and legally collected, the standard of consent did indeed need to be improved to future proof for GDPR but it was legal to communicate to now and for the balance, remedial could be taken to gather good quality consents over time as customers transacted with them.

There is much that can be done during this period of change most of it can and should be done now to prepare for the future and recognising for example, that some data such as emails or phone numbers can't be used for marketing communications doesn't mean that it has to be deleted. I am from a pre-digital age in terms of data processing and I and my colleagues had to wrestle and work with imperfect and often varying data that are postal addresses where we perfected data matching techniques to enable the building of a single customer view when exact data such as mobile numbers and email addresses didn't exist. We still use those techniques today to augment 'exact matching' enabling us often to get better matches and de-duplication than would otherwise be the case. It would be simply wrong to discard what would be an 'exact matching' field of data that legitimately can be used for that purpose even if it can't be used for marketing. It is exactly the same as applying the TPS suppression file to a database of telephone numbers or I presume the Charity suppression file which was launched yesterday at long last. We would still be respecting the privacy of the customer by not intruding on them or using an acceptable means of communication. The article suggests that today's businesses use social media to communicate which we do too, which works brilliantly alongside other communications, but we also use 'identifiers' such as email addresses to help legitimately target audiences through social media and establish communications with prospective customers we don't yet know.

I have always been taught and believed that marketing is more science than 'art' and the last two decades have absolutely clarified that where due to the emergence of 'big data' the once poor relation in my industry 'Direct Marketing', has come to the forefront and led the way and is now known as 'Digital Marketing' which nobody understood when we talked about it over a decade ago. It will be a great shame if some of the building blocks of the digital age are wrongly discarded in what I think is the correct pursuit of a 'privacy respecting' interdependent data-centric marketing future.

by Rob Bielby, CEO, The Marketing Innovation Group