The GDPR became law yesterday... and nobody cared

The GDPR became law yesterday… and nobody cared

Research by the Direct Marketing Association (DMA) shows that almost half of marketing executives have basic or no awareness of the General Data Protection Regulation (GDPR). If our own industry does not care, how can we expect the media or public to give this subject any of their time?

There really is no excuse for marketing executives to not have a full understanding of the GDPR, the DMA launched their dedicated website and have given the subject plenty of coverage. It will impact how you gain marketing consent and process/profile customer data, with “eye-watering” fines if you fail to comply.

I think part of the problem is that many marketing executives are focussed on short-term goals, both the sales department and Boardroom are pressuring them about this months sales leads and this quarter’s financial figures – a new law that does not hurt until 2018 gets little of their headspace.

I’ve even heard some marketers say they will not take action until the vote on UK membership of the EU – as if leaving the EU will change things (it won’t, you will still be bound by the law if you sell to EU citizens and our Data Protection Act needs updating anyway).

Yet, if the average CRM contains 100,000 records it will be a mammoth task to ensure they are all compliant with the new law in 24 months – and there is currently no answer to the question of ‘grandfather rights’ on data you already hold.

I’ve been preparing for the GDPR since 2012 and taken a ‘worst case scenario’ viewpoint. We have a multi-channel programme specifically to gain marketing consent and will have a new CRM by December 2016 that can accommodate the new rules on profiling. I am now the Data Protection Officer for my company and have a bite-sized training programme on data that is delivered to all staff every quarter… every year.

The media may not have woken up to the GDPR, but marketing professionals need to up their game – or get nightmares in 2018 no matter what firm they are working for.


This post is part of a series about the General Data Protection Regulation; the full list of posts include ‘How Brexit impacts marketing data in the UK‘ | ‘3 tips: Steal my GDPR plan‘ | ‘The GDPR became law yesterday… and nobody cared‘ | ‘Get ready for Data Protection ambulance chasers‘ | ‘10 Must-know facts about the new EU data law‘ | ‘Want prospects to opt-in? Call them‘ | ‘You don’t need ‘opt-in’ to store a switchboard number‘ | ‘What can these guys teach you about opt-in marketing?‘ | ‘How content marketing will change after 2018‘ | ‘Winning Edge: Counter a direct threat


Leave a Reply

Time limit is exhausted. Please reload CAPTCHA.