Regardless of where your business is physically located, if your sales and marketing efforts target people resident in the European Union you're (hopefully) already aware of the EU's General Data Protection Regulation, or GDPR, and its implications for your business.
If you've read any of the scare stories over the past few months, you could be excused for thinking business owners across the globe are collectively soiling their Calvins about the implications of GDPR, which comes into effect from May 25th, 2018. As with most legalization, the facts about GDPR are less terrifying than the clickbait would have you believe.
But GDPR is not some tech-centric regulation compliance mumbo-jumbo to be palmed-off to the IT department to deal with (and blame when the excrement hits the air-conditioner). GDPR isn't like having a cookie disclaimer on your website. Depending on your particular business, it could be a pretty big deal. However I'm not going to go into the weeds about how GDPR may impact your own internal business processes or governance structures. There's plenty of information online outlining the implications and obligations to businesses whether they're startups, small businesses, or mega-multinationals.
What I'm interested in is how GDPR affects business marketing – for better or worse.
Why Do We Need GDPR? Because Of Crappy Marketers
The vast majority of GDPR concerns the way companies use, protect, store, and keep personal customer data. Not only does it fundamentally change what marketers can and cannot do with data, but it will penalize companies that misuse that information. Oh, and we're talking about pretty sizable penalties here – up to €20 million (around $23 million) or 4% of a company's annual turnover (whichever is the greater) in extreme cases.
So how did we get here? Why do we need the GDPR? The answer is simple: Because of all of us having to deal with crappy marketers doing crappy marketing for the past decade or so.
Today's model of evermore intrusive online tracking, surveillance marketing (euphemistically referred to as "retargeting"), programmatic advertising, etc. is unsustainable in the long term, and just plain creepy in the short term. Marketers are abusing consumer rights of privacy on a daily basis, and vendors of adtech-driven systems are just plain lying to their customers about the reach and effectiveness of their ads. With all this shenanigans going on it's little wonder that the use of browser Adblockers grew globally by 30% in 2016, and today are installed on over 600 million devices worldwide.
But such tracking mechanisms aren't just used to show me Amazon ads when I'm on Facebook. They can be used against democratic societies by nefarious organizations. User tracking data has been used to influence voter behaviors and – yes – even opinions by malevolent politicians and even governments.
That's why we need the GDPR, as well as legislation like it.
With GDPR in place, any consumer resident in the European Union has the right to request a copy of the data any organization holds on them. Not only that, but they have the right to amend that data, and even delete it. Any business sending marketing messages to EU individuals needs to prove receipt of explicit consent that they can use the data for marketing purposes. Consumers are able to revoke this consent as easily as they give it, and can do so whenever they want.
GDPR Is An Attempt To Win Back Trust
Depending on how and to whom you're selling your wares, this is either really really good news or really really bad news. It may mean the creation of a user data governance procedure and the implementation of marketing technology supporting a clean, transparent data management infrastructure. A data management policy is no longer one of a list of things that's 'nice to have'. It's become a legal requirement. Remember, if you're targeting individuals in the EU all of this applies irrespective of where your business is located.
So what's the flip-side of the coin? By having all of this data open, harmonized, and accessible to the appropriate people offers the possibility of a whole new level of next-gen marketing tech innovations. The opportunity for marketers to deliver better, more timely, relevant, and personalized messages and content to their audiences; while having access to deeper insights to the impact of those campaigns.
At this point you may be getting a touch of déja-vu. "Hang on a minute," you may say. "Isn't the marketing industry already doing this kind of thing?" Well, the honest ones are. With GDPR, the dodgy ones are now forced to join the party. As a result, the relationship of trust between brand and customer will increase – since it has nowhere else to go – to the ultimate benefit of both vendors and consumers. Yes, GDPR is there to prevent unscrupulous businesses abusing customer data. But it also enables organizations to better understand the data they have, treat it with the care and diligence it warrants, as well as manage it more effectively to help identify new marketing and business opportunities. GDPR is, in effect, creating a de facto worldwide standard for consumer data protection. Which can only be a good thing, right?
GDPR Put The Consumer (Back) In Control
With users having the ultimate say in how their data is used, the quality and relevance of marketing campaigns will have no choice but to improve. The consumer is (back) in control. Blanket email blasts using rented third-party data and poorly-considered retargeting campaigns will be swiftly punished by consumers exercising their new data rights. Consumers are more likely to accept better, more targeted, more relevant marketing messages if they know they can turn the tap off quickly and easily if they wish.
GDPR Is An Opportunity for Marketers To Do It Better
The adoption of new marketing technologies and innovations is just a small part of what GDPR promises. The lines of responsibility between Sales and Marketing may need to be redrawn. Many business will be forced to go back to the drawing-board regarding strategy, communications, measurement metrics, and big data analysis. For businesses of every shape and size, GDPR provides perhaps the single biggest opportunity to improve marketing performance since the introduction of broadband internet.