Are Marketers Finally Waking Up to the GDPR?
June 22, 2017 – Scott Meyer
They'd better - regulatory compliance is a marketing issue.
Marketers love consumers. Website visitors are the lifeblood of digital business. Create an outstanding user experience and the money comes rolling in. Seems pretty obvious.
But when it comes to the transparency about data collection (or profiling) that the EU’s General Data Protection Regulation requires, Marketers have been either a) ignoring it or b) thinking that the Privacy or the Security team has it covered. That’s a recipe for a big disaster.
The Marketing team has a huge impact on the user experience. The GDPR means a required, significant change in the site user experience. Is this something that should fall to the Privacy or Security teams? I’ve been wondering when the mainstream marketing press would wake up to this. It happened in the past week.
Recently, three insightful pieces have been published in the Wall Street Journal’s CMO Today, CMO.com and The Financial Times. If you are a marketer, this is the stuff that you should be reading already. So it’s about time these publications got into the GDPR discussion.
“With terms such as “legitimate interests,” “fundamental human rights,” and “necessary and proportionate measures” standing out within the pages of the General Data Protection Regulation (GDPR), there is an understandable temptation for boards to leave privacy measures in the hands of their legal and compliance teams. But compliance alone will not guarantee companies deliver their desired big data or CRM-driven commercial outcomes. The spirit of the new data laws is a simple one—providing more control, more transparency, and more meaningful choices for the consumers, in order to earn their trust. And who is best equipped to increase brand trust through consistent communications, experiences, and propositions? It’s the CMO…CMOs need to scrutinise technologies and adtech partners to ensure the mitigation of regulatory risk does not come at the expense of marketing capability.”
I couldn’t have said it better myself. And the WSJ picks up where CMO.com leaves off. They highlight marketing technology companies that are getting ahead of the GDPRs impact (this is a registration-required site, sorry folks): Advertisers Brace for Europe’s New Data Rules: Users browsing the internet will have to provide their consent every time they enter a website.
The piece has this great “Do’s and Don’ts” section:
THE DOS AND DON’TS OF THE NEW RULES
- Consent must be ‘freely given, specific, informed and unambiguous’
- Consent can’t be bundled with other written agreements
- Consent must be active; can’t be gained through inactivity or pre-ticked boxes
- Users can withdraw consent at any time and ask to have their data erased
- Users can’t be asked for consent to gain access to a service, in most cases
The story highlights actions being taken by several leading marketing tech firms: Appnexus, WPP, Havas and Acxiom (disclosure, all are clients/partners of ours at Evidon). Acxiom’s privacy officer in Europe, Sachiko Scheuing, sums it up best: “The key is really to show that you take accountability very seriously.”
Is this starting to hang together now? Now let’s look at The Financial Times piece (again, registration required): Businesses failing to prepare for EU rules on data protection: Companies must adopt more stringent processes for dealing with customer information. This piece illustrates the problems marketing is having with understanding where they fit into GDPR.
The quotable experts here are from Aon, the big French insurance broker, as well as several data management consultants. The most telling quote for me was from Liz Brandt, CEO of Ctrl-Shift. She said, “too many big businesses were treating the regulation as ‘either a nuisance or a terror’…They are moving too slowly to be ready for GDPR’s introduction or are viewing it as a tick-box compliance exercise.”
And there you have it – three pieces from well-regarded publications that are finally addressing the serious GDPR issues, and opportunities for marketing. The user experience is going to change in meaningful ways by next May. The leading marketers will see this as an opportunity. Their partners in Privacy and Security will love working with them. Their customers will win.
Those that don’t, well there are always those fines that start at €20 million and go up to 4% of global turnover…
Let’s keep the conversation going and let me know how we at Evidon can help you with your GDPR compliance journey. We make the most widely-used, patented, Consent and Monitoring solutions used by leading brands globally. Please follow me @scottmeyer, connect on LinkedIn or email me at scott at evidon dot com.