We are now just days away from the compulsory implementation date of the General Data Protection Regulation (GDPR), a sweeping overhaul of European data privacy law designed to better protect customer data. After 25th May - the date GDPR comes into force – the way companies collect, store and use personal data will be forever altered; non-compliance could lead to eye-watering fines (up to 20 million euros or 4% of annual turnover, whichever is greater). This won’t just affect those businesses operating within the EU – any business handling fthe data of EU citizens is liable if there’s a breach or non-compliance.
The scale of fines associated with non-compliance with upcoming GDPR regulation has turned the spotlight onto the marketing function of businesses large and small. CEOs and SME-owners are taking a closer look at what marketing teams really do, which is a good thing for those of us working in marketing and communications roles!
In a blog post last year about the implementation of the FX Global Code, my colleague Martina said this;
‘Marketing and PR, like many other industries, relies on a mostly principles-led approach to self-governance. But is this the most effective way to uphold standards or does the sector need regulation with a few more teeth?’
Clearly, the GDPR regulation has teeth, although it will be interesting to see how it is enforced, particularly in relation to a GDPR transgressor based outside the EU. The regulation is also timely given the spate of recent high-profile data-protection issues (Facebook / Cambridge Analytica, Twitter et al.).
As the expression often used between software developers goes, ‘garbage in, garbage out’ and GDPR is a is a real opportunity for companies to reassess the data they hold and determine if it is good….or ‘garbage’!
Just look at the stats on the effect bad data quality can have on businesses ;
Certainly, becoming GDPR compliant will have costs, but this is short-term, and soon both consumers and companies will be enjoying the results of a more transparent, efficient data economy.
Despite GDPR and the focus on what data companies have on file, I think the biggest issue around data is actually the profile of customers some companies are building from it. For example, the introduction of GDPR is heralding an era of increased vigilance in Europe, but in the US last year legislation was signed enabling internet service providers (ISPs) to share or sell web browsing history and other sensitive information such as the websites customers visit, the apps they use, how long for, and even their geo-tracking! This information is of course, extremely revealing!
Data relating to how you think is deemed to be your intellectual property and Mark Getty, grandson of famed oil-man J Paul Getty, and founder of Getty Images said in 2000 ;
“Intellectual property is the oil of the 21st century. Look at the richest men a hundred years ago: they all made their money extracting natural resources or moving them around. All today's richest men have made their money out of intellectual property.”
Today, the world’s five most valuable listed firms deal in data; Alphabet (Google’s parent company), Amazon, Apple, Facebook, Microsoft.
But let’s not forget why companies want your data and to build a profile of you; because it makes selling to you easier, and more efficient. Your online activity provides useful insight into what kind of person you are, and how best to market to you, whether they’re selling holidays, furniture or political candidates. Take this example from US retailer Target, back in 2012.
Target’s customer tracking software identified 25 products that when purchased together indicated a woman was likely pregnant. Target could then send coupons to the pregnant woman at an expensive and habit-forming period of her life. A father in Michigan complained to Target about them sending his teenage daughter coupons for baby clothes, only to subsequently find out what they already knew - his daughter was pregnant.
Of course, customer tracking isn’t all bad, and when it works, provides a useful and positive customer experience, as long as the customer is aware, and the data collector and controller has been transparent about how the customer’s data will be used.
Hearing about offers from brands or companies you value is great, (and relies heavily on the marketing automation software running in the background), but without human marketers implementing common-sense checks (that they’re only sending coupons to women within an age bracket, for example!), companies risk offending customers by relying too heavily on the relevance of their data and automation. There is an analogy to be made between marketing departments and driverless cars. As quoted from sciencemag.org:
"It is true that self-driving cars don’t get tired, angry, frustrated or drunk. But neither can they yet react to uncertain and ambiguous situations with the same skill or anticipation of an attentive human driver, which suggests that perhaps the two still need to work together."
As marketers we must focus our attention on using best practice and strategy to deliver great campaigns, or marketing automation risks becoming like a driverless car, which do not ‘possess the foresight to avoid potential peril: They largely drive from moment to moment, rather than thinking ahead to possible events literally down the road’.