The Hardest Part About GDPR Isn’t What You Think
This is the start of something big, and the end of selling bald men unnecessary combs. Let me explain…
May 25th, 2018 is being heralded as marketing’s “High Noon” or our collective Zero Hour as we approach the deadline for the General Data Protection Regulation measures for contacts in the European Union. GDPR affects not only European companies but any business around the world that does business in the EU, requiring organizations to process personalp data against a set of new criteria.
According to recent Marketo research, as of four weeks before the deadline, only 28% of businesses considered themselves fully compliant, while a further 47% were confident that they’d be on track to be compliant by the deadline. It’s been a race to the finish line.
If you’re on the course, I recommend a number of resources from my colleagues at Marketo on how to understand and take action on GDPR—including a practical guide, on-demand webinar, and series of blog posts. But, beyond the technical and tactical considerations of this important legislation, I fear that along the way we’ve lost sight its true meaning for the marketing industry.
Much, if not most of the conversation around GDPR has and remains focused on the principles that address how Personal Data is being processed; Lawfulness, Fairness & Transparency, Purpose Limitation, Data Minimization, Accuracy, Storage Limitation, and Integrity and Confidentiality. However, in Article 5 of GDPR, in the second paragraph, is a line that states “the controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 (‘accountability’).”
This Accountability Principle, in my opinion, is the most challenging part of GDPR for marketing. I suspect that most of us didn’t choose marketing as a career because of our love of process, documentation and other very left-brain activities. However, when it comes to the handling and use of personal data, these are the skills we need to succeed. GDPR is going to require a cultural change, and that is hardest of all. As humans, we’re remarkably resistant to change – ask anyone who has given up an ingrained habit.
GDPR Holds Us Accountable to Higher Standards
Many of us receive as much irrelevant and unsolicited email in our work inboxes as our personal inboxes. The key words here are irrelevant and unsolicited. As marketers, we should be MOST concerned about irrelevance, the very nature of which flies in the face of our charter to communicate with the right person, at the right time, with the right message. Irrelevant content is the #1 reason consumers won’t engage with brands.
After all, you wouldn’t try to sell a comb to a bald man, right?
Unsolicited email is at the heart of GDPR. We need to seek permission and then stay within the bounds of the purpose for which consent was given. No nasty surprises. We’ve all experienced this as consumers, opting into a product we have a genuine interest in, then bombarded by irrelevant or unhelpful promotions until we opt-out.
GDPR—and other legislation around the world—looks to hold us accountable to higher standards in all aspects of digital communications, especially in how we profile our prospects and customers. It’s certainly had an impact on marketing teams, upending some marketing functions, and causing varying levels of confusion and confidence issues – but more importantly, it’s created a clear inflection point for marketing teams.
Marketing Is at a Crossroads
Our research study revealed two cultures emerging among the organizations we surveyed—those with a marketing-first culture, and those which are legal first.
High-performing marketing teams have moved beyond compliance (legal-first) to truly adopt a marketing-first mindset. They’ve shifted their priorities towards customer experience, customer insight, reducing email volumes, removal of cold leads, and similar with 34% having already made these changes.
As you sit at this same crossroads within your own organization, it’s important to note that those companies with a marketing-first culture are thriving. Within these teams, GDPR is driving business transformation, as executives report generally positive feelings about the upcoming data privacy legislation. Nearly a third are already boasting full GDPR compliance (32% according to our study.)
Tactically, this means it’s time to put the days of “buying a list and sending some email” behind you—we’ve all had this request and it’s a waste of time and money. We’re better than that. Put value (to the consumer) over volume (of impressions, emails, ads, etc) and don’t allow a heavy focus on compliance to weaken your CX efforts.
The Consumer Confidence Dilemma
Compounding the issue is a conflict between our confidence as marketers and our consumers’ wariness.
Buyers are increasingly skeptical about businesses storing their data, and trust issues are widespread. 75% in our study cited concern about the extent or personal information companies might have access to. A significant proportion of consumers are unlikely to share their personal information, even if they knew organizations would use it to send tailored, relevant offers.
This is in stark contrast with the confidence exhibited by businesses.
In this environment, businesses that lack an intelligent nurture program and a marketing-first and GDPR compliant culture will inevitably lose access to customers—many of whom have no idea what the GDPR is (only 40% of respondents citing a good understanding) but know that they can opt out of marketing communications.
These consumers will get very picky about sharing their data within the next five years. To earn their trust, brands must use consumer data to delight and create value, and ONLY THEN will they be entrusted with that information.
Post-GDPR, What to Do
More than anything, GDPR is a reminder of core best practices for all marketers. To move beyond compliance, and adopt a marketing-first mindset, focus on the decisions that enable relevant marketing in the first place: Clean contact lists, an improved nurture process, less cold leads and increased resources in turning qualified leads into customers.
In a post-GDPR world, businesses with an intelligent engagement and nurture process are much more likely to gain and retain customer attention than those who opt for a blanket, unstructured ‘get as big a contact list as possible’ approach. That antiquated approach runs afoul of buyers, and now, the law.
For additional information about GDPR compliance, please visit marketo.com/GDPR. What preparations have you done for GDPR? Tell me about them in the comments.