Get your own Little Black Book.

Build your own personal news stream. Discover the latest work created that interests you, share your favourite stories and follow your favourite people and companies

Already have an account?

The Influencers

Is GDPR the Next Millennium Bug?

INFLUENCER: The APA's Steve Davies offers his thoughts on the incoming General Data Protection Regulations

Is GDPR the Next Millennium Bug?

Today we published two documents for APA members - a checklist and a simple GDPR Policy which they can adopt and use - that are sufficient to ensure that they meet their GDPR obligations.

GDPR - the General Data Protection Regulations - become law on 25th May. They regulate how businesses can keep and use data, such as email addresses and account details.

The regulations have prompted hysteria - some from law firms and conference companies who hope to profit from giving advice. It’s in danger of becoming the new Millennium Bug. Massive fines are the threat - except they aren’t in reality - and the answer is to appoint a Data Protection Officer and introduce a raft of policies that mean that a considerable amount of your resources as a business would be devoted to compliance - except that you don’t. You need consent to send someone a marketing email is another common misguidance.

Let’s look at the purpose of GDPR - it is to try and bring companies like Amazon, Google and Facebook under control, to stop data being misused. It isn’t aimed at business conducting business in a responsible way, seeking to sell their services to companies who might be interested in buying them.

Plus it is monitored only by complaint - how could it be otherwise, we have 4.9 million business in the UK, the Information Commissioner's Office (ICO) of government only has 500 staff. Is someone you send a marketing email to likely to complain to them? It is very unlikely. Of course, you should, as per our guidelines, give a recipient the chance to opt of marketing emails.

The complaints that are likely to be made and the ones the ICO will pursue will be against companies who persistently email people randomly, with products they aren’t interested in and despite the recipient unsubcribing.

You don’t need someone’s consent to send them a marketing email. Consent is just one of the categories of people you are permitted to email. The most important for anyone doing marketing of their services is the 'legitimate interest' category. So as a production company, you can send marketing emails to a business - like an agency or client - that might reasonably expect you to market to them. Of course, if they don’t want to receive further emails they can opt out. But they are unlikely to complain to the COI or contend that you did not have a legitimate reason to send it to them.

Lists will need to be managed well, to ensure unsubscribes are implemented but there is no reason to be panicked. And using our two documents will enable you to avoid problems.

Unavoidable, unfortunately, will be the effect of rampant stupidity - of people telling you they are doing things to be GDPR compliant or can’t do something because of GDPR.

Sign up to our newsletters and stay up to date with the best work and breaking ad news from around the world.

Genre: Strategy/Insight