It went down for real, on May 25th. What exactly was it, and what lessons can we learn from it-Sarah Stinson, reporting live from Total BS Media HQ.
What is the GDPR?
And now a word from our lawyer, Jenn:
“Effective May 25th, 2018, The General Data Protection Regulation (GDPR) will replace the existing EU data protection law (the Data Protection Directive 95/46/EC) and will be the biggest revision of privacy laws in over a decade. The aim of the GDPR is to harmonize privacy law across all EU member states and to help promote the digital economy. It will also introduce new legal rights for individuals to better control and protect their personal data. Organizations holding personal data will need to provide evidence of compliance if requested to do so by clients or regulators. In addition to those organizations based within the EU, the GDPR will also apply to an organization operating outside of the EU if that organization collects data on individuals residing in the EU, does business with EU entities, receives or collects data from the EU, or shares data with an entity in the EU.
For example, the GDPR could catch a US-based client whose website uses tracking technology to collect personal data to create profiles of EU residents. The GDPR requires separate opt-in confirmation for some uses of personal data in advertising and processing of data if such processing is done for a purpose not core to the functions and services the organization provides. GDPR does place a requirements on technical processes and business accountability and transparency to consumers around how their personal data is being used. Under the GDPR, an organization must obtain consumer consent in a transparent and unambiguous manner for processing or use of data that was previously contained in terms and conditions and privacy statements, or assumed through pre-ticked boxes.
While many people focus on the “right to be forgotten” within the GDPR, there are a multitude of requirements that impact Terms and Conditions, Privacy Policies, and Contract agreements. This may require a change in practice for some businesses that currently rely on “deemed” or assumed consent. It is worth bearing in mind that consent is not the only way of lawfully collecting consumer data. Legitimate interests may prove a useful alternative to consent.”
TL DR Version: What is the GDPR?
One of the GDPR’s mission is to give people back control over their personal data. It not only applies to EU businesses but any business that handles Europeans’ data. The US has yet to institute privacy policies making consent to market to a law and prosecutable if violated. That being said, siphoning your EU addresses from your US is tricky and would be a data management nightmare, not to mention piss the home team off quite a bit. Putting technical and ethical practices in place to protect consumers data may not be required by law in the US right now, but it's becoming the “gold standard,” so giddy up. When laws are eventually passed in the US, you will be ahead of the process.
Lessons Learned: How can we use this to make our marketing better?
Personal data is digital gold. We can’t go a minute without hearing about who, what, and when it is misused or abused. Mostly, for nefarious gains. If I die of a “heart attack” while “jogging,” you know who to blame. I digress…
As marketers, we have to do better. We need to understand the audience we are courting and go after them with authenticity and with content that is useful, or at the very minimum (maximum) is entertaining. There is no room for marketing tricky. There must be a value exchange. You provide something valuable to your customers and prospects, and hopefully, they will then feel compelled to provide something of value back. Content Marketing Institute’s current mantra is one I love and aspire to live by “'We must become the trusted source of interesting things.' That isn’t just a content marketing mantra – it is a marketing mantra. Full stop.”
Does it really matter if we have huge marketing lists full of disengaged, decaying leads? In this instance, size does not matter, engagement, retention, sales, brand advocates, and people who love your brand matters. The same goes for the socials, your Instagram followers, and your Facebook fans, et. al. If people don’t engage and act, you have to ask yourself, what's the point of it then.