Over the coming months you will read a lot about GDPR – the General Data Protection Regulation which, from 25 May 2018, will replace the existing Data Protection Act and the regulations that govern electronic communications.
A lot of what you read will be scary, though much of it will be couched by consultants in terms of being good news for well-run businesses. For the vast majority of those who carry out business-to-business email marketing, however, it is hard to see an upside.
Not only will GDPR massively increase fines for infringements, it will also potentially (or definitely depending on who you speak to) bring individuals’ business email addresses within its ambit.
Currently if you want to add my work email address to your marketing database without my permission that is fine, both morally and legally. You have only added me because you believe me to be a decision maker, which logically implies that I am competent to click “unsubscribe” if I am not interested in hearing from you again.
If, furthermore, I am unimpressed by the quality or tone of your emails then you will have done yourself no favours. We are in business and these risks should be commercial, not legal.
It is far from certain that this will still be the case post-GDPR and, in the worst-case scenario, all business-to-business email lists may have to be purged of anyone who has not demonstrably given consent to be on there.
It is my understanding that the “soft consent” deemed to have been given by customers to receive marketing materials related to the service or product they have bought will continue to be acceptable. Commercially, meanwhile, it is highly unlikely that a business partner would alienate you by making a complaint to the Information Commissioner’s Office (ICO) about having been added to your list.
You could be on dodgier ground, however, if you have the business email addresses on your list of individuals who did not subscribe and with whom you have bonds neither of contract nor of trust. While the vast majority will just unsubscribe if they are not interested (you must definitely offer this option, but already should), it only takes one complaint to the ICO to lead to a potentially ruinous fine.
A lot, to my non-legal mind, will depend on whether a business email address can really be described as “personal data”. I will be interested in the insights of any lawyers reading this and, should any be forthcoming, will publish them in a future blog. My thinking, for what it’s worth, is as follows.
Just over three months ago I left my previous role. My email address remained active and was monitored by a former colleague after I left. The same thing happened when I left the job before that. And the one before that. How, then, could these addresses possibly be considered to be “personal data”?
If, furthermore, someone has published their email address on the internet, how can this be considered “private”? Surely it is an invitation to be contacted.
My hope is that the law will be interpreted such that at least published work email addresses are not considered “personal data”. My fear, though, is that the regulations will be so vague that this has to be settled by case law and that, in the meantime, people who have been happily reading regular correspondence from other businesspeople for years will have to be stripped from distribution lists because they have not demonstrably consented.
This is not, of course, an argument for spam. My capacity to run my business would be crippled if I were to be added by every bot under the sun but this has not yet happened to me in 20 years of work email and I am not sure I need GDPR to save me from such a fate now.
As with so much at the moment, what businesses really need with regard to GDPR is certainty. It may be that everyone can more or less carry on as normal in terms of business-to-business email marketing, or it could be that the world as we know it is about to turn on its head.
If the latter happens I will be really annoyed for any of you who may no longer be able to enjoy your weekly dose of the Alpha Mail (as a belt-and-braces measure why not confirm your subscription by using the form at the bottom of this page?).
I will be even more annoyed for you if you can no longer communicate directly with the large number of people who are quite happy to hear from you but, because they are busy people, would probably never have actively subscribed before they knew just how good your emails were.
However, if this worst-case scenario does come to pass then traditional media relations will become much more important in getting your message across. Every cloud has (for me) a silver lining – provided I am still allowed to email journalists, that is!