Like many American marketers, I didn’t pay too much attention to the General Data Protection Regulation (GDPR) until recently.
However, the noise level grew so loud and so hysterical over the last six weeks, that, deadline notwithstanding, I could no longer ignore it.
So, I read up and have continued to pay attention. Here are several observations:
1) So far, the buildup and passing of the GDPR deadline was reminiscent of the anti-climactic final chapter of the so-called Y2K bug, but it’s early and surely a business will be made into an example;
2) There are likely to be some unintended consequences of GDPR where companies like Glassdoor, based on anonymous input, maybe be on the wrong side of the law;
3) The GDPR fraud has already started so watch out for emails stealing personal data under auspices of a lawful data request;
4) The larger companies whose recklessness are ostensibly the catalyst for such sweeping regulation may also be most likely to benefit from the law because they have the resources to comply and are shaping the interpretation of the law; and
5) I’m coming to realize that GDPR really isn’t complicated.
What do I mean by not too complicated? There are a couple of lines in a Bloomberg article on GDPR that sums it up well:
“The GDPR rules aren’t complicated. They mainly require organizations that collect and process data to ask internet users in clear language whether they’re OK with it.”
In other words, GDPR requires marketing organizations to get permission from people to market to them. It’s not a new concept – Seth Godin wrote a book about this idea in 1999. The trouble is, until now, most businesses couldn’t be troubled to ask for permission.
When you don’t have to ask for permission, you don’t have to worry about the experience. As a result, it’s become the status quo to interrupt people, trick them into handing over personal information, and then use that data to follow them all over the web with creepy or “personalized” messages.
It’s great if you’re into that sort of thing – you get more relevant ads as the adtech people like to say – but most people aren’t (and shoving unwanted ads in someone’s face, relevant or not, is more akin to extortion than it is to a value proposition). Now the European Union (EU) says marketing must get permission.
To get permission, marketing must put together programs people want. This is a core competency of PR and content marketing pros who are adept at earning, rather than buying, attention. Under GDPR, marketing must earn attention, trust and the privilege of marketing.
It remains to be seen if this EU idea will catch on with US lawmakers, but it’s clear by the deluge of “privacy update” emails we’ve all gotten, it’s making an impact anyway. Either way, GDPR is shaping up to be good news for classically-trained PR professionals and utility-based content marketing programs designed to build an audience.
If you enjoyed this post, you might also like:
PR and Content Marketing Insights from the Edelman Trust Barometer
Photo credit: Pixabay