GDPR - are you legal or business?

Michael Gentle
Sep 22, 2018 · 3 min read

How you view the legislation can dramatically affect your business

Image for post
Image for post

GDPR? What a pain! Doing business in today’s competitive world is hard enough without having to contend with intrusive legislation such as this. Let’s bring in the lawyers, tick the boxes and adapt to the new rules. That way we take no risks.

Well, that’s certainly one approach. You could call it the legal-driven approach. Here’s another — let’s call it the business-driven approach.

GDPR is a reality and it’s here to stay. Instead of wasting corporate energy fighting it, we can see if at heart it doesn’t present a business opportunity. Instead of constraining our business, it might well enhance it.

Which approach do you favour?

Which tribe do you belong to?

The marketing automation company Marketo has just published a very interesting study on the subject, entitled The Two Tribes of Marketing. Based on a survey of 300 marketing decision makers in UK, France and Germany, it describes a cultural split that drives an organisation’s approach to GDPR:

  • Legal-first (45% of respondents): We are doing what we need to be legally compliant with GDPR and will change our marketing in line with these legal requirements.
  • Marketing-first (55% of respondents): We are using GDPR compliance as an opportunity to better engage with our customers and prospects through smarter marketing

An example of how this cultural split played out is in marketing consent, whereby many legal departments steered marketing towards re-permissioning campaigns that significantly reduced their prospect base. This should not come as a surprise because the response rate for email campaigns is usually quite low. You’d be lucky to get an open rate of 30% and a click-through rate of 5% — especially when you’re competing with half the planet doing the same thing in the runup to the May 2018 deadline.

In a business-first approach, however, this reality would have been obvious from the start, and people would have stepped back and evaluated alternative solutions, like using legitimate interests, or other ways of obtaining consent that could get a higher response rate.

There are other GDPR areas besides lawful basis in which a legal-first approach could give rise to the law of unintended consequences — and paradoxically increase the risk of non-compliance. Examples are employee privacy policies written in legalese which focus more on liability than on getting a simple message across; or training that try and turn employees into GDPR experts instead of just teaching them how to be compliant in their jobs.

Find the right balance

In their report, Marketo makes no bones about where it stands on the issue, saying that “overly focusing on compliance to the point that you ignore the imperative to engage with customers in an effective and meaningful way is going to make marketing and relationship building really hard work.

That’s a point worth thinking about. After all, GDPR is a complex piece of legislation involving law, technology and business. As such, it has to be addressed from both a liability and a business perspective.

So, to all the companies out there who are still working on their GDPR compliance: try and get all the people around the table — legal, technology and business — before making important decisions. Like most things in life, it’s all about balance.

Michael Gentle is the founder of The Balance of Privacy, based in Geneva. For similar articles by Michael, click here.

The Balance of Privacy

Data privacy is the new normal

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store