Will implementing GDPR mean the death of newsletters?

As the GDPR juggernaut rolls into town this Friday, and we busily empty our inboxes of newsletter-mail we don’t remember signing up for, I wonder if this deadline for implementing GDPR will mark the beginning of the end of newsletters.

People do seem to prefer following a company on social media rather than being sent incessant mailers. How often do you click ‘delete’ without reading? It feels like there’s more choice in deciding what to stop and look at while scrolling through LinkedIn or Facebook.

At Progressive Travel Recruitment, we’ve always found better engagement through social media. And from 25 May, after implementing GDPR, posting on social media offers fewer restrictions than marketing mailers, so we may well see an increase in social media marketing.

Companies have to re-obtain consent for contacting customers via email after 25 May. So for those that rely heavily on email-marketing campaigns, there is a worry that more recipients will opt-out than opt-in, potentially depleting databases built up over years.

And what happens if they don’t get consent? A huge fine potentially – up to 4% of worldwide turnover. It’s definitely not worth the risk, though as this Guardian article states, rules will always be bent to gain competitive advantage.

However, I don’t think implementing GDPR means the end of newsletters just yet. But hopefully it will make companies think twice before sending out an excessive amount of emails.

Sharing personal data is a hot topic

Recent data scandals (Facebook’s Cambridge Analytica, for instance) have brought the topic of data and data sharing to the fore, and I sense an increase in wariness about sharing personal details. This is one reason why people prefer to follow companies on social media – as they don’t have to sign up to anything. With GDPR being so high profile, there is more awareness of what an individual’s rights are when it comes to data storage, usage and sharing.

Having said that, many of us find we’re simply too busy to read the Ts and Cs and privacy policies properly – so if a company asks if it’s OK to share your data, are you even aware of it when you hastily tick the box that gets you through check-out quicker? Companies will still rely on this impatience when trying to get you to sign-up.

Also, the data scandals have shown that it’s actually the big social media companies themselves who have been most guilty of misusing personal data. So, the only way to protect your data thoroughly is to read the small print – and withdraw consent and delete data where appropriate.

Becoming GDPR compliant

Of course, having greater control of our personal information has to be a good thing. The new rules that come with implementing GDPR are intended to overhaul how businesses process and handle individuals’ personal data, and harmonise data privacy across Europe, giving greater protection and rights to individuals. This will continue post-Brexit as our data protection laws will mirror those of the EU. The Data Protection Act 1998 wasn’t written with the data-enabled services such as Google and Facebook in mind, hence the requirement for updating.

In equal measure, the changes are about consent, ease of access to your data, data breaches, and transparency. It should become easier to know where your data is going once you register on a new website, and to control what’s being done with it.

For companies, becoming compliant means a lot more than simply sending out an email however. Here at Progressive Travel Recruitment and 14fiftyseven, implementing GDPR means we’ve retrained all staff who handle data within the company. Privacy policies have been amended to ensure our compliance and transparency, and I’m the new GDPR officer. Our job application processes have had to change due to data storage rules, too, and long documents written to make sure we’re all on the same page.

We welcome GDPR, and hope you have all read all the small print!