GDPR fines shouldn't be the biggest concern for marketers, according to marketing tech company Dotmailer - instead, they should be worried about the reputational damage that arises from not acting in customers' best interests.
GDPR comes into force in just over a month, and one of the biggest concerns for companies is the hefty potential fines for breaching the new regulation, with a maximum penalty of 20 million or 4% of the company's global annual turnover - whichever is higher.
However, while these figures are particularly alarming for many marketing departments (which by definition deal with vast amounts of personal data), Dotmailer's client service director and Digital Marketing Association non-executive director, Skip Fidura, said that the more pressing danger is not the response from regulatory bodies but from customers.
"Forget about the fines! That's the headline; that's what they want you to hear," he told attendees at Dotmailer's annual customer summit in London. "Think about the cost to your business if you lose your reputation by betraying that trust."
As GDPR has not yet come into effect, there are currently no examples of this effect, but to illustrate his point, Fidura cited the case of TalkTalk, which suffered a catastrophic data breach back in 2015. The company received a fine from the Information Commissioner's Office of 400,000 for its poor handling of the incident, but even though the corresponding penalty it could have incurred under GDPR would have totalled almost 60 million, Fidura argued that this still didn't compare to the company's loss of reputation.
"TalkTalk was fined 80% of the maximum possible fine at the time: 400,000. Peanuts for TalkTalk," he said. "But they lost 1 billion off their market capitalisation. Way more than any percentage of the maximum fine under GDPR they would have faced. The fine is just the headline - it's the loss of reputation that you've got to worry about."
However, he stressed that GDPR "does not fundamentally change what [marketers] are trying to accomplish, and that's to get the right message to the right person at the right time".
John Mitchison, director of compliance at the Digital Marketing Association, called the legislation an evolution of the UK's current law, the Data Protection Act 1998. "Many of the problems that people come to me with as director of compliance at the DMA... they explain the problem that they've got, and I realise that it's not a problem with GDPR, it's a problem with the [Data Protection Act]."
"They've been doing things wrong, or in contravention of the DPA, for many years, and only now starting to worry about rules. The stretch between the current Data Protection Act and GDPR is not a huge distance. If you're doing things under the current regulations compliantly, then coming up to the standard of GDPR shouldn't be that big a stretch."
As part of the summit, Dotmailer also announced a series of product updates to its email and marketing automation platform, including new data protection features to help companies work towards GDPR compliance. This includes a new tool called Consent Insight, designed to give marketing departments more information about their customers' consent in order to prove compliance to regulators, including the text of the consent agreement they signed as well as their location, IP address, browser and more.
A new tool has also been launched to allow quick and easy exporting of this data in order to comply with Subject Access Requests - another GDPR component that allows consumers to request a copy of any data held on them by a company. This is also combined with a new functionality for deleting all of a customer's data from Dotmailer's platform if required, which includes a recycle bin to protect against accidental deletion.
All of the new features will be available for free to all Dotmailer customers.
-
Third time lucky? Microsoft finally begins roll-out of controversial Recall featureNews The Windows Recall feature has been plagued by setbacks and backlash from security professionals
-
The UK government wants quantum technology out of the lab and in the hands of enterprisesNews The UK government has unveiled plans to invest £121 million in quantum computing projects in an effort to drive real-world applications and adoption rates.
-
The cookie phase-out might precede an AdTech apocalypseIn-depth With the industry phasing out third-party cookies, what does this mean for businesses reliant on them to track and improve their campaigns?
-
ICO publishes new data protection standards for the adtech industryNews The new rules apply to new online advertising strategies which must place protections for users at the forefront
-
Tories fined £10,000 after sending unwanted campaign emailsNews ICO said the breach of data protection laws was “serious”
-
Mine: The startup that can track down your dataCase Studies The search for your digital footprint starts with your email inbox and some machine learning
-
Nine top GDPR tips for email marketing strategiesIn-depth It's not all doom and gloom – here's how you can make GDPR work for you
-
Why GDPR creates a "vicious circle" for marketersNews Customers will control the forthcoming trust economy, predicts Aprimo
-
GDPR for marketers: What do you need to know?In-depth How will new regulations on data affect an organisation’s marketing efforts?
-
Google dumps disaster recovery product amidst clean outNews The internet giant dumps the Google Message Continuity product to focus on its Apps lineup.
