Research studies have consistently shown that the vast majority of email marketers are not yet ready for GDPR's deadline next year. Most marketers are either devising a strategy or waiting to see what happens. The reality for any company hoping the new European rules somehow disappear is that they will come into action while the UK is still a member of the EU. What's more, the mood among British businesses, according to the British Chambers of Commerce, is for regulators to keep EU rules.
They may have complained about them at the time, but having the same rules as the EU makes it easier for companies to export, so they would rather see the majority of today's regulations maintained. One can easily imagine how this notion applied to new data privacy rules. Why would UK marketers want to have different lists for UK and EU residents? It just wouldn't make sense -- so GDPR will not only become law, it will almost certainly be maintained as UK law post-Brexit.
Which brings us full circle back to compliance. The majority of marketers are not sure their lists are compliant and the majority also aren't sure they can prove that third-party data they bring is legal. The cost of becoming compliant is significant, both in terms of people hours and the slimming down of lists. The lifeboat charity, the RNLI, has been one of the few organisations to be open about this. Becoming compliant by repermissioning its lists to provide fully informed consent has cost it thousands of email addresses and hundreds of thousands of pounds in costs -- and most significantly, lower donations.
So one suggestion is that many companies may already be running fully informed sign-ups today and will simply ditch older lists when the time comes. Experts who are suggesting this will happen point to third-party lists as being the first that will go.
It's easy, as an individual who doesn't have to go through this to advise companies to get repermissioning sooner rather than later because it costs them nothing. But if you accept that from this coming May you will have a year to be compliant, that's still a full year to ask people to sign up at a preference centre and give informed permissions. If you leave it until this time next year, however, the May 2018 deadline will be upon you -- and before you know it, your finger will be hovering over the delete button.
Sadly, I suspect this is the terrible dilemma that many companies will end up facing, but with more than a year to repermission lists and with more than a year to go for you to tell subscribers you will stop contacting them if they don't get back to you, there's still plenty of time to avoid the awful prospect of erasing databases and starting from scratch.
Repermissioning is a pain but it has to beat hitting delete every time, doesn't it?