News

Have UK marketers under-estimated the impact of EU privacy laws? Only 6% claim to understand what GDPR means for business

The new EU-wide privacy rules will come into force in 2018

Only 6% of UK marketers feel they fully grasp what forthcoming EU-wide privacy rules will mean for their business, according to a study, with just over one-third of those surveyed admitting they don’t know whether their company has taken any steps to ensure they are compliant.

From May 2018, the EU General Data Protection Regulation (GDPR) will come into effect. The reform is one of the most significant in years at 200-pages long and formalises concepts like the ‘right to be forgotten’, data breach accountability, data portability and more. Huge fines of €20m, or up to 4% of global revenues, have been threatened for non-compliance, but data from YouGov and The Chartered Institute of Marketing (CIM) indicates only 11% of marketers already have systems in place to ensure they don’t fall foul of the legislation.

The study into the challenges and opportunities facing those in the industry was based on two separate surveys from YouGov and the CIM. Key findings from the former, which surveyed 225 marketers found that for those in the UK, Brexit (55%) and a recession (47%) were the top concerns for the year ahead. Only 13% of those quizzed said that GDPR would be a significant cause of worry, with just 31% admitting they do not know whether their business has taken steps to ensure they’re compliant.

The CIM’s dataset from 112 members revealed that 70% of marketers are concerned about factors outside of their control, including data breaches, impacting on their brand.

The introduction of GDPR will have huge ramifications for marketers who handle personal data and also place demands on businesses to demonstrate informed consent to use consumers’ personal data for marketing purposes – something marketers have previously expressed anxiety over.

Speaking last year, Stephen Loerke, chief executive of the World Federation of Advertisers (WFA) said he was surprised more marketers had not “woken up” to the implications of the new EU rules.

Interestingly, 16% of those questioned do not think GDPR is relevant to their business and 9% said it had been mentioned in their offices but nothing had been formally discussed.

Chris Daly, chief executive of the CIM said that while marketers were conscious of impending challenges like Brexit and other digital trends, they have to make sure it doesn’t obscure other issues.

“It is concerning to see that GDPR has not been fully considered, given the wide-reaching impact this will have on business areas which deal with data – marketers’ natural habitat. Given the concerns that emerged from consumers last year over how businesses collect and use customer data, marketers must make sure they are prepared and ready for GDPR sooner rather than later. By staying on the right side of the incoming legislation, marketers are best placed to safeguard not only their business’ reputation, but also its finances.”

Just last week Rob Luke, deputy commissioner at the Information Commissioner’s office, invited marketers to submit their ideas for the public body’s GDPR guidelines.

“Arguably the biggest change under GDPR is around accountability,” he said at Isba’s annual conference. “The new legislation creates an obligation for companies to understand the risks that they create for others, and to mitigate those risks. It’s about moving away from seeing the law as a box ticking exercise, and instead to work on a framework that mainstreams privacy considerations throughout your organisation.”

Get the Newsletter

Keep up to date with the latest news and insights.

Subscribe

Rebecca Stewart

Rebecca Stewart is The Drum's breaking news and social media reporter, covering how brands and media companies are using platforms like Snapchat, Facebook, Twitter and beyond.

All by Rebecca