Direct Marketing Association

DMA unveils potential financial impact of the draft EU Data Protection Regulation for companies involved with data-driven marketing


By The Drum Team, Editorial

March 15, 2012 | 3 min read

The Direct Marketing Association has gathered evidence on the financial impact that the draft EU Data Protection Regulation could have on UK companies which are involved with data-driven marketing, including a membership organisation with charitable status and a global marketing services provider.

Case studies submitted by eight companies operating in various marketing industry sectors under the promise of anonymity, look at how each will be affected by the changes.

The case studies form the DMA response to the Ministry of Justice’s call for evidence on the Data Protection Regulation in the build up to the British government’s negotiations with EU legislators.

Chris Combemale, executive director of the DMA, said: “Our members are in agreement that if the Data Protection Regulation were to be implemented in its current form, then it would cause significant financial harm to UK businesses connected to the direct marketing industry.

“Many elements of the Regulation would be unduly restrictive for businesses, without meeting the EU’s stated aim of enhancing protection of individuals’ data privacy rights.

“As the Regulation passes through the European Parliament and Council of Ministers, the DMA will be communicating with lawmakers at every stage to ensure they understand the economic consequences of creating a Regulation that does not strike the right balance between protecting the rights of individuals with the legitimate commercial interests of businesses.”

The DMA is conducting an economic impact analysis report to determine full cost to UK businesses if the current draft of the Regulation were to be passed into law tomorrow, with the report to will be published in May.

Overview of each case study

The global marketing services provider: Additional costs generated by administration from the right to be forgotten, explicit consent for data processing and the training of a data protection officer would lead to estimated extra costs of £50,000 - £75,000 per year.

The data services provider to the retail sector: Data portability and right to be forgotten could require a one-off system development at a cost of £100,000. A cost of up to £5 million for data already collected but could not be used if the Regulation is retrospective.

The membership organisation with charitable status: The requirement for explicit consent would make fundraising via marketing impossible. An extra £90,000 would have to be found to cover increased telemarketing staff numbers.

The financial services organisation: Reformulating existing customer databases could cost anywhere between £100,000 - £500,000. The requirement for explicit consent could lead to an inability to market to existing customers thereby losing revenue of approximately £6 million.

The bureau cleaning service: The explicit consent requirement would lead to a 50% drop in business.

The list broking company: The explicit consent requirement could lead to a 50% drop in turnover and a loss of 26 jobs.

The B2B telemarketing and digital marketing company: Additional staff training would cost £7,600 per year; the cost of updating the CRM system would run into the thousands of pounds.

The global data company: Explicit requirements for consent would lead to annual losses in revenue of £1 million. Reviewing and updating legacy data to comply with the Regulation would cost £500,000. A one-off cost of £500,000 for system development to meet right to be forgotten, design by privacy and removal of subject access fees.

Direct Marketing Association

More from Direct Marketing Association

View all


Industry insights

View all
Add your own content +