In this blog I’m going to explore a topic which fills most CRM specialists and Marketing people with dread:

Data Privacy

Since legislation first came into effect around the world, we all have been trying to ensure that we comply with the relevant data protection and privacy legislation.    

Whilst different countries have different degrees of data privacy governance we are all familiar with the principles of good data governance in the context of client confidentiality and in the spirit of maintaining good relationships with our clients and contacts.

The key things to bear in mind are that data must:

  • be obtained and processed, fairly and lawfully and that our clients and contacts must feel comfortable about and consent to the purposes for which we are using their data;
  • not be disclosed to anyone else other than those parties consented to by our clients and contacts;
  • be accurate and up to date;
  • not be held if we are no longer using it;
  • be accessible to our clients and contacts;
  • be secured from unlawful access and use;
  • be processed in accordance with any regional or jurisdictional legislation in effect in the territories in which your firm operates

But legislation has been added to over the years by various global directives and marketing preference schemes, such as European Cookie legislation.   And with the proposed introduction of even more rigorous legislation for data privacy, have things now gone too far?

Have we strayed in to the territory of unreasonable business prevention?  Or do our legislators merely have the interests of their citizens at heart?

Whatever the motivations for the legislation the fact is that we live in an era when legislation and client expectations are putting increasing constraints on marketers’ abilities to communicate “at will” with large numbers of clients and contacts.

The proposed changes in data privacy legislation in the UK and Europe and their international equivalents, for example the Canada Anti-Spam Legislation (CASL), or the Australian Privacy Act, mean that we live in a world where we have to be extremely careful about how we communicate with our clients and contacts.

The way in which firms have attempted to comply with legislation clearly indicates that there is a great deal of confusion out there as to what is required and how policies should be implemented.

Different firms seem to be interpreting the legislation differently and in a global world, firms are not clear what they can or cannot do.  They ask the question:

  • Do I have to comply with legislation in my jurisdiction or in the jurisdiction of the recipient?  Or both?

One of the other challenges is that there seems to be a reluctance amongst the professionals to “give up” the right to decide if their contacts should receive communications.  However the reality is that the right has to be with the individual and that from a good data governance perspective, the answer to the question above is that we should always:

  • AIM for the highest possible standards, NOT the lowest common denominator.

Offering recipients of our communications an opportunity to “opt-out” from receiving them, will no longer be enough, we must have a robust and proactive strategy for soliciting their consent regularly and for implementing systems and processes to ensure that all members of staff understand the letter and the spirit of the law.

Of course, providing our clients and contacts with the opportunity to manage their own communication preferences is, in itself nothing new.   It takes us back to the principles of good marketing communications – i.e. only send things to people who actually want to receive them.

So my argument is that this is a good thing for CRM.

For too long the emphasis of CRM systems has been to add contacts to mailing lists and then to recycle those mailing lists over and over again, irrespective of whether the subject matter is remotely relevant to the recipients.

However I would argue that recipients of unsolicited or irrelevant marketing communications have always had the ability to be in control of the marketing communication process.

The fact is that whilst they didn’t necessarily have the legislation in place to force a firm to stop sending them communications, they were able to “vote with their feet” i.e. if they were so unimpressed by the communications they received from a firm they simply didn’t respond and they certainly didn’t buy anything from them.

As CRM professionals we now have a real warrior in our corner.

Data privacy legislation provides us with a strong argument against those in our firms who want us to add contacts to a mailing list without them having expressed a preference to receive that particular communication.

We have to tread a fine line though.

There is a chance that compliance teams may want to take us further than we need to go.  Complying with data privacy legislation is really just an exercise in common sense, we’re not organising the Olympics here!

The introduction of this legislation also means that we will have to think very carefully about not just the quality but also the quantity of data on our CRM system.

If we are to introduce individualised marketing preference management, then we certainly are not going to be able to do that for hundreds of thousands of contacts.  Firms are going to have to consider what criteria it will use to determine who should be added to the CRM system and more importantly:

  • Who should remain on the CRM system.

Offering contacts the ability to manage their preferences and then failing to deliver what is promised is almost as bad as not bothering to ask at all.

Of course technology can really help you here, but at the heart of implementing a successful plan to comply with data privacy, is understanding why we’re doing it in the first place.

In my opinion the reason that we need to comply with data privacy legislation has nothing to do with the law and everything to do with the fundamental principles of good marketing communication.

Watch out for our Golden Rules and Directors’ Briefing Room updates on Data Privacy to give you a check list of everything you need to know to implement a successful policy in your firm.

If you would like to subscribe to receive regular updates from Stanton Allen then please visit our Contact Us Page and sign up to our e-newsletters.  You can also “Follow” our blog by clicking on the Follow Link at the bottom of your screen and entering your email address.  That way you’ll automatically get emailed when we update our blog.