One year in, are you a GDPR or a GDPR-nt’?

One year in, are you a GDPR or a GDPR-nt’?

Christian Sharp

Christian Sharp

It’s a year today since the GDPR regulations came into operation, but it probably feels like longer to most marketers.

What’s changed? Well, according to the news, there’s been €55m of fines delivered across Europe, although this includes a chunky €50m for Google’s ad personalisation misconduct.

In the UK, there haven’t been any fines to date, although an enforcement letter has been delivered to a firm in Canada. A menagerie of fines and further letters can be seen on the ICO’s website, but most of them – including a £385,000 fine to Uber – are under the ‘new’ Data Protection Act rather than the GDPR.

Of course, GDPR has made everyone more aware of data protection regulations, whether they want to be or not. And perhaps more importantly, it’s raised awareness of how data flows around the organisation, how much of it there is and the importance of taking care of people’s data, especially within protected categories.

In the last year, we saw a vast number of vendors roll out solutions; some of which were user-friendly and many that were not. The fifty-one different comments on our blog post ‘reconsenting Mailchimp lists ahead of GDPR’ showed not only confusion around how to handle mailing lists, but also how last-minute Mailchimp’s own guidance was. One of the major things we learnt was how broad a base for data processing ‘legitimate interest’ is – and if we’d known this ahead of GDPR, our blog post would have looked a lot different!

Overall, our analysis of GDPR’s intent was ‘handle data responsibly’ and that’s a firm, fair and necessary mission. Knee-jerk deletions of consumer data were almost certainly unnecessary but completely understandable, given the size of the fines. One of our overall feelings about the handling of GDPR was that it uncomfortably straddled a few roles: many of those responsible were marketers with limited support and a limited grasp of regulations, however well they’d handled PECR in the past.

That said, the fact that no UK fines have been given out is either a sign that most British organisations handled the regulations responsibly – or that the mammoth amount of administration and organisational re-architecting is still a work in progress. Right now, no news is good news – although time will tell.

Share this story:

Read more from the blog

Blog

A changing landscape: Building reputations amid shrinking media pools 

Amid shrinking media pools, PR professionals need to begin thinking broader and deeper than simply media relations. ...Read more

Claire Walker
Claire Walker
Blog

Step forward with year-round inclusive PR campaigns this Pride Month

How can organisations do better this Pride Month and beyond? We discuss the dos and don'ts for inclusive PR campaigns. ...Read more

Megan Hogg
Megan Hogg
Tech News

Summer is here, and so are our top tech news stories of the month

Whilst June flew by in a flash of picnics in the park, it didn’t fall short on delivering yet more weird and wonderful tech news stories. ...Read more

Georgia Dallas
Georgia Dallas

Add a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Is it time to shape your reputation?

We operate in London, Paris and Munich, and have a network of like-minded partners across the globe.

Get in touch

Sign up to Spark, our newsletter

Receive thought pieces from our leadership team, views on the news, tool of the month and light relief for comms folk

You can unsubscribe at any time, please read our privacy policy for more information