Fed up with receiving emails? You can't blame GDPR.
If you’re anything like us, with only a few days to go, you’re probably drowning in a sea of emails from companies asking for permission, to let them send yet more emails. And, we’re sorry to say, there’s a fair chance many of them probably didn’t need to send them at all.
The security of your data is our number on priority… We don’t want to lose touch with you but we also don’t want to send emails you aren’t interested in… (there’s an irony if ever there was one)... you know the score. 99% of them name the grim data reaper of the GDPR and some even link to the regulations themselves. Yet, as we set out in our recent two-part series, there seems to be a widespread panic - even with a couple of days to go - about whether people need to ask for opt-in permission to email people with marketing content.
The problem is, you see… quite a lot of these emails that we’ve all been receiving are entirely pointless… and some are illegal in their own, well-intentioned right.
It’s easy to see where the message has got muddled.
First they introduce the GDPR. Because there has been gossip about stratospheric levels of fines (up to €20 million or four per cent of their annual global turnover), even though the UK Information Commissioner has made it clear it won't be heavy-handed with fines, everyone has gone into the marketing equivalent of a bit of a tailspin. Add to this the fact that there are supposed to be new ePrivacy regulations coming in, alongside the GDPR - that are still being written… and everyone spins a bit faster. Because these are still being confirmed we’re left to rely on the existing legislation - the Privacy and Electronic Communications (EC Directive) Regulations – known as PECR for short. These govern all marketing messages that come along in a digital format, be that email or text message. The problem is that until someone mentioned GDPR most people hadn’t really ever noticed or heard about PECR…
Since 2003 it has been the law that, generally speaking, you can only send a marketing email to an individual contact (i.e. email@example.com) if they have consented to receive it (opted in) or you have an existing client relationship… and if you give them the opportunity to to opt out in every email.
The GDPR and PECR haven’t changed this. Lots of companies are sending out emails asking for consent when they already have previous consent or an existing client relationship. In short, they’re wasting their time.
Furthermore, if someone is being contacted at a business address (firstname.lastname@example.org) then there’s a fair chance that companies don’t have to send the emails re-asking for permission to keep in touch, either… so that means even more wasted emails being sent.
And, if you’re sending emails to people already, and they haven’t provided consent, or they don’t have a client relationship or business address, then, in sending them you will have been in breach of PECR, potentially for many years.
A final word of warning…
In an almost ironic twist, in 2017 the ICO fined Honda and Flybe for sending emails to people, asking them to consent to receiving future email marketing. Yes, that’s right… you read that right. The ICO said that “sending emails to determine whether people want to receive marketing without the right consent, is still marketing and it is against the law".