Share this content

EU data law: Dearth of consultancy support puts brands at risk

7th Oct 2015
Share this content

There is a problem to be faced by all marketers that use data, which is to say all of them. It is that to prepare for the complexities of the new EU data law, help will be needed. The bigger and more complex the use of customer and prospect data, the more help will be required. The problem is there isn’t, and won’t be nearly enough to go around.

A quick look at the sums tells everything you need to know about the problem. There are more than 360,000 UK companies, plus charities and other bodies in the UK that need to prepare for the new law, the General Data Protection Regulation (GDPR). Small companies, such as one unit retailers should be able to get by with written and video guides.

Any organisation that uses customer and prospect information as part of its communications strategy will need to get staff training, appoint a data protection officer, or obtain some form of specialist third party assistance. But there is a more or less a support vacuum in these areas.

There is plenty of research from the EU, Information Commissioners Office, Direct Marketing Association, and even the Ministry of Justice highlighting the need and costs of appointing specialist data staff, training marketers on GDPR, plus utlising specialist consultants.

However, there is no nobody training the would-be trainers, the would-be data protection officers, or would be specialist consultants. In fact, there is more or less nobody to train anybody.  

There are perhaps as many as 200 individuals that have the degree of data compliance experience and knowledge of GDPR to be able to provide reliable assistance on the subject. Of that number most are committed to full time positions embedded within companies or other organisations. That leaves between 20 and 50 that can provide consultancy support, and the consensus is that the figure is much nearer to the 20 mark than the 50. That could leave as few as 20 consultants to go around

No easy solutions

In the first quarter of next year we are due to receive the full details of GDPR, but so much of its contents have been revealed, and it has taken so long for the EU authorities to get to where they are now, that in order to get close to meeting the timetable for the introduction of the law there is no leeway to introduce anything new.

We know that the law involves a lot of work in order to be compliant, and much of it is technical. It involves upgrading customer opt-in consent by contacting everyone on a databases, storing every completed individual consent form, and providing a ‘right to be forgotten’ for members of the public that no longer want companies to have their information. If compliance regulations are not adhered to the Information Commissioners Office (ICO) has the power to implement some extremely heavy sanctions.

Written and video guides will be produced be the ICO and professional bodies, plus the Direct Marketing Association will be running information roadshows as an extension of its current compliance service, but many marketers need more than a set of instructions or a lecture, no matter how good they are. 

Many will consider the possibility of consumer data providers riding to the rescue of former and existing beleaguered clients. Normally they would have the will and capacity to provide consultancy to whoever needs it, but in this case the hope is largely false because they themselves are largely unprepared and face a huge task in salvaging their own data.

But there is still some consultancy available, and it is even possible to obtain free EU data compliance audits. When details of the law are published in the New Year, data owners are likely to snap up the available resources and from then on it will only be available at a premium for a very few.   

The fact is that there are no easy solutions to preparing for the new law. The key thing is to take steps now. Undertake as much research as possible. Understand it and then interview and appoint a consultant to gain assistance before its too late. Later down the line the ICO and trade bodies will provide information of varying degrees of quality, but unless you think you can go it alone by attending seminars and relying on video and written guides the time to act is now.

Dene Walsh is operations and compliance director at Verso Group. He is also a Member of the Contact Centre and Telemarketing Council at the Direct Marketing Association.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.