Accountability must inform a new marketing mindset under GDPR

Tim Hunt, Marketing Leader & Strategic Adviser on GDPR got proceedings underway in the Roadmap for Marketers theatre at GDPR Summit London, by pointing out that GDPR is much like a dirty pig.

“We know it’s there, it’s big and needs to be cleaned, but we don’t know where to start!”

From there to the potentially muckier question of just how hygienic our databases are; how many GDPR-offending nasties lurk therein? For that matter, how much of our current data was gathered in a way that complied to the old regulations, let alone the new?

Far from being something to be scared of, GDPR should be recognised for the evolutionary progression that it is, a bump we have to get over. At the core of our response as marketers must be a determination to win back the trust of the customer.

Privacy by design needs to be built in as an integral value of offerings and services. It’s a rapidly mushrooming issue when you consider that 90% of the worlds’ data was created in the last two years, and 97% of companies do not have their data ready for the laser scrutiny of GDPR.

Is there urgency? Of course there is – worst case scenarios of a data breach post-May 25th could result in crippling fines, but let’s get some focus: In 2016/17 there were 17,300 reported data breaches in the UK. How many resulted in fines? 16.

Instead, Tim Hunt outlined some far more pressing reasons to pay attention. Firstly, it’s highly likely that you will have a data breach. Secondly, consider the contract: If you’re an agency or supplier and your client gets hit for a data breach, you’ll end up paying for it.

When a breach does occur, share prices will be likely to drop and your organisation will be unattractive to new investors. Finally, if you’re not GDPR compliant, you can be sure a new wave of industry competition will be.

Marketing in the GDPR era

Sue Maclure, Head of Data at PSONA, emphasised the mindset shift that GDPR will herald for marketing. It’s about caring about the human being at the end of the data chain. What’s ok in terms of corporate communications? What’s creepy and what’s cool?

The question leads onto the need for more transparency in how companies capture and use data. Responsibility needs to be demonstrated to tackle the inherent mistrust and expectation consumers have about the companies they buy from. Unfortunately, we’re falling short as marketers – data gets sold on, overused and ultimately, abused.

Accountability therefore becomes a key concern; each brand and each audience will be different, and it’s our job to find out what the specifics mean. But first, review the legal base upon which you are using personal data and then get your consents in order.

If you’re looking at legitimate interest assessments, consider if your audience would be happy with what you’re doing with their data and document this.

The Information Commissioner’s Office (ICO) will be looking for evidence that this accountability has been thought through. It’s about putting the consumer’s interests before the organisation’s needs of the data in question.

To learn more about how marketing will be impacted by the new regulation, visit the GDPR Conference Europe: Roadmap for Sales and Marketing.

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.