Where’s the GDPR campaign to tell consumers about their data rights?

With only a month until GDPR comes into force, the information available to consumers is dwarfed by the advice for businesses. The ICO should be trying harder to inform people of their data rights.

Data rights GDPRI had a look at some of the things I’d been working on recently and realised that between a couple of whitepapers, a strategy document and a paper on the upcoming EU General Data Protection Regulation (GDPR), they all had one thing in common. Each one came across as if it had been drafted by the most cynical, doom mongering, dilapidated crone ever to have put gnarled fingers to keyboard.

It was a little disturbing at first – that was until I remembered that I had a birthday coming up, and not one of the hallmark ones. I was to turn 41, which meant very little to me, to be honest. I ramble more and party less – totally normal degradation, apparently.

In my mind, I was turning just ever so slightly more boring. Thus, not a huge amount to celebrate – 41st birthdays are, I’ve decided, crap.

While ‘42’ may be the meaning of life, according to the Hitchhiker’s Guide to the Galaxy, there is nothing remotely special about turning 41. Maybe I do complain that grime music sounds a little like a posse of angry, Fanta-filled children trying to talk over each other and that I’ve found more meaning in my morning constitutional than anything ever said by the Kardashian clan.

But who cares what I think? Not advertisers, obviously. They’re far too busy trying to corrupt young minds, dodge taxes and exploit meaningless trends with Dank Memes™.

You’d have thought the biggest source of breach reporting – namely these very consumers – would have reams of websites outlining how to benefit from GDPR.

I seem to hold very little interest for them whatsoever. I’ve migrated from ‘aspirational, single, mid-20s drinker-smoker with a dodgy credit rating and a tendency for fiscal frivolity’ via ‘no kids, self-centred, 30-something, travelling consumer’ and popped out into, well, what can only be described as a demographic dead zone.

I can only assume that Google’s data mine (which I like to imagine as a cross between Spectre’s HQ and a dilapidated Olympic velodrome somewhere under Iceland) has me pinned as ‘early-40s spendthrift, decent earner, doesn’t do much, marketing cynic, loser’. Or something similar. This was proven on my birthday when I received precisely one targeted email.

READ MORE: The ICO preps campaign to educate consumers on data and GDPR

Step forward Young’s Pubs, specifically the Leather Bottle pub in Earlsfield, south-west London. They emailed to offer me a free birthday pint. And one for my wife so I didn’t have to blow off the froth on my own. Targeted, appropriate, concise and well received. That’s good CRM right there.

Now, I understand that I received so few sell-o-grams on my birthday largely because I’ve opted out of everything, so apologies to Amazon, Capital One and Snotfox (sorry, old habit – Foxtons), which I imagine have been trying valiantly to negotiate their way around my spam filter for a while now. However, come 25 May, these efforts will be even more hindered with the introduction of GDPR.

Consumers should be aware of GDPR too

GDPR is designed to enhance the rights of consumers and how their personal data is used by businesses. It’ll do this by penalising companies that break the rules up to 4% of global turnover. Those that send emails without appropriate permissions will come a cropper, according to the Information Commissioners Office (ICO), which will enforce the law in the UK.

If you’re a brand owner and you haven’t got yourself set up for the godamned privacy rules yet, it’s not too late (although someone, somewhere in your organisation should start washing their interview pants if that’s the case – it’s been coming for a while). There are 1001 consultancies just a Google search away that are itching to take your panic budget and teach you something you could find for free on the ICO site anyway.

Yet, after sniffing around, for all the advice and scaremongering available to businesses, I couldn’t for the life of me work out what a consumer is meant to do if they receive an unsolicited email that breaches GDPR on 26 May.

I dropped a mail to the ICO to find out – and oddly enough their auto-reply is a font of useful knowledge, with invaluable GDPR guidance under headlines such as:

  • If you have raised a new information rights concern
  • If you have requested advice
  • If you have reported receiving spam email

I found this a little odd. Surely the entire purpose of GDPR is to benefit consumers and give them more control over who has access to their data and how they are communicated to. With something as impactful as GPDR that effects every adult in Europe outside a couple of Greek goatherds, you’d have thought the biggest source of breach reporting – namely these very consumers – would have reams of websites outlining how to benefit from GDPR and what they need to do if they see something fishy.

But no, this advice has been ferreted away on the ICO site alongside a handy 12-step guide to compliance and free self-assessment toolkit (sorry-not-sorry, pricey consultancies; you’ve always got Brexit paranoia packages to sell next year).

The site has seen an increase in traffic over the past six months, with a spike between January (1.15 million unique visits) and March (1.5 million unique visits), as you might expect when pan-European consumer regulation is on the cusp of becoming mandatory.

Maybe I’m jumping the gun. There might be an all-singing ad campaign in the post for May and Euro-consumers will have their ‘right to complain’ opportunities laid out for them in gleaming technicolour by Trevor McDonald, Emily Maitliss or an equivalent trusted broadcaster of public service repute.

If there’s not, there should be – because like it or not, GDPR is coming. It’s not only beneficial for the ethical wellbeing of the marketing industry but more importantly a hugely beneficial weapon in the consumer’s arsenal – even if they don’t know it yet.

Harry Lang (@FactDeJour) is the founder of Brand Architects, a brand-building and integrated marketing consultancy, and former marketing director of Pinnacle.