You may have been too busy worrying about the consequences of Brexit or who might be the next leader of either major political parties to notice what happened in Parliament last Tuesday. Even if you weren’t, the first reading of the Digital Economy Bill may not have gained your attention, full as it was of fine detail about broadband access and digital infrastructure. But it also contained elements that will impact on everybody in the data industry - specifically, introducing a new statutory code of practice on direct marketing and easier enforcement by the ICO of breaches.
Triggered by the long-running problem of nuisance calls, the Bill is the latest step in efforts by MPs to stop consumers getting phone calls and texts to which they had not consented. At the peak of this activity in recent years, diven by ambulance chasing and PPI claims management, eight out of ten consumers were getting at least two such calls every week. Ofcom and the ICO demanded more powers to act against outbound calling without consent and last week saw the first step towards getting them.
So why should this matter to your company if you do not make unsolicited calls? Here are two obvious reasons:
1. UK lawmakers want to fix the rules on consent, regardless of GDPR
It may be two years before enforcement of GDPR is due to start and the UK may or may not choose to keep it on the statute book. But there is a clear desire to ensure that existing laws are updated and enforced. The Bill spells out additional powers for Ofcom and the ICO to hold companies to account for any actions that breach the Data Protection Act or Privacy in Electronic Communications Regulation.
Crucially, the Bill will see the ICO guidelines on direct marketing given a statutory footing. If you read them (and if not, why not?) when they were given a revised publication in March of this year, you will already know that they contain important notes around consent, implied consent, third-party consent and the shelf-life of permission.
The key guidance for DM is in section 104, which states: “As a general rule of thumb, if an organisation is making contact by phone, text or email for the first time, we recommend that it does not to rely on any indirect consent given more than six months ago – even if the consent did clearly cover that organisation.”
This has been widely viewed as spelling the death knell for third-party data collection where most of the profit comes from turning files well beyond six months. As charities have been forced to admit, some lists have remained in play for up to a decade. The Digital Economy Bill will undoubtedly put an end to this duration and the ICO is already pursuing companies who breach existing laws, even before the Bill makes it through the current legislative process.
2. Data may be the new oil, but DM is an oil spill
The wording used to explain the purpose of the Bill gives a clear sign of how legislators view the DM industry. In answering the question of whether nuisance calls will be brought to an end, the DCMS press release says: “A balance needs to be struck between ensuring that consumers are adequately protected and also ensuring that the direct marketing industry can continue, as it is a legitimate activity.”
Sounds grudging? It is - and you will note that the terms nuisance calls and DM have now become bundled together. Data has won new friends and is viewed by the government as one of the five pillars of the UK’s economy. When it comes to putting it to work, for example via email marketing, there is a lot less love on display.
It is this disparity which commercial organisations will struggle to reconcile as new data and analytics methods continue to drive innovation and invite admiration, but established marketing channels such as those relied on by DM suffer from pushback by consumers and regulators alike. That’s why last week’s first reading not only introduces a time limit on consent to marketing, but perhaps also on broader legal consent for the new era of data exploitation.
Related articles: ICO guidelines are nothing to fear (unless you ignored them last time)
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024