All the latest news, views and random musings from across Engine. Got an opinion? Then leave us a comment or say hello on Twitter using @EngineLondon

After Compliance: What we learned

26TH APRIL 2018


Compliance is everywhere. Or, at least, the quest to be compliant is.

The 25th May sees GDPR finally enforced, and in the last year the volume and frequency of GDPR emails has been steadily increasing. And it’s not only brands re-permissioning customers; the B2B space has also been awash with communications from suppliers with tips and checklists on compliance. We’ve certainly had a few at Engine.

So, we decided to run a GDPR event with a difference – what happens beyond May? How will we, as marketers, be affected and, more importantly, how will the consumer be affected? Will their awareness of a change in regulation change and, if so, will they act on it?

We got some of the best minds in marketing and GDPR on a stage to discuss these issues and more here at Engine HQ.

I kicked things off with an introduction to our panellists. Rosemary Smith, Director and co-founder of Opt 4, was invited to share insight on policy definition as well as giving an insight into how consumers might react post-May. Swantje Drescher, Strategy Director at PAA, was also on hand to discuss the impact on customer communications and the value exchange.

Awareness will shift
Current surveys place consumer awareness of GDPR at somewhere between 30-50%, depending on where you get your information. It’s safe to say that the majority of consumers in the UK are unaware of upcoming changes to regulation, but will that change?

There are a few factors to consider. Rosemary highlighted the impending ICO campaign, a rare foray into comms for the Information Commissioner, Elizabeth Denham, and how that will certainly raise awareness. Already, the campaign has gone live on radio, and we can expect to see a broader channel distribution leading up to the deadline.

Swantje then brought up the (almost too well-timed) example of Cambridge Analytica and Facebook, reminding us that media coverage of high-profile data leaks will have a large role to play in how awareness rises.

But will consumers act on it?
A stat from SAS suggests nearly half of UK consumers intend to activate their new rights, 15% of them on the 25th May. Cue some nervous nodding in the audience. Whilst this was generally seen as a slightly exaggerated headline figure, I put a simple question to the audience:

“If 0.1% of your customer base filed a Subject Access Request in the next 3 months, would you be ready to service them?”

Few in the audience raised their hand. It poses an interesting question: the focus on compliance is all-encompassing, but how will GDPR impact on internal business functions, and what is required?

The Single Customer View is crucial
Having your data in order is key. One single source of truth on customer interaction with the brand is not only crucial for fulfilling the legal requirements of GDPR, it’s also crucial for the customer experience, not only for personalised, omnichannel communications but also for seamless Subject Access Requests, for example.

The new value exchange
"We aren’t communicating the value of a customer’s data back to them well enough”. This was one of the key takeaways from Rosemary’s initial presentation at the beginning of the discussion. As Swantje points out, a good customer experience is not only a successful purchase, it also covers complaints and requests. Servicing a Subject Access Request effectively and completely is part of a new value exchange, one of transparency that delivers real value with an asset that has become more valuable than it has ever been: customer data.

Quality, not quantity
That value is increasing because databases will become smaller, at first. Having the right consent inevitably means databases will contract when deleting records you’re not sure on, but we’ve found working with our clients’ CRM programmes that 90% of the engagement (and therefore value) comes from the 20-30% of engaged customers.

In other words, losing records isn’t the end of the world. What recent examples have shown us, namely in the case of Wetherspoons, is that deleting even an entire customer base can actually be a better option in the long run: a chance to reset and build a fully compliant database.

But what is the right consent? ‘Legitimate interest’ is a term thrown around often, and until last week there was little guidance from the ICO on what constitutes legitmate interest and how it differs from full customer consent (for the latest guidance, see here).

The opportunity in GDPR
GDPR does not have to be a threat to the relationships you have with consumers. In fact, it’s actually of benefit to brands today operating in a digital world without a clear view on customer engagement with them. GDPR asks you to look at your customer database, strip out anything of little or no value, and emerge with a leaner, but better engaged, customer base. You then have the opportunity to communicate with a much more valuable dataset, and the challenge then moves from compliance to communicating the value of that data back to your customers.

The good news is, there will be life after compliance. 


Will Lowe, CEO, Fuel