Thor_Deichmann / Pixabay

Remember the Millennium Bug? Computers (and ‘anything with a microchip’) were reportedly set to shut down across the world because their internal clocks wouldn’t recognise the year 2000 and would reset back to 1900.

What we remember most about the Millennium was the media hysteria and panic. Headlines claimed the economy would crumble because of outdated computer systems. Some companies saw it as a sales opportunity to sell ‘futureproofed computers’ which were quickly snapped up. On The Simpsons, even Homer’s carton of milk exploded shortly after midnight on New Year’s Day.

Now in reality, the Millennium came and went with very little of note happening. The hysteria died down, the Government-supported Action 2000 campaign disbanded, some felt a bit red-faced and everyone carried on as normal.

While hindsight is a wonderful thing, foresight’s pretty fantastic too. While the Millennium panic was nowhere near proportional to the effects of Y2K, at least awareness was raised and plans were put in place to counter potential problems.

The EU’s General Data Protection Regulation (GDPR) is coming into force on 25 May 2018, and this too may shake businesses to the core and change the way they operate forever. Isn’t a good idea then to think about putting some pre-emptive measures in place now?

Looking around, many businesses haven’t quite grasped the significance of GDPR, believing it to be a threat as powderpuff to their business as the Millennium bug turned out to be. This definitely isn’t the case, by the way. With media panic starting to rise about the impending legislation, history feels like it’s repeating itself, and not in a good way.

GDPR is a hugely complex problem facing all UK businesses

There are only eight months left to become GDPR compliant, and the legislation is far trickier to understand than a computer calendar going a bit haywire. Companies are going to have to seriously tighten up how they collect, process and handle sensitive customer data, else they could be hit with a fine of €20m or 4% of their global annual turnover.

Customers across the world will have more power than ever over how their data is handled by companies. An article on The Register outlines it best, highlighting that at the very tip of the iceberg, businesses will have to examine the Personally Identifiable Information (PII) they hold about people. They’ll need to consider its legitimacy, and how it’s recorded, processed, controlled and stored.

Suddenly the Millennium bug looks positively inviting in comparison, at least for unprepared companies. The vast majority of the UK’s 6,000+ call centres look likely to be hardest hit; it wouldn’t be wise to continue to buy unfettered data lists to reach out to leads, especially when consumers will have a ‘right to erasure’ in regards to the data held about them.

Opt out means opt out

The most innocent-looking breaches are likely to attract the heaviest fines, too. Moneysupermarket was recently fined £80,000 for sending 7 million emails across 10 days to people who had used their service, letting them know the company was updating its terms and conditions.

However, emails were sent to people who had opted out of receiving direct marketing emails. On top of this, the email, included a call to action guiding people to sign up for direct marketing – after they had already opted out.

Looks pretty innocent, right? It was just a simple email about a company update, nothing to get worked up about. It can just be ignored and deleted. They didn’t have to sign up, it was just a suggestion…

This was not the case, according to the ICO (which has the power to levy GDPR fines). Out meant out, and customer confidence was breached in regards to the way their data was handled. ICO fined Moneysupermarket a hefty sum; but if the crime was committed under GDPR, the fine would likely have run into tens of millions of pounds.

Why is GDPR still an iceberg drifting toward so many small ships?

A recent survey of small businesses by challenger bank Aldermore found that two out of five small- and medium-sized businesses in London have never heard of GDPR, with 420,000 bosses totally clueless about reporting data breaches and the right to be forgotten. Two-thirds of those surveyed have also suffered breaches of information, making them ripe for fines. When it came to the crunch, only 7% said they fully understood what GDPR meant for them.

So why are companies so blissfully ignorant about GDPR, especially when time is so tight to implement the necessary measures? There are a number of factors at play here, including a general lack of awareness (there’s nothing really out there on the scale of Action 2000) while some of the blame lies squarely on that ol’ devil called Brexit.

A lot of business owners and managers are under the impression that Brexit means GDPR won’t have any effect on the UK. That couldn’t be further from the truth; GDPR will come into play while the UK is still negotiating its EU exit. Even then, a mirror bill is currently working its way through parliament to make sure the UK complies with GDPR’s demands for future trade.

Everything that’s been mentioned so far here is just a small scratch on the GDPR surface. Everyone has to comply; there will be very few exemptions (if any at all). What’s more, it’s not a one-off problem like the Millennium bug.

What’s the absolute best way, then, to comply with GDPR without massively disrupting the way your business operates?

We strongly believe the answer lies in an inbound approach to data collection, and that inbound marketing can help companies get compliant and up to speed with the GDPR process. Not only that, an inbound approach to marketing and data collection can also be a hugely effective way to futureproof your business against any other upcoming changes to data laws, all while building stronger relationships with existing and potential customers.

The many ways inbound can futureproof you against GDPR

GDPR can look pretty unwieldly and tricky to make sense of. That’s understandable, but it’s also not something to be frightened of. The core purpose of GDPR is to give consumers more power than ever before over their own data.

By adopting an inbound approach to your business, you can encourage targeted online traffic to discover your online presence naturally and leave their data with you in transparent, ethical ways.

Working on your data collection policy and making it easier to understand in regards to how you collect, manage, store and share data can actually help to improve the quality of data you collect. People who find your business through inbound marketing are likely to be in market, actively looking for a service like yours. By refining your content, having an easy-to-digest data policy and being honest about why you’re collecting data, you can actually generate leads who are happy to leave you certain information in return for incentives.

Businesses that collect and handle large volumes of data can also make use of inbound marketing automation to better segment and interact with leads. Good automation software will transparently collect specific data sets from consumers when they perform a certain action on your site. This means you can get in touch with people at times most suitable to them, helping to build stronger relationships and avoid nightmare Moneysupermarket scenarios.

Finally, a strong social media presence can make potential customers aware of how you collect and store data, whilst communication channels can be opened almost instantly with people who want to have their data removed from your systems. Again, this is something that inbound marketing automation can be highly effective at helping with.

In conclusion…

It’s just not worth collecting any old data, especially once GDPR is in place and penalties are applied. For businesses looking to grow and build strong long-term customer relationships, putting some budget into inbound marketing campaigns can target people who will likely be receptive to leaving their data with you, thanks to the high relevance of the services you offer.

Futureproof your business against GDPR and other changes to data legislation, with a creative and transparent inbound marketing campaign that generates quality leads and respects your customers.