• by Sean Hargrave , Staff Writer, October 31, 2016

To be honest, news that the UK government will be implementing the Generate Data Protection Regulation (GDPR) when it comes into full effect in May 2018 is a rather obvious statement. London took part in the seemingly endless Brussels negotiations which led to the new regulations -- and let's not forget, they are already enshrined in UK law, although the big fines for transgressors are eighteen months away.

Another point worth mentioning is that the UK will almost certainly still be in the EU in May 2018. If Article 50 is triggered next spring, the likelihood is that the UK will not leave the EU until spring 2019, a full year after GDPR comes into full effect.

Nevertheless, British business, and their EU counterparts, have been in dire need of clarification since May of this year when GDPR moved from the translator's office to the statute book. It was, of course, just a month before the momentous referendum instructed the government to negotiate Britain's exit from the EU. The following four months, since that fateful and surprising news, have seen a kind of phony war on data privacy. Digital marketers pretty much expected the law to be implemented, as did their clients, but there was still a lingering doubt. It was probably a case of businesses hoping to avoid the expense of implementing GDPR and accept shorter (but better qualified) email lists.

However, today we absolutely have the final word on the matter. The Secretary of State for Culture, Media and Sport, Karen Bradley, told Parliament that the UK will still be in the EU in 2018 and that it naturally follows GDPR will come fully into effect in that year. After that, she said the government would look "at how best we might be able to help British business with data protection while maintaining high levels of protection for members of the public."

The important thing here is that the Information Commissioner, Elizabeth Denham, has immediately leaped on the news to assure British businesses that it will be working with the government to help guide companies through what the new law means to them and how they can become compliant. The ICO had come in for some muted criticism for not taking the front foot more forcibly on guiding agencies and clients on the full impact of GDPR. I made the point myself in a previous blog that it was rather odd the DMA was asking businesses how prepared they were for GDPR before the ICO had even told companies what they should be doing to be prepared. 

The smart people in the industry I had talked with had all agreed that the ICO was expected to give more clarification by the end of the year. Today appears to be a very clear signal that this process will now begin. There is no longer any doubt to hide behind or hedge bets around. GDPR will remain British law when it comes into effect fully in May 2018 and improved compliancy guidance is under development.

It will be a pain to implement -- there is no getting away from that -- and it will cut email lists down. However, taking a chance to ensure that audiences are engaged and actively want to listen to what you've got to say is surely no bad thing. Especially so in email marketing, where being ignored, deleted and left to languish in junk is a bad omen for the rest of your efforts.

It's best to pull the plaster off fast, feel the pain and then get on with engaging customers with a more personalised dialogue they will hopefully not want to switch off.