• by Sean Hargrave , Staff Writer, November 9, 2016

The privacy screws are turning and we're still eighteen months away from the full introduction of GDPR. It was probably a safe assumption for email marketers to presume that not much was going to change in terms of data and privacy until May 2018 when the highly anticipated huge fines of the new EU law come into being. But this week we have already had the ICO taking on Facebook over its sharing of dating with WhatsApp as well as threatening company directors who transgress privacy laws with huge fine and, if the DMA were to get its way, custodial sentences. 

Now to be honest, the ICO is mainly thinking of spam texts and nuisance calls with its latest warning that it will back up fines with coming after directors of transgressing companies. The same applied to the DMA saying these people shouldn't be fined, they should be locked up. But email marketing has had a similar problem in the past and there is doubtless a tiny minority of operators, or individual brands, who are still guilty of spamming.

It brings to light, then, that in addition to the rhetoric, there is action coming soon. From spring 2017 on, the ICO has warned that it will not just fine companies but also their directors up to GBP500k. The move is designed to get around the problem of rogue company directors breaking the law and then simply shutting down a company once it attracts a fine. The very next day they can begin the process all over again under a different company name.

Despite the DMA and ICO probably still having nuisance calls and spam texts in mind, it really is worth remembering that any company that spuriously spams the masses without any concern for their inboxes will soon be breaking exactly the same laws and subject to the same personal treatment. 

Most email recipients have the benefit of a spam folder where the equivalent of nuisance calls and texts go and it only takes a single click to see how full the average junk folder is. From spring of next year on, it is not only the companies that send out these spam emails that will be in trouble but also their directors. 

Next spring we will still have a year to go until GDPR's huge fines swing into action, but we will already have a situation in the UK where those who transgress privacy and data laws are held personally responsible. The tide is turning in favour of protecting consumers -- and it's turning at least a year earlier than many people were previously thinking.