It was entirely predictable. That's not to say that it's right, of course, but the news that nearly
one in
four companies are now dropping GDPR preparations is not entirely surprising. Less than half a week after Article 50 was triggered, it's not too surprising to see that companies are allowing
themselves to presume the new law is no more.
Information management company Crown Records surveyed IT decision makers -- it's not clear how many -- to gauge opinion from the tech and
information systems guys who are in charge of data protection projects. The truly worrisome statistic is that 24% have now stopped working on GDPR compliance. The reason is pretty obvious. Nearly one
in two of those surveyed -- 44% -- think that the legislation will not apply to them due to Brexit.
For those who share this opinion, it's time for a massive reality check. Even if the
UK and EU negotiators manage to pull a proverbial rabbit out of the hat and arrange a fit-for-purpose exit and trading agreement within the allotted two years -- and it's a big "if" -- the law will
have already been in place for the best part of a year.
Technically, it's already law -- but its massive fines (up to 4% of global turnover) don't swing into action until May 2018. By then the
EU negotiations will still have at least ten months to run.
So in the words of Clint Eastwood, "do you feel lucky, punk?" Do you really reckon that you can go ten months of being compliant and
not have a single complaint? Do you really reckon that the new arrangements will be in place by March 2019, or do you think there will be a transition period where the law will apply for even
longer?
More to the point -- and here's the really crucial observation -- the law will still apply to EU citizens data. Even if GDPR is repealed in the UK, the law will still apply to EU
citizens' data held by companies. So any business that deals outside of the UK would be absolutely crazy to stall plans to be compliant.
So companies that don't think GDPR applies to them
could get terrible wake-up call even if the law is eventually repealed.
Ultimately, it's a compliance pain, but in terms of email marketing it does at least ensure that you are only messaging
people that want to hear from you.
List sizes will almost certainly shrink, but that should help focus on building conversations with relevant people rather than those who no longer need to be
in touch, or can't remember ever having elected to do so.