The first has been a general warning to all data owners that they are responsible for the security of all customer data and need to be able to demonstrate a duty of care. Being GDPR isn't a guarantee, but it does at least show a regulator you have taken not just permissioning but also the security of information seriously. The reminders came from the likes of the Information Commissioner's Office (ICO) in the wake of the ransomware attack on the NHS.
Far more specific to email marketing, and the all-important new permissioning regime that GDPR ushers in, we have the Conservative Party's manifesto. Let's be honest -- if the polls are to be believed, the current Prime Minister, Theresa May, will almost certainly be the next Prime Minster. That means her manifesto is a road map of the way ahead, and it was surprisingly attentive to the digital economy.
Not only have social media and messaging sites been threatened with fines for not towing the line in dealing with harmful content, such as hate speech and fake news, but they have also been threatened with a new levy to pay for undoing any malpractice and educating the public about the potential pitfalls in the content their users share.
Email marketers will have their attention caught by page 80 of the 88-page manifesto, which in a couple of very simple lines lays down that if elected, Theresa May's next government will pass a new data protection law that is fit for the digital economy. This is obviously framed, for the untrained eye, to look as if the government -- if still in place -- will be acting proactively when we all know this is a necessity through GDPR becoming law in a year's time no matter who is running the country.
What the line in the manifesto tells us chimes with what we all pretty much know already. That doesn't make it any less worth reminding ourselves of, however. The big lesson is simple. The GDPR will be law next May, and then when the UK negotiates its exit from the EU there will still be a new data protection law in place that, you can rest assured, will embody the provisions of the GDPR.
The wording in the manifesto could never say that we're going to carry on with EU laws for privacy. At a time of taking on Brussels and telling it we will make our own legislative way in the world, that would sound too weak. Far stronger to say you have recognized the need for a new data protection law to meet the demands of the 21st century and so on. Frame it as a positive step forward and you look far stronger.
It's unthinkable that the new law would not include the basic principles of explicit, free, informed opt-in permissions. Imagine the UK -- the centre of advertising and marketing in Europe -- not ensuring that agencies and brands respect EU citizens' rights so they can run cross-border campaigns. It would be digital marketing and advertising suicide.
So it shouldn't come as a huge surprise, but the message is clear. GDPR was always going to be the law next May, and it will likely stay in place -- even if it is given a new more British name to make it sound like the ideas came from London rather than Brussels.