Rocking Data Protection All Over the World

When Europe’s General Data Protection Regulations (GDPR) arrived in 2018, some industry thought leaders (including yours truly!) foresaw a great opportunity for companies to build better relationships with prospects and customers. The thinking was GDPR would write many established best practices into law, and improved performance was therefore fait accompli. Higher quality data, stronger consent, and better setting of expectations would create increased trust and engagement – driving up ROI and CLV as a direct and positive outcome.

20 months later, we now have data to prove those thought leaders were spot on!

Join our live webinar, Privacy on a Global Scale, March 11.

The Privacy Playlist

It started with GDPR preparation. Marketo categorized companies’ approaches as “legal first” (do the bare minimum to achieve compliance) versus “marketing first” (embrace the new laws to build better customer relationships). The report showed 72% of businesses who exceed their organizational targets took a marketing first approach to GDPR.

Substantive proof has emerged in the Data and Marketing Association’s (DMA) 2020 Marketer Email tracker report. Over 70% of respondents reported significant uplifts in open rates, click-throughs, conversions, and return on investment (ROI). Negative metrics such as opt-outs and spam complaints have shown significant reductions.

Return Path from Validity’s Deliverability Benchmark report validated these observations. In the UK, inbox placement rates increased 5% year-over-year (from 84% to 89%), while France and Germany showed 2% and 4% uplifts respectively.

As a result, email ROI is now 15% higher than pre-GDPR (now £35.41) while Customer Lifetime Value (CLV) shows a similar increase (up 21%, now £34.56). Research from Litmus also shows an ROI gap has opened up between Europe and the US (49:1 versus 40:1) with the regulatory changes the main differentiator.

Other countries are currently gearing up for new data protection laws, with many directly influenced by GDPR. In the US, the California Consumer Privacy Act (CCPA) is a reality, while the New York Privacy Act is under consideration. In Brazil, the Lei Geral de Proteção de Dados Pessoais (LGPD) is less than six months away, while in Australia existing fines for Privacy Law breaches have been quadrupled, and new Consumer Data Rights legislation is now in progress.

Positive Beats

Based on Europe’s experience, our guidance is “Be positive!” It takes hard work to achieve compliance, but the end result is better performing data, stronger customer relationships, and higher ROI.

UK companies are recognizing this. In the DMA’s “Data Privacy: An Industry Perspective” report, respondents were asked about the shape of future data protection policy, and 59% said current regulations should be made even stricter!

They’re about to get their wish!

Many European’s mistakenly think GDPR is the only legislation governing personal data. In fact, all electronic communications (including email) are primarily covered by the ePrivacy Directive, which imposes higher duties of care on data controllers/processors than GDPR – especially when it comes to consent. The revised ePrivacy regulations (which should have aligned with GDPR) are now going through the EU parliament, and possible outcomes include: tighter regulations for B2B; limitation of soft opt-in to actual sales only; time-specific consent; and streamlining of cookie rules.

Striking a Familiar Chord

Britain’s exit from Europe (Brexit) also carries data protection implications – for both sides. It’s hoped that an adequacy agreement will be achieved, but if this fails industry codes of practice will become the next best option. In the UK, the Information Commissioner’s Office (ICO) is currently drafting a Direct Marketing Code (with input from the DMA). It draws mainly from GDPR and ePrivacy, but there are some eye-catching points, including the possibility of separate consent for profiling, segmentation, and analysis, as well as for tracking pixels.

As these new laws have been introduced, the headline stories have been the potential fines: €20M (GDPR); R$50M (LGPD); A$10M (Australia). CCPA’s $7,500 per violation looks like good value, although the law permits the CA Attorney General to bring civil actions in the name of the people of California.

Europe has already seen some high-profile cases. Cathay Pacific was fined £500,000 for failing to secure customers’ personal data. But many breaches have been lower profile. In Q3 ’18 the single biggest category of data breaches was “data incorrectly posted/faxed/emailed to incorrect recipient”… let’s be honest – that’s a pretty common mistake! There has definitely been increased consumer awareness of data rights, and the first quarter post-GDPR saw a 3X increase in complaints to the ICO.

Finding Harmony is Key

Ultimately it comes down to balance. The fines mean there are risks for getting data protection wrong, but as we have seen, there are significant upsides to getting it right. Around the world, companies should view their new laws as a great opportunity to create trust, build relationships – and boost their profit margins, too!

To learn more about privacy around the world, I invite you to join me on Wednesday, March 11, 1400 GMT / 10 AM ET for our webinar, Privacy on a Global Scale. Learn what’s new and what’s next for GDPR, CCPA, LGPD, Eprivacy… and Brexit. Register here.




minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time