GDPR: The great data privacy panic

If you are like me, the last week has provided a great chance to have a GDPR spring clean of your email inbox.

Dozens of emails have arrived with increasingly frantic messages asking me to opt in to keep in touch once the General Data Protection Regulation comes into force.

With an evil cackle, I simply delete them – and that means I should be getting far fewer emails from now on. I imagine plenty of big organisations will see their mailing lists decimated. And it is hard to feel sorry for them.

Just on Thursday morning, I received the “please stay” email from the venture capital firm Balderton and from the telecoms consultancy Analysys Mason, who I suppose must have had expensive legal advice that this was the safe route to take.

But the concern is that thousands of small companies will feel obliged to follow their lead – and risk losing contact with customers who could be vital to their future.

The problem is that it is not clear that companies really need to send out a “click here or disappear” email, rather than the less radical approach of outlining their privacy policy and giving recipients the opportunity to unsubscribe from the mailing list.

Lawyer Candace Kendall, who has spent 20 years advising clients on data protection, says too many companies are over-reacting.

“Check your lists – yes. Update your policy – yes. Email your list to tell them you’ve done that – possibly. Panic and say, ‘Unless you respond by midnight on Thursday, we’ll delete you,’ – get in the sea with that,” she tweeted, mocking the idea.

Ms Kendall told me that she was exasperated by what she regarded as misleading advice.

For one thing, consent was only one of the grounds on which companies had the right to process data, she said.


Leave a comment

one × two =

Discuss Your Project

Discuss Your Project