The GDPR came into operation on 25th May 2018. However rather like the millennium bug in 2000 the world has continued to turn and the cynical might say that you are still not guaranteed to stop receiving unwanted marketing emails!
The good news is that most organisations appear to have taken a cautious and defensive approach towards obtaining consent to continue to email people on their mailing lists. Consent is not the only reason for being able to justify continuing to email people and using their details but it is the safest approach – hence the huge number of emails we have all received asking us to "opt in" to continue to be in contact with a huge number of organisations that we had forgotten we had any contact with!
Recent research suggests that most people are ignoring the vast majority of the requests to "opt in" although it still appears that a small minority of organisations are trying to rely on silence to be deemed as "opt in" which is in breach of one of the key aspects of the GDPR rules on consent. So the end result is likely to be a large amount of cleansing of information but are we still guaranteed to stop receiving unsolicited emails from organisations that have somehow picked up our details?
The knock-on effect is going to be potentially serious for many organisations and in particular smaller charities. In principle cleansing data will mean that organisations only have contact with people that are likely to want to use their services, buy a product or to donate money to charity. There is little point in having a large database of potential contacts that are not that interested in the organisation and have had no real contact with the organisation for many years before. It can though be a frightening exercise in cleansing the data down to a much smaller (and quality) audience. For smaller charities the process of becoming ready for GDPR and then continuing to maintain those standards can come at a high price. As the Information Commissioners Office says it is evolution rather than revolution and there needs to be an ongoing process including substantial training for all members of staff and trustees at charities after 25th May 2018. There is no "one size fits all" approach to GDPR compliance and the cost involved can be high for smaller charities. The cost of ignoring GDPR could be even higher in terms of loss of reputation and confidence in their organisation. The forward thinking organisations and charities are using this as an opportunity to not just cleanse their data but to use it as an opportunity to talk to the people that they continue to be on their "radar" and hopefully that will engender more trust and confidence. For small charities the hope is that in the long-term they will only be working with people and other organisations that are genuinely interested and may be prepared to make donations rather than wasting time on people that have no real connection to the charity at all.
GDPR is a work in progress and it will be interesting to see over the coming months and years how this develops. Hopefully it will mean the end of the "spam" emails that we have all been subjected to in the past.
Commentary by Neale Grearson, Head of Charities Department.
To find out more about the legal services we provide, or to book an appointment please contact us today on 01603 693500 or email us using the 'Make an enquiry' form. Appointments available at our Norwich, North Walsham, and Sheringham offices.
*This article is provided for general information purposes only and does not constitute legal advice or other professional advice.