GDPR: One month on

June 27, 2018
By Matt Skinner

GDPR is over! Hooray! So, we can all relax now, right? Crack out the beers and enjoy a life of silent inboxes, clean marketing lists and no more opt-in emails!

Not quite. GDPR is far from over.

We’ve spent so much time preparing for compliance that many of us have ignored what happens next. And the way we, the marketing industry, has prepared for and faced GDPR compliance has made that job much more difficult.

It’s no surprise to those of us in agencies, but some of you client side might be amazed at the number of companies – regardless of size – that right up until May 24th were still resorting to list purchases and email blasts as their primary method of reaching a wide audience; the old ‘throw shit and see if it sticks’ approach to digital marketing that made GDPR compliance such an issue in the first place.

Perhaps the most worrying thing about the last few months has been, now that this tactic is no longer an option, is the lack of planning for what happens next. Sure, everything seems quiet now, but the real impact of this won’t be felt until diminishing pipelines force teams to look at alternative channels to fill the gaps. 

I’ve seen evidence of databases losing up to 95% of their users post-GDPR. It’s mind numbing that when asked the direct question “Do you want to receive emails from us?” only 5% of the users we are sending emails to have said ‘yes’.

Email marketing has been broken for a very long time and GDPR is the wake-up call we digital marketers needed.

I’ve said this in a previous article  – we digital marketers celebrate 20% open rates. 

Let’s just think about that for a second. Only 2 out of 10 people we're sending emails to want to read them. 2 OUT OF 10. Would any of us in the marketing and advertising industry promote anything by saying "2 out of 10 people approve of this service?” We'd be out of a job if we did! But we continue to pat ourselves on the back, safe in the knowledge that ‘it’s an industry standard’

The way GDPR compliance was prepared for and executed was, on the whole, a very public embarrassment for the entire industry, meaning the email marketing lists we do have post-GDPR are, in the short term at least, next to useless. 

A short-sighted, lazy exercise in (literally) ticking boxes, GDPR compliance campaigns have demonstrated a complete disconnect between marketers and customers.

Email marketing is a now a punchline, with streams of articles in major mainstream news sources discussing the many memes, tweets and complaints about the ironic deluge of ‘We respect your privacy’ emails.

Example One

Example Two

Example Three

People are laughing at us.

Those using the ‘legitimate interest’ argument to continue mailing to databases have also missed the point; it doesn't matter if you continue to email people under what is, essentially, a loophole; the public perception of mass email communication has changed.

It’s highly unlikely that you have a database of people saying "I’m receiving this because the data controller is using the legitimate interest grounds as described in Article 6.1 (f) of the General Data Protection Regulation”. It's more likely you have a database of irritated, confused customers and prospects, angrily posting screenshots on Twitter with the comment “I thought GDPR meant less spam?”

But email is not dead. The fundamentals of why we use email marketing have not changed. It remains a cost-effective, bottom-of-the-funnel communication tool to keep prospects and customers engaged and updated with products and services.

But we desperately need to rebuild its reputation and value by drastically rethinking how we use it.


Over the next few weeks, I’ll be discussing ways in which the industry may change in light of GDPR, where we take email next, and how you can still utilise a database for maximum returns.

You can keep up with Matt and all things GDPR  by following him on either Twitter or LinkedIn.