Wednesday, 3 December 2014

Stop Decapitating the Good Guys Genghis

Don’t tell Nigel Farage but the EU might be about to do a good thing. They do that sometimes, just to lull us all into a false sense of security. In this instance, they are about to pass some new data marketing laws...possibly as soon as January but certainly within the next decade. You know how Brussels works right?

Data can be a bit dull to the uninitiated, until you stop and think about it. And changing marketing database’s from opt out to opt in is hardly Game of Thrones stuff, is it? Well, let me try to shine some light on the issue for you.

We get ‘junk’ mail, either through the good old post-box or via email, because we managed to let our name and address get on a list somewhere. You can do that in a bazillion something and fail to tick the right box, take part in a survey, have a baby.

Yes, that’s right, have a baby. Every new mother gets a visit from the Bounty rep after giving birth, in the hospital (or at least they used to, I have not been involved in baby production for fifteen years so I am taking the allegedly option here, the data collection process may have changed). The nice Bounty lady delivers a load of free stuff, and takes your name and address...and the direct marketing assault can begin.

Clever, aren’t they? Most people will never have realised that Bounty made a lot of money from their list sales, but to any company selling products needed by new parents or new born babies they are quite literally a goldmine. And unless you specifically opt out, you get the marketing assault.

But what if you had to specifically opt in?

At the moment, by the time you are a proper grown up, in your thirties say, you will appear on literally hundreds of direct marketing lists. Some are well run, properly sold and you can get off them if you try hard, and if you sign up for telephone preference services or mail preference services, you should not be contacted by anyone following the laws. And some aren’t.

The Information Commissioner, Chris Graham, and his Info Hordes (I like to think of him rather like Genghis Khan) fine people who ignore this sort of stuff, but he doesn’t catch everyone by any means. I am on the aforementioned preference services and I still get the chance to buy Viagra most days of the week (although we all get much less junk email now because ISP’s are getting better at preventing the real dross).

Opt In will decimate every decent list, because despite popular rumour, turkeys don’t vote for Christmas. Given the option whether to receive marketing messages or not, most of us will choose not. Not that there are many decent lists to be honest, but that is a whole different subject.

And what will that leave us with?

Well, at the top end, and this is a fair bit of volume driven by Charities, banks, insurance companies and the like, direct marketing will reduce. There will simply be less data available. And at the bottom end, where scant regard for the rules is paid, not much will change at all. The regulators will hurt the good guys and the bad guys will carry on regardless.

Which is the trouble with all regulations, says he, trying to get back on topic. Genghis Graham brings his mighty scimitar down on the guilty...and rightly so...but those who fall foul of the regulations and get caught are almost always the big boys. In data breach terms that means the major businesses who own up, because most of the people who get fined for losing data have followed the rules and ‘fessed’ up to their own disaster.

Smaller, less high profile businesses who screw up keep quiet and hope for the best. Or they break the rules deliberately to save money and they take the chance. Regulations won’t stop that sort of behaviour. 

Deterrents reduce ‘crime’ they do not eradicate it.

My own personal passion regarding data is more about education. We should all understand what our personal information means to us, and that it has value. Right from the time when a kid gets their first mobile phone or laptop they need to be taught what is going to happen when they sign up for anything, buy anything or do anything. In business, we need to understand best practise and be helped to do the right thing (and understand what the right thing is and why it is right) rather than threatened with a fate worse than death if we screw up.

In data marketing terms, there will always be marketing lists, so there should be a legitimate way to build them, but the regulators must also find a way to go after the cowboys in the black hats, not the ones in grey and white. In date security terms, we have to make it easier for people to do the right things, both in terms of cost and in terms of access to a reputable service.

Either that or we keep on fining big businesses who make mistakes and let all the real chancers carry on getting away with it.