The effort to protect individuals’ information began way back in 1981 when the Council of Europe Convention 108 voted to make it a priority. Fast forward to 2016, and the General Data Protection Regulation (GDPR) was approved by the EU to bring the concept into the modern era.
Even though the UK voted to exit the union, it’s been made clear that the UK intends to follow the GDPR. It sets the highest standards for protection and gives control to the individual over how you use their data. It’s set to take effect in May 2018.
In preparation, the Information Commissioner’s Office (ICO) has started publishing guidance on how businesses and organisations will be impacted. If you’re using SMS messaging, you’re already aware that you need permission before contacting anyone. One of the major aspects of the GDPR is the changes for obtaining consent.
Right now, there are two different opt-in options: soft and hard. It appears that the soft opt-in may not be allowed and there are additional requirements for hard opt in. Here are some of the highlights from the ICO documentation so far:
“Consent requires a positive opt-in. Don’t use pre-ticked boxes or any other method of consent by default.”
“Keep evidence of consent – who, when, how, and what you told people.”
These tie into the updated definition of consent shown here:
They sum it up as follows: “In essence, there is a greater emphasis in the GDPR on individuals having clear granular choices upfront and ongoing control over their consent. “
The Good News
The changes aren’t all bad news. It turns out that if you’re already complying well with the existing Data Protection Act, then you’re in good shape. That doesn’t mean you don’t need to take steps though.
The ICO released a twelve step checklist for organisations to use in the coming months to work towards compliance. The GDPR involves more than just consent and touches on all the gathering and processing of personal data.
Another potential positive side effect of the GDPR is that the more stringent opt-in requirements mean that you’ll have less “casual” people on your SMS lists. People need to be more deliberate in giving their permission, which means those that do may be more motivated to take action.
So whether you are running an SMS marketing list or a list for a non-profit, it means you’ll have more success. Your ROI, however you measure it, should improve.
The ICO is maintaining a webpage with links to their blog, events, and latest publications on the GDPR. You can check it for updates, or sign up for their newsletter.
Our account managers and support staff are also ready and able to address any questions about the changes too. Feel free to contact us via Live chat, email or phone.