The deadline for compliance with the GDPR is May 25, 2018, but the preparations of many B2B marketers range from nonchalant to indifferent. In our research interviews and inquiries about the GDPR, we find that many B2B marketers don’t think the regulation is a relevant concern because they think the GDPR doesn’t apply to business marketers; others believe the data they collect and process isn’t in scope.
B2B Marketers Are Underestimating And Unprepared For The GDPR
In fact, the common practices of digital marketing make B2B marketers data controllers and data processors under the GDPR. But even with the potential risk of business-crippling fines, many B2B marketers are unprepared. In Forrester’s Q1 2018 Global B2B Marketing GDPR Impact Online Survey, only 15% of respondents stated they were fully compliant with the requirements of the GDPR. The majority are only partially ready, and 18% are still considering what to do. To avoid financial and brand detriment, B2B marketers need to embrace the coming change and rework their engagement strategies for a new era of privacy and consent. In Forrester’s new report, “The GDPR And The B2B Marketer” we present an overview of the key elements of the GDPR and explore the implications for B2B marketers. Some highlights:
- B2B marketers are taking a backseat in GDPR preparedness. The GDPR is a broad regulation which makes many enterprise-level data governance and security demands that fall outside the remit of the B2B marketer –such as the requirement to appoint a Data Protection Officer – and covers the personal data captured and processed in non-marketing systems. Because of the enterprise implications, it’s not surprising that the majority of the B2B marketers we surveyed described their role in GDPR compliance as implementing the requirements as interpreted by legal, privacy, or security teams. Only 20% of respondents described their marketing team as leading the GDPR preparation process.
- But, they should be a strong voice in the chorus. The GDPR is a comprehensive piece of legislation. But even at 261 pages long, with 99 articles, the GDPR documentation doesn’t provide a lot of specificity about exactly what B2B marketers need to do to be compliant. In practice this renders the GDPR more flexible than traditional “command and control” frameworks. In the face of this ambiguity, security, risk and legal professionals will tend to err on the side of caution – perhaps putting marketing program effectiveness at risk. In short, it is possible to ‘over-comply’ with the regulations. But, 56% of respondents in our GDPR survey told us their legal, privacy, and security teams have interpreted the GDPR requirements and marketing will simply implement them.
- Compliance is not a DIY endeavor. The law is often ambiguous and the degree to which it will be enforced is yet to be seen, but the cost of non-compliance is severe and B2B marketers must be aware and prepare. But, the legislation is complicated, and the penalties are real, so make legal counsel part of your GDPR tiger team.
Embrace GDPR As A Waypoint On The Path To Customer-obsessed Marketing.
While many companies are still coming to terms with the necessity of the GDPR, firms in the vanguard are viewing the regulation as an opportunity to improve their data governance and adapt to the demands of their customers. These B2B marketers are moving beyond the fear and confusion phase of GDPR compliance and rocketing toward the benefits of GDPR compliance.
- Governance of the marketing data base just shifted from tactical to strategic. Having a budget for GDPR readiness is a dimension of GDPR compliance. All of a sudden B2B marketers have the resources (dollars and real support from our BT compatriots) to clean up the legacy train wreck that is B2B marketing data quality.
- Consent gets us closer to engagement marketing. Under the GDPR individuals will need to opt in to your marketing, and you’ll need to be able to prove they have done so. What sounds like a burden is an opportunity. Marketers will have a real mandate to execute true permission-based marketing and reach out, engage and communicate with customers and prospects who are legitimately interested in our messages.
- A culture of privacy becomes the norm. As GDPR compliance is a company-wide initiative, preparation needs to traverse the entire organization. GDPR compliance is a shared responsibility that isn’t specific to security, marketing, or IT. All the processes and systems can’t stop a human error – you need to build a culture of privacy,
The GDPR is not the end of marketing as we know it, dream of it or envisage it. The GDPR isn’t designed to put anyone out of business – either directly or through collateral damage. But, in its zeal to protect the individual, the legislation is challenging marketers to review their data collection and use practices. Thus the GDPR will, for many, be the end of marketing as we practice it. And, that’s a good thing. B2B marketers need to embrace the GDPR (especially as they have no choice). Seize the opportunity to master customer data. And view GDPR as an opportunity to raise the standard on quality engagement