A little over a year ago, the European Commission proposed a
change to the EU data protection law, its first overhaul since
implementation in 1995. The new draft seeks to introduce a single
set of rules on data protection, valid across the EU, which give
individuals more rights regarding the way their data is
processed. For example, under the new proposals, consumers will
have a “right to be forgotten”; giving them powers to
delete their data if there are “no legitimate grounds for
retaining it”. This data can include anything from an
individual’s name and email address, to bank details, to past
purchase history or even posts on social networks.
Since the first draft was published, the Commission says it has
made “headway” and that negotiations on the new rules
are “progressing at full speed”. On 8th January 2013,
for example, the European Commission received the support for
strong EU data protection rules expressed in the draft reports by
the European Parliament. What has emerged from these reports so
far is that some members of the European Parliament, like
Germany’s Jan Philipp Albrecht, are proposing even more stringent
privacy restrictions.
Among other points, the Albrecht proposal refers to
“profiling”, which is covered by the original draft
but not defined. Albrecht defines profiling as “any form of
automated processing of personal data intended to evaluate
certain personal aspects relating to a natural person or to
analyse or predict in particular that natural person’s
performance at work, economic situation, location, health,
personal preferences, reliability or behaviour”. In other
words, any automated data that can be used to garner behavioural
insight on a person. Or even more bluntly-any form of customer
segmentation or analysis. If Albrecht’s proposals are voted
through, “nonessential” profiling will become
unlawful.
“The concept of ‘profiling’ has been drawn so broadly in
this draft legislation that if the regulation were enacted
without further amendment, it would not be possible to maintain
current standards of data accuracy and hygiene,” says Nigel
Swabey, chief executive of multititle catalogue group Scotts & Co
and president of CatEx Direct Commerce Association. According to
Swabey, this EU regulation will impede cataloguers from
suppressing unwanted mailings, will make it impossible to target
those who wish to receive catalogues with any degree of accuracy,
and “will strip away our ability to ensure that our
mailings are relevant to the individual”.
The Direct Marketing Association (DMA) has also raised concerns
that the latest changes to EU proposals on consumer data
protection reforms are “far worse for UK businesses”
than originally feared. According to the DMA, Albrecht’s
amendments to clauses such as those regarding the definition of
personal data, limitations on customer profiling, consent to
direct marketing and the so-called “right to be
forgotten” will severely infringe the right of businesses
to use data to market their goods and services to consumers. This
would have an immediate knock-on effect for businesses; recent
research published by the DMA revealed that UK businesses
invested £14.2 billion in data-driven marketing in 2012,
which generated 23 percent of their total sales.
“The main thrust here seems to be to protect individuals
online,” says Swabey, in a nod to the Commission’s
statement that its new laws are intended to instil confidence in
the online collection of data.
“No one seems to have considered the impact of these
sweeping new rules on other channels. Physical retailing and
catalogue marketing are four times as important as online
marketing for a company like ours. Will our retail staff not be
able to greet and welcome a returning customer to one of our
stores, for fear that the customer may not have given permission
for their name and address to be stored?”
Swabey says it seems “a terrible shame” that all the
progress cataloguers have made, through the use of data
cooperatives, list brokers, suppression files and data mining to
refine selection techniques and ensure minimum wastage and
inconvenience to customers will be swept away. “Worse
still, it seems likely that this poorly drafted piece of European
legislation has been proposed simply because the Commissioner’s
office has been ‘spooked’ by the latest online remarketing
techniques,” he adds.
“Severe threat” to the survival of the sector
The DMA, which represents the UK’s multibillion-pound direct
marketing industry, fears that EU lawmakers have failed to
address the sector’s concerns on the original proposals as they
have yet to strike the appropriate balance between protecting
consumer rights to data privacy and the legitimate interests of
business. Commenting on the European Parliament’s draft report,
Caroline Roberts, director of public affairs of the DMA, said in
a statement, “The original draft of the regulation posed a
severe threat to the viability of UK businesses that depend on
direct marketing to drive sales. These amendments are even worse
for UK businesses. The proposed legislation is overly strict and
unworkable. It will stifle innovation, add considerable cost to
business and place unnecessary obstacles to eCommerce jobs and
growth.”
In response, Swabey says that it’s not just eCommerce that will
be affected, “What [the Commission] doesn’t seem to
recognise is that the majority of all direct retailing is
conducted through offline channels. These channels will be
severely impacted by the legislation, despite there being no
significant history of personal data abuse in our
sector.”
These proposals will lead to a “dumbing down” of
current data practice says Swabey, which will inevitably damage
catalogue retailing in the UK, add significant costs and
“could wipe out the database marketing industry
entirely”. Further, he adds, “it is likely to
encourage financial inducements for data release, and
inappropriate ‘bundling’ of permissions. Why do EU legislators
need to regulate catalogue retailers at all, when there is no
evidence of a problem in our sector”.
The need for protection of consumers’ personal data is
undeniable, but the amendments currently discussed seem
disproportionate in their disruptive effect. The initial
priority, advises Swabey, is to
write to all local MEPs and voice concerns about the damaging
effect of these proposals. Time, however, is running out. A
European Parliament vote is expected at the end of April, with
the Irish presidency of the EU aiming to achieve a political
agreement on the data protection reform by the end of its term,
in June 2013.
Share