CRM vs Spam transcript
Transcription from podcast
| Topic: |
Partner Nick Graham talks about spam and direct marketing |
| Speakers: |
Nick Graham, Partner, Denton Wilde Sapte LLP |
|
Kate Bulkley, Media & Telecommunications Journalist |
Kate – Hello. I'm Kate Bulkley. I'm an independent journalist and I'm here with Nick Graham. He's a partner at Denton Wilde Sapte and we are doing this podcast about spam and direct marketing.
Kate – Nick, spam obviously is one of these things that all of us probably hate. I know that I don't like it. The EU has recently changed it's rules regarding spam. This whole idea of opting in before someone can actually send a marketing message to you. Does this mean that spam is dead?
Nick – I don't think it does. I mean I think the practical, probably the origin of the rules, was very much to deal with the problem that your inbox was getting filled up. If you go back to the late 90's early 2000's, peoples inboxes were filling up with spam, peddling illegal dubious products from offshore locations and people were thinking - how do we deal with this? And actually what was interesting about it was that at the time, we had a sort of a patchwork quilt of rules across the EU. Some member states were saying lets have opt in i.e. you've got to have consent in order to send any email marketing material and other states, like the UK, were working on an opt out basis and that means that if you're a US or a UK company sending marketing materials across Europe, you had to deal with opt in and opt out. So it wasn't a very harmonised approach, which actually is part of the reason for having the rules in the first place.
Kate – So the rules have harmonised things.
Nick – So, the theory is, that the rules have harmonised.
Kate – But it hasn't gotten rid of spam.
Nick –That's right. What's actually quite interesting about it though is you probably noticed that the spam filling up your inbox is a lot less now then it would have been five or six years ago. I guess that what's happened is, not that the rules have stopped the spam, but that technology has caught up with the spam, because what's actually happening is a lot businesses are using spam filtering software these days.
Kate – There's a lot of that about actually and does it work?
Nick – In practice yes it does, it's certainly not a watertight solution, we've got spam filtering software at the firm, most large businesses use it and personal email accounts are also, you can also buy your own spam filtering software and it certainly reduces the amount of spam coming through.
Kate - So if you are a direct marketer and you obviously have a message you want to get out to people, these new rules are basically stopping you from doing that. What are they doing about it? I mean what's this going to do to the direct marketing business?
Nick - In essence, it's not so much that they're stopping you doing it, what they are doing is regulating the way in which you communicate with your customers and the key point really is that you need the consent of the customer in order to send direct marketing materials by email. Now direct marketing is defined in the legislation very broadly. So, any email promoting any product, any email that even could be viewed as a kind of a service telling you about new products, updating you on new developments, updates to software that might be available, it's all promotional materials, it's all direct marketing and basically the rule is that consent is required in order to send that marketing message.
Kate - You talked about filtering and how it really does work actually quite well, but isn’t there a legal issue around employee monitoring and privacy issues, I mean isn’t that a problem with filtering technology?
Nick- It's certainly a practical issue in that the way in which spam filtering works is that you basically get a piece of software that monitors, actually reads, incoming emails and in certain circumstances maybe there may even be individuals within an organisation who then check emails that the spam filtering software has identified and so what's really happening is that your, emails coming into you as an individual within the organisation are being monitored by the organisation. The way this is addresses is to ensure that there is an e-mail policy put in place within the organisation so that everybody in the organisation is aware of the fact that their e-mails can be monitored. The purpose which is to identify inappropriate use of the systems, inappropriate use of the servers and to just to essentially assure that everybody is aware of that.
Kate – I mean it's going to become it seems to me more and more important, if you look at what’s happened to HP recently with this case of monitoring employee emails without their permission. I mean it seems like this is a just a Dragon's Den, so to speak, of problems.
Nick – It is and I think it's interesting because, if you want to monitor employees, then you've got to put protections in place, you've got to make sure that that monitoring is proportionate and essentially fair and that you have been transparent. It's a reason to think carefully about what you are trying to achieve at the outset and making sure that you've got those policies in place to ensure that if and when you need to monitor, you're not going to trip up over the fact that the policies aren't in place at the outset.
Kate - It seems to me there are also uncertainties when you buy a business in whatever country in Europe, that one of it's main assets, maybe it's customer database, how do you actually use that?
Nick – I think it’s a really big issue actually because if you think about the reasons why one company may buy another, the customer database is often one of the key assets, I mean they don’t buy the company for the old servers and the networks these days. They buy them for the know how and for the relationship with, X million customers and where there's an existing relationship with those customers, so it is a huge issue. In the UK, the position has been somewhat unclear although there has been some guidance actually published this year which basically says that the buyer will inherit the consents already in place, but where those consents have been obtained by the seller. So to some extent you step into the shoes of the seller. The one problem is that the rules don't necessarily apply to email marketing because, you've got to have the consent of the individual to market, that consent, at least according to the letter of the law, cannot be assigned and so there's a legal problem having bought a business, even though consents have been obtained in the past for email marketing, in actually using those in the future it's clearly not an attractive business situation to be in to have that sort of level greyness, if you like, that sort of risk lying around.
Kate – Yes, it also lowers the valuation for the business.
Nick – Absolutely.
Kate – That you're trying to sell, if one of your main assets is your database.
Nick - Absolutely, correct. I mean the other point you make Kate about buying data from different counties, I mean it is a practical difficulty and you would have to look at the guidance and the rules applicable in France, Germany or wherever the business is, wherever the business you're buying is located because the rules and I guess, in particular, the views the sort of approach taken by the local regulator may vary because, of course, data protection, theoretically it's harmonised, but we have different legislation in place in different countries and different regulators will take a different approach. Regulators in Spain for example, the Data Protection regulator, is actually finances by the fines they impose and in this country that seems quite unusual, in Spain that's quite normal, but obviously there's a built in incentive to take a keen interest in compliance of the legislation.
Kate – Hmm..
Nick – And perhaps impose a few fines now and again.
Kate – Ahh yes.
Kate – There's an interesting, there's a separate opt out position that's applicable to telemarketing and marketing by fax that's in the UK.
Nick – Yes.
Kate – You know, why has that actually, sort of, worked in the UK and maybe hasn't been ruled out in other countries?
Nick – I think because in this country we have probably more marketing going on, more direct marketing. It's actually a more developed market and so there's probably been more telemarketing here then there has been in other member states. There's probably been more fax marketing that happened well before email marketing got off the ground and people got very annoyed with receiving calls at home and faxes and so on, especially when you are paying for the paper on the fax machine.
Kate - Right.
Nick – But it has worked very well here because we've got these opt out registers, so if you are receiving telephone, telemarketing calls and you want opt out, you can register on what's called the Telephone Preference Service as an individual and from the business perspective if you want to do telemarketing you simply clean your list against this central opt out register.
Kate - Are other countries going to do it or not?
Nick - They are. There are equivalent opt out lists in other countries and there's an email preference service in the States but again its interesting. Its kind of done very much on a state by state basis, which still means from a business perspective, if you want to conduct a marketing campaign across Europe, you can't do it on a sort of pan European basis. You have got to actually think about the rules in place in each of these individual member states.
Kate - One of the things I wanted to ask you about is we seem to be moving as you said before towards a more permission based model, right? Which basically means we are going to need more consent or possibly more complex consent from people before we send them stuff. Yet, on the other side of it, I mean there seems to be some innovations in the Internet space that are maybe making it easier. For example, I'm thinking of this "click to call" innovation that I think Yahoo is using some of it and some of the other websites. So you actually, it's permission because you are actually clicking and asking someone to send you something that sounds like an opt in.
Nick - Absolutely, yes. I think it’s a good point because I think actually although, we had the problem with spam, we've solved it because, in a sense the Internet in some ways has caused the problem, or permitted all this marketing to go on, but the Internet is the classic mechanism by which to collect consents to solve the problem in the first place, and also actually from the business perspective, to generate if you like an audit trail or a record of the fact that consents have been obtained properly and if the systems are in place to ensure that that is the case then, from a regulatory perspective, you're actually in quite a watertight position.
Kate – Hmm.
Nick – But there's no doubt that as you collect customer information, the business will want to make sure that the consents have been obtained and it may be collecting consents in a nice little click stream on a website or it may be putting the same wording into a call script if you're collecting data through a call centre and to the extent hard copy documents are used, application forms and the like to actually collect customer data then, well it’s a good old fashioned data protection wording at the bottom of the application form.
Kate - So it sounds like direct marketing has some, what I would say, some hurdles to get over because of some of these new rules, but it's certainly not dead, by any stretch of the imagination.
Nick – No, absolutely not and, I suppose if you ask the data protection regulators, they would say all of these rules are basically a good thing because really you ought to be collecting the customer's consent anyway, in order to properly target information at the right customers. It's common sense to collect consents but you can't at the same time get over the fact that there is a certain amount of process that's needed before you can, press the button on the marketing campaign. There are some limitations if you haven't got those consents in place and one of the examples as you mentioned earlier is the particular issue that if you are acquiring data collected by other companies and obviously you are then beholden to the way and the process that they've used to collect that data and that can impose restrictions.
Kate - So, from a legal perspective, you would say to companies that are working in this space "get your consents early and often".
Nick – Absolutely, yes, consents early and often and also I suppose it’s a question of striking a balance between keeping them broad enough to give yourself the flexibility so that no matter what kind of marketing, what kind of products you might want to market, what kind of business or group you find yourself as part of in two or three years time, ideally, the consents will not need refreshed, because one of the fundamental problems or one of the fundamental I guess points about getting consent is, once you've got it. It's very difficult to go back to the customer and refresh that consent. In theory you can do it, but in reality the response rates are pretty low and so, you know, you have a perfect opportunity at the start of the relationship to obtain the scope of consent that you want to permit marketing, promoting the products of third parties, sharing the data amongst carefully chosen business partners to use the, you know, the usual wording, but, you know, once the, once the train has left the station, you know, you want to be on it, you don't want to be still on the platform.
Kate - Thank you very much Nick.
Nick – Thank you.
This is a technology media and telecoms download from Denton Wilde Sapte.