Expert interview seriesThe joy of GDPR: 'consent' or 'legitimate interests'?

Now we’ve reached the phase of putting GDPR into action. From what I can see, the main consequence so far is an increased workload for marketers as they work to understand the policies their businesses have decided on. Usually, there are more questions than answers.   From the practical:  

“Do we really need to have their ‘consent’ every time we process a prospect’s data? What if I want to send printed dinner invitations to 30 key new business contacts?”

“If we’re not using ‘consent’, what do I need to do to follow the ‘legitimate interests’ rules? Do we need an assessment for every campaign? How do we inform people that we are using their data?”

  To the esoteric:  

“If I market to someone without their ‘consent’, am I a bad person?”

“If we don’t believe that marketing is a ‘legitimate interest’, is that like saying we don’t believe marketing is essential to growing the business?”

  To help frame the debate, we interviewed Duncan Smith, founder of iCompli Limited. The resulting four videos cover some key questions we’re hearing as marketing teams come to grips with the impact of their organizations’ GDPR policies.   Processing using “consent” versus “legitimate interests”   First, I wanted to share a couple of personal observations on this.  

  1. If you do not have the ability to process data under “legitimate interests” for your B2B marketing (without “consent”), then I believe in most cases that this will set your marketing effectiveness back a decade.
  2. At the same time, I believe that building an audience who have opted in to your communications is a good thing. But this “consent” doesn’t have to be the only basis for processing data—if your targeting and segmentation are up to scratch. Gathering consent from everyone who could truly benefit from your proposition is likely to mean a disproportionate effort.
  3. The guidance from the UK’s ICO is pretty black and white:

    B2B Marketing & GDPR part one: “Consent” versus “legitimate interests”   Clarifying that “consent” is not intrinsically better than “legitimate interests”. A good place to start if you’re wondering why your organization has chosen the “consent” or “legitimate interests” route (or a blend of the two) for processing data under GDPR.

  B2B Marketing & GDPR part two: “Legitimate interests”: Need to know An overview of the power that “legitimate interests” can have when used correctly as a basis for processing data under GDPR. And some considerations of what you may need to do to successfully establish this approach.  

  B2B Marketing & GDPR part three: Where “consent” falls short Let’s look at some challenges you may face if “consent” is the only route available to you for processing data under GDPR. This isn’t a debate about “bad” or “spray and pray” marketing versus “good” or “modern” marketing. It’s about applying the right approach to the right challenge.  

  B2B Marketing & GDPR part four: Examples in practice Let’s take some common examples, from researching prospect contacts through to executing campaigns. What are the considerations for applying “consent” or “legitimate interests” as the basis for processing data in these cases?  


By Paul Everett | June 13, 2018

Subscribe to TMP communications

We send out a monthly newsletter in which we share the very best in B2B thinking, and we also run biannual ‘S&M Forum’ events for knowledge-sharing, networking and cocktails. Interested? You can subscribe below for updates…

* These fields are required.