Almost one-third (31%) of the UK's top companies are still not complying with the EU Directive on privacy and electronic communications more than 2 years after it became law in the UK, according to a study by data and marketing specialists CDMS.
The European legislation that governs all business-to-consumer e-mail communication says that companies may send unsolicited messages via e-mail to non-customers (i.e. those with whom they have no existing business relationship) only if they those consumers have actively opted-in to receive such messages.
Opting in the legal way
In practice, the legislation means that whenever a consumer's contact details are recorded (e.g. as part of a money-off promotion or a competition) they must also be asked if they want to receive subsequent messages from the company or third parties. The legislation also makes it clear that treating a consumer as having opted in until they actively opt out is not allowed. This principle also disallows the pre-ticking of opt in check-boxes, or any other method that places the responsibility for actively opting out on the consumer.
After a similar study in 2005, the latest CDMS study examined compliance amongst the top 200 companies across twelve main consumer sectors (banking, general insurance, credit card, building societies, publishing, broadcasting, retail, fixed and mobile telecoms, fmcg, utilities and travel). Companies in each sector were tested to see whether or not they offered non-customers the opportunity to actively opt-in to further marketing emails when their details were recorded as the result of a promotion or enquiry.
On average, 69% of the companies studied are compliant with the EU legislation, representing a very small improvement of 3 percentage points since 2005, despite the law having been in effect for almost three years.
According to Ian Hubbard of CDMS, "The marketing directors represented by this 69% have recognised and accommodated this restriction on e-marketing in Europe. Many of them put preparations in place that not only ensured immediate compliance from the legislative enforcement day of December 11th 2003, but also developed intelligent offline marketing initiatives (usually direct mail) to fill the gap which was seen to be left by the removal of this prospecting channel."
CDMS has noticed that such leaders now tend to focus their new customer acquisition activity through a combination of traditional media (for the first approach) and e-mail and web sites (as a response mechanism).
Brand damage ahead?
Companies that refuse to comply with the legislation - about which consumers are increasingly well informed - are putting their brands at risk by making it clear that they do not care about consumers' privacy. This lack of trust between the consumer and the potential supplier effectively places such companies into a broad category of junk e-mailers, spammers, and untrustworthy suppliers.
According to Hubbard, "Non-compliant companies urgently need to put processes in place to limit their current risk before they find themselves the subject of a highly public complaint or, worse still, a test case prosecution such as one successfully pursued by a Guernsey businessman at the end of 2006. In addition, there is a major clean-up job to be done on such companies' marketing databases."
The advice that CDMS offers the UK's remaining 31% of non-compliant marketers is to set up a permissions section in its contact database, and match this against commercially available opt-in databases to double check whether someone has given permission through another party to receive marketing e-mails within the same business sector.