Why Email Marketing would be Tougher in 2024

Why Email Marketing would be Tougher in 2024

The advent of privacy laws like GDPR means the laissez-faire days of email marketing are well and truly over. Email marketers should be prepared to handle the challenges of the coming decade.

Email marketing is like a cockroach. Everyone used to believe it’s like a dinosaur that would go extinct as consumers started using newer handheld gadgets. But like a cockroach, email marketing has weathered the innovative storms and continues to be highly relevant.

That is not to say that the practice has remained unchanged since email first became a thing in the nineties. Spam filters were a major blow to some forms of email marketing. But there’s an even bigger hurdle that has popped up in recent years: privacy concerns.

A number of shocking data breach scandals marked the last couple of years. On top of the list is Cambridge Analytica. The company had a Facebook app that harvested data from millions of accounts, including non-user accounts.

You may wonder how all this plays into email marketing. Following the many data breach scandals of recent years, regulatory authorities have tightened compliance requirements. Email marketers are now facing a new set of rules to play by.

While email marketing remains as popular as ever, continuing with the practice in the coming years would be challenging. Read below to learn more about the unique issues email marketers would soon face and how to possibly overcome them:

email marketing

1. Data Aggregation Creates Big Problems for Email Marketing

The drip, drip of privacy scandals facing IT giants like Facebook has upended the digital marketing world. Consumer and regulatory concerns boil down to two major factors here:

  • Data collection practices
  • Protection of collected data

One of the hardest aspects of email marketing has been collecting contact information of people. In the past, you may have been able to purchase email lists from so-called data brokers. This is the exact type of practice that has come under regulatory scrutiny.

On top of that, marketers and businesses have to worry about how collected data is stored. Consumers might become miffed that a business paid money for their email address. Consumers would certainly become furious to learn that the purchased email address is now in the hands of hackers.

The privacy concerns are not strictly related to email marketing per se. Rather, email gets dragged into controversies surrounding personal data collection online. Scroll down below to learn more.

Data Aggregation Explained

Personal data aggregation or collection is a loose term that can refer to many forms of data. It can include what’s called personal identifiers, which includes names, addresses, and emails. But this umbrella term also includes other forms of sensitive data like medical records and court files.

Most consumers are unaware of where their data may end up. They may give consent to an app to use an email or a phone number. Data brokers can collect information about the same user from multiple sources to creative huge databases.

That is the essence of data aggregation. Check out a free people search website, for example. You would see tons of records including public files and social media profiles. Such collected data isn’t illegal. But most people might not be aware that such information about themselves is out there on the web.

Marketers have long relied on aggregated data to conduct advertising campaigns, particularly online. Email marketers are very likely to rely on third-party databases, or companies like Epsilon, to obtain email addresses for prospective clients.

The problem is, those emails you got off a database may have been unethically sourced. “Unethically” doesn’t necessarily mean stolen. A person may have voluntarily listed their email address to receive promotional emails from a company.

But that company could have sold the email address to a data broker. In this case, the subsequent marketers who purchase the email address from a database don’t have explicit consent from the user for promotional emails.

It can get worse. Marketers sometimes collect massive droves of data. The more, the better, right? The modern consumer, and the regulator, definitely say no.

emails marketing

How It Affects Email Marketing

There are very specific laws email marketers have to stick with that could be violated when using aggregated data sources. Email marketers are expected to obtain consent from the user for sending promotional emails. But this can become complicated when using Big Data.

Email marketers may face backlash when sending emails without explicit consent from users. Here are two prominent examples where this practice led to lawsuits:

  • In 2017, the British government
    fined Flybe, an
    airline, almost £70,000 for sending millions of unwanted marketing emails. The
    airliner had sent promotional emails to users who had unsubscribed from a list.
  • The same year, Honda was fined in the UK for sending marketing
    emails in the guise of customer care emails to users who had not given consent
    to receiving them.

In the larger scheme of things, the fines may sound minor. However, the blow to the brand reputation was not.

Companies can face severe repercussions for not protecting email addresses collected for marketing purposes as well.

Here are some of the most prominent examples of email marketing data breaches that should concern any responsible marketer:

  • In 2011, email service firm
    Epsilon Interactive was hacked and email addresses belonging to some 50
    companies were stolen.
    Hackers were able to get access to email addresses plus the users’ names. It
    put all of Epsilon’s clients at risk of spearphishing attacks.
  • In 2017, the email marketing
    service, SendGrid, unwittingly exposed
    email addresses of clients and users. The breach was not the work of a
    sophisticated hacker. Rather, a network configuration issue, according to
    SendGrid, was responsible. This happened some three years after the company was
    actually hacked.

Data breaches involving emails is a serious business. It undermines the trust clients place in a brand. It would also make it notably difficult for marketers to collect emails in the future.

New Regulations Restrict Some Forms of Email Marketing Practices

Personal data collection and data breaches ultimately lead to one major issue: consumer privacy. Governments have worked from the start to protect consumer privacy against predatory marketing practices. Emails have not been spared in this sense.

In the early 2000s, the Federal Trade Commission introduced the CAN-SPAM Act to keep aggressive email marketing campaign at bay. It had three important provisions to ensure customer privacy. The Act establishes that:

  • Email marketers must clearly and conspicuously allow
    recipients to opt out of getting marketing emails. The option to stop receiving
    specific messages and for opting out altogether should be included. And the
    option should not get caught in a spam filter.
  • Marketers must process all
    unsubscribed requests within at least 10 business days since the initiation.
    Marketers shouldn’t charge a fee or demand any other information when a
    recipient opts out.
  • Marketers won’t get a waiver
    for legal responsibility if a third-party involved with the campaign engages in
    bad behavior. The responsibility of the marketing emails belongs to the company whose products are
    featured in the messages.

These requirements may seem lenient by today’s terms. And many experts back then thought so as well. Some even began to mock the Act as the “can spam Act.”

But this was years ago. Email marketing now faces a new regulator that has come out in full force against privacy violations. Enter the General Data Protection Regulation (GDPR) of the European Union.


How GDPR Affects Email Marketing

GDPR is primarily concerned with protecting personal data that consumers entrust to companies. The requirements GDPR has for email marketers is surprisingly simple, and yet fundamentally transformative.

Here’s why GDPR is different from all the prior email marketing regulation:

GDPR requires email marketers to obtain consent from consumers for opting in, rather than opting out. So the focus is not on offering unsubscribing options, but for ensuring that consumers understand they are subscribing to something.

The legislation offers clear rules as to what amounts to consent. According to the legislation’s text, consent should be:

  • Informed
  • Unambiguous
  • Clearly affirmative

Here’s what no longer amounts to customer
consent for receiving a marketing email:

“Silence, pre-ticked boxes or inactivity should not therefore constitute consent.”

In other words, if you have clients tick boxes to give consent to receive marketing emails, then those agreements are no longer valid under GDPR. Your marketing team would need to regain consent from the clients.

GDPR and Beyond

You might think GDPR only affects the EU. In fact, you need to stay compliant with GDPR if your services reach EU customers from anywhere in the world.

In addition, some companies are already enforcing GDPR laws on marketers. Facebook and Google are prime examples. Companies like Microsoft are applying GDPR to clients around the world, so marketers should take note.

Even if you don’t fall into GDPR jurisdiction, marketers should expect similar legislation to pop up around the world. Canada’s Personal Information Protection and Electronic Documents (PIPEDA) has undergone substantial updates likewise.

2. How to Run an Email Marketing Campaign in the Future

It’s best if email marketers update privacy policies in anticipation of GDPR-like legislation from around the world. Staying compliant would not be difficult. Based on GDPR, here’s what email marketers can do to legally send promotional emails:

Obtain Explicit Consent

The GDPR bans pre-ticked boxes. It’s easy to understand why. Consumers may click on the submit or download button without even glancing at the boxes.

The idea here is that marketers must have undisputable consent from recipients before sending promotional emails. Therefore, even if GDPR doesn’t apply to you, you should put its recommendations into practice.

Be Transparent

Avoid engaging in dubious tactics to gain customer consent to send marketing emails. Clearly state your intention to forward marketing emails to users first.

Ask Recipients to Sign Up

To avoid embarrassing privacy scandals, try to stick to email addresses on your own list. That is to say, avoid sourcing email addresses from data brokers or unknown databases. Create your own list by asking customers for their email address.

In Conclusion

In this age of privacy scandals, email marketers are facing a reckoning. The burden is on marketers now to legitimately collect recipient email addresses and to protect those addresses from hackers.

Email marketing practices have been regulated since the early years. But these regulations have mostly been lax. The advent of GDPR in 2018 changed all this.

Now, email marketers need to follow stringent rules to obtain consent from recipients. This fundamentally changes how email marketing is done.

There’s an upside to all this, of course. Staying compliant with privacy legislation like GDPR is surprisingly easy. Being more transparent is good for customers as well as businesses that want to avoid scandals.

Sam Makad is a business consultant. He helps small & medium enterprises to grow their businesses and overall ROI. You can follow Sam on Twitter, Facebook, and Linkedin.