GDPR is a huge opportunity for content marketing

Strict new EU laws governing personal data are about to disrupt traditional marketing’s targeted advertising. Content marketing will be crucial to reach an audience in a new era hinging on trust and value

Marketing will be one of the biggest sectors affected when the General Data Protection Regulation (GDPR) becomes law across the EU on May 25.

Big Data has become the fuel for most marketing activities, with brands relying on gathering databases of personal information to target potential customers. But GDPR is a game-changer, putting significant new rights over the use of personal data and consent back into the hands of consumers. And the legislation has teeth; non-compliance can be punished with fines of up to €20 million or 4 per cent of a company’s global turnover.

So what does this mean for marketing? In a nutshell, it represents a power shift – but with great potential for those who understand the new landscape and get it right.

Content as the new currency

Under GDPR, brands need a positive ‘opt-in’ consent from everyone they want to send marketing material to, giving them permission to hold and use data such as email addresses or mobile numbers for that purpose. The law is clear that pre-ticked boxes, inactivity or silence do not constitute consent. The definition of what is considered personal data has also been expanded to include any identifying information, including IP addresses and cookies.

These changes will force changes to marketing from a ‘spray and pray’ numbers game to a compelling operation designed to attract consumers’ permission. Value becomes key here, because consumers will need to see a clear benefit in allowing companies to have their details. And how do you demonstrate value in a world where you are no longer able to send your monthly newsletter to someone who made a single purchase in 1985? Through the quality and usefulness of the content you put out.

This power shift was summed up by Alan Coleman, CEO of award-winning digital marketing specialist Wolfgang Digital: “GDPR is great for marketing. The elephant in the room is this: most advertising is crap. We all know this to be true. GDPR forces brands to get more creative in how they deliver brand experiences that have their audience requesting more. Greater rewards for great marketing.”

Under the legislation, there are six lawful grounds for processing personal data. These range from consent to contract obligations and vital interest – where data processing is necessary to protect someone’s life. Legitimate interests allows processing where that is “necessary for your legitimate interests or the legitimate interests of a third party”.

Some firms will doubtless try and use ‘legitimate interests’ to get around obtaining individual permission, but GDPR is clear that the burden of proof that consent has been obtained is on companies. This leaves them open to serious fines if a customer complains and they are found not to have an adequate basis for consent.

With surveys finding that a significant percentage of consumers are intent on exercising their new rights – which include the ability to insist companies delete any details held on them – taking shortcuts here could be costly financially, as well as to reputation.

As Marketing Mogul’s GDPR summary stresses: “While there will be those who find loopholes or survive for a while, ultimately marketers who have ability, creativity and adaptability will come out on top.”

Knowing the value of value

An obvious question is whether people will really opt in to hear news from companies. Certainly, communications need to be compelling, otherwise why would they? One answer is that customers will develop deeper relationships with the brands that mean the most – or offer the most – to them, rather than having constant-but-superficial contact from dozens of brands daily.

Customers are also more likely to opt in if that company is offering something useful and interesting, over and above selling a product. Many companies, especially those whose products have a long lifecycle, have already moved to this model. Pirelli, for example, the tyre manufacturer and FirstWord client, keeps itself prominent in customers’ lives between purchases through a ‘digital magazine’ website based around high-end content covering motorsport, tech and culture. The site now has more than 800 articles on it and had over 3.3 million visits in 2016.

As FirstWord director Adrian Michaels noted when Pirelli’s 2017 IPO showed that its wealth of digital content had added to the company’s value: “Many of the pieces do not mention Pirelli or its tyres at all. The company understands that this is the worth of content marketing: there may be three years between the purchase of sets of tyres; they simply want to stay in touch with you by offering interesting stuff between those purchases, so that when the BMW’s tyres need replacing you will remember that Pirelli is a good option.”

Accenture Interactive’s Pulse Check 2018 survey also offers hope on the trust-equals-consent score, with its finding that 83 per cent of consumers are willing to share their data to get increased personalisation. Brandhome research in Belgium also found that 74 per cent of people valued privacy, and were more likely to trust companies that were transparent about data use.

Industry insight firm Forrester believes companies will be forced to up their content game to cut through: “Content will continue to play a key role in reaching prospects lower down in their buyer decision journeys. These audience segments, who are not already engaging with the brand, would have previously been reachable through behavioural targeting, for example. Earned media and social media will rise in significance in this instance, making it an even stronger imperative to produce high-quality, ‘newsworthy’ and relevant content.”

Another interesting perspective comes from copywriting agency WriteMySite, which suggests GDPR “reduces the advantage that larger companies with large volumes of data have. It levels the playing field, which means companies now have to better each other on one thing – content!”

Data on opt-in potential is limited, but research by PageFair and various European organisations suggests that the percentage of users who would grant advertisers – not traditionally a trusted industry – consent to be tracked on specific sites ranges from just five to 21 per cent.

Trust as a differentiator

But it’s not just in value that great content has a purpose. In a post-Cambridge Analytica world, consumers are taking a much greater interest in their data. Trust is going to be a critical element in persuading customers to engage with brands and then keep them in their lives.

When success depends on attracting customers, being a leading voice in industry conversations and establishing fundamental credentials around what you do and how you do it goes a long way to building trust. Rising above the crowd through thought leadership blogs from the C-suite, for example, or white papers – especially if those are then picked up by industry publications or social media influencers – will be an important way to establish credibility, as well as get yourself noticed.

But that is not to say that gaining trust will be easy. A poll by YouGov found that the only organisations trusted with personal data by more than half the UK population were government authorities (60 per cent), the NHS and private healthcare providers (60 per cent), and banks (59 per cent).

There is notably less trust for commercial entities, with only 10 per cent trusting retailers and consumer brands and just two per cent trusting marketing and advertising companies with their personal details.

Here, too, content has a role, especially when used for telling the stories behind the product. When communications move from broadcast to receive, brands – whether B2B or B2C – benefit from helping their customers navigate the world or to simply understand more about what motivates the company. Customers want to be valued and will reward brands that treat them as more than marketing commodities.

Time for more privacy

Notwithstanding the GDPR, a marketing revolution was inevitable. PageFair’s 2017 annual report found that 615 million devices worldwide now have ad-blockers installed – a growth of 30 per cent in a year, and covering 11 per cent of the global internet population. The desire to escape targeted ads and have a less ‘interrupted’ online experience were two of the major reasons cited. Quite simply, the old model was broken.

Content marketing will be the foundation of this marketing reset for a world that increasingly values privacy and the ability to choose who has access to our information. And, because GDPR applies not just to the EU but to any entities that process data on EU citizens – including US firms such as Facebook, for example – it’s going to have a global impact.

As the rules of marketing prepare for a seismic shift, effective and considered content marketing will be the way to increase consumer engagement.

Five key rights GDPR gives to consumers

GDPR is wide-ranging but its overarching theme is returning power over their personal data to consumers. Consent becomes key to offering individuals “genuine choice and control”, especially online. Here’s a quick guide to the main features:

1) Explicit consent means that companies can only use your details in the specific way for which you have given permission, not for any other purpose.

2) Data portability compels companies to hand over any data they hold on you in a machine-readable format. This will ease the move between service providers, for example.

3) Under GDPR’s right to be forgotten, consent to use data can be revoked at any time and companies will have to delete your data when asked.

4) Privacy by design means that you should not be asked for data that is not directly needed or relevant to using any app or service that you sign up for. As privacy becomes the new norm, products and services will be designed to use as little personal data as possible.

5) Right to know if your data has been hacked Users must be notified of any personal-data breach within 72 hours of the company or organisation becoming aware of it, so they can take appropriate data-protection measures, such as changing account passwords.