GDPR is leaving publishers with a newsletter list problem
Dear American publishers that think they will be fine when the General Data Protection Regulation takes effect next month: Check your email.
As brands, agencies and publishers scramble to get their data collection, usage and storage situations in line with European regulations, few have gotten their email newsletter subscriber operations into a GDPR-compliant state, either by securing affirmative consent for use of subscribers’ data or by updating their email onboarding process so people give consent when they subscribe.
Some haven’t done it because they have their hands full with other facets of GDPR compliance. Others haven’t because they’re still trying to figure out if their current situations are, in fact, acceptable under the regulations. Others are waiting for third-party providers to deliver tools to help navigate the problem. Still others are reluctant to do anything that could put a meaningful dent in their newsletter subscriber counts.
“This is definitely a risk,” said Brad Schorer, the president and CEO of data and marketing consultancy Digital Segment. “They need to prepare to have the steps in place to allow for their readers to opt out of the newsletter and/or be able to produce the level of detail on them that the publisher has in house.”
A common misconception about the GDPR is that it is for European companies. In fact, the GDPR covers any company that collects data from European Union citizens, which is to say most every publisher. Publishers have liability if they have any EU citizens on their email newsletter lists. Under GDPR rules, publishers must be able to point to a specific date when a reader affirmatively consented to have their data used by publishers. That covers all email subscribers, not just those acquired after the GDPR takes effect on May 25.
Most publishers don’t have those dates on file, particularly for email subscribers they’ve had for years, which presents them with an uncomfortable choice: Send an email asking European newsletter audiences to opt back in, risking a percentage of their subscriber base dropping out, or do nothing and hope the law is enforced for bigger violations.
“Any communication to consumers always entails the possibility of losing readerships due to opt-outs for any number of reasons,” Schorer said.
Many publishers also have to figure out how to get readers to actively consent, a break from the user experience templates that readers have been trained to expect in recent years. “It’s difficult to funnel people into signing up as it is,” said one source who oversees newsletter operations at one large publisher. “Now, we have to go completely out of the way to make sure consent is explicit by not having pre-checked boxes. Users have learned behavior that assumes boxes will be checked, and now we will have to teach them new behavior.”
The GDPR, to this point, has been a worry for European publishers, which have been busy hiring data protection officers and trying to build unified login systems to minimize shock when the regulations are enforced. As the May 25 enforcement date has drawn closer, fears among European publishers have subsided a bit, according to Digiday Research.
Yet many American publishers draw sizable chunks of their audience from outside the U.S. Just over 10 percent of The Washington Post’s digital subscriber base, for example, is based abroad. The New York Times said 14 percent of its 2.6 million digital subscribers reside abroad, though that number does not exactly correspond with its 13 million email newsletter subscribers; the Times does not break out the country of origin of newsletter subscribers.
Some publishers are trying to be proactive, despite the minimal risk to their business from being GDPR-compliant. At Morning Brew, a business-focused newsletter publisher with 180,000 subscribers and an open rate that hovers around 45 percent, just 3 percent of its subscriber base resides in Europe. But the company decided to add a double opt-in system to its newsletter onboarding program, in part because it minimizes bad actors taking advantage of its referral program and in part because it sees upside in adapting its system in ways that emphasize transparency and privacy.
Morning Brew is still trying to confirm that every facet of its business is GDPR-compliant, but it said it expects to be by next month. “The way we justified it is we need to do right by our readers,” Morning Brew co-founder Alex Lieberman said.
‘None of this is celebrity for celebrity’s sake’: How publishers are trying to scale virtual events with high-profile star power
Scale "matters when making a media buy" for virtual events, according to Barry Lowenthal, CEO of media agency the MediaKitchen, and celebrity appearances help to achieve that.
‘An unprecedented period of Darwinian experimentation’: As sports return, Twitter eyes ad boost
The lack of match-day revenue has forced clubs to better understand the commercial value of platforms like Twitter.
‘The more culture you own’: Condé Nast pursues more revenue growth with new brand-strength metric
Condé Nast is hoping its new advertising measurement framework can drive growth for its digital ad and commerce businesses.
SponsoredThe race to frictionless consumer journeys is expanding beyond marketplaces
Compressing consumers’ path-to-purchase is the holy grail of advertising and marketing. When Jeff Bezos authored 1-Click in 2011, advertisers began to realize that in some cases — especially for consumables — awareness, consideration and purchase can all happen in seconds. Since then the rise of e-commerce marketplaces has forced a major shift in the design […]
‘Permission to think long term’: The Atlantic digs for deeper, smarter client partnerships
Atlantic Brand Partners will account for all The Atlantic’s business-to-business revenue, which is currently two-thirds of The Atlantic's overall revenues.
‘Re-architecting the entire process’: How Vice is preparing for life after the third-party cookie
Vice is working to bolster its first-party data strategy, improve its registration process and double down on contextual ads.