Sex sells. Fear sells more.

Not long ago, a family member received a notice via postal mail that demanded her attention in the worst possible way: it included a mock invoice for auto repairs totaling over $16,000. The word “sample” was a very faint watermark — so faint as to be nearly invisible — and the slippery verbiage on the reverse side of the “invoice” made it sound as though she either owed this much now, or would be required to pay it in the near future. It was a transparent and cynical attempt at frightening her into buying an auto warranty…for a 12-year-old car.

Fortunately, she recognized it for what it was: a deceptive, near-fraudulent attempt to fleece her out of a lot of money.

We discussed it, laughed about it, and at one point she asked, “Why do people still use tactics like this?”

“Because someone back in the mists of time discovered that fear sold stuff. Scare your audience into believing they need something, then sell it to them. It is a lazy, soulless sales technique that has been retired by most honorable sales and marketing organizations.”

Good thing, too! Scaring people into buying something they believe they need is a time-honored but unscrupulous technique for getting your goods or services sold. Manufacture a need through fear, fulfill that need, and your business is set. (Here’s a little-known fact for you: did you know that that kind of fear-based marketing had its start in war propaganda?)

Why is this relevant to GDPR?

In recent years, as technology has made it easier and easier, we as consumers have become inundated with marketing messages. We’re drowning in emails and online ads, ensnared in a widening variety of attempts to use our personal preferences to sell us more crap we don’t need, being sent increasingly strident messaging on every topic under the sun — all because somewhere along the way, marketers decided that it was OK to assume we wanted those messages.

Initial stabs at regulating bulk mail (CAN-SPAM and others) were a good start, but marketers found ways to circumvent the spirit of the law while obeying the letter.

In essence, these early regulations said that marketers were not permitted to send out unsolicited commercial email without a method for opting out. As email service providers (ESPs) got wise to the misuses of their services, deliverability and sender reputation became important indicators of a particular marketer’s adherence to these regulations. The ESPs were able to take action against accounts that abused the regulations by either reducing their reputation (resulting in “spam” scores and increased likelihood of being filtered out by spam traps), blocking them, or shutting them down altogether. Modern ESPs have enabled fairly strict enforcement of these rules.

Shady senders found a way to bypass this enforcement by continuing to harvest contact information via the web and sending out their initial fishing expeditions by way of free services such as Google mail, where unsubscribe/opt-out links are not required. They would then transfer to their ESPs the names of their targets who didn’t explicitly respond in the negative.

There’s a technical term for groups who do this: spammers. It’s an ugly practice and contributes nothing of value, in fact adding a great deal of aggravation to our modern lives. Junk mail, several orders of magnitude more severe.

An idea whose time has come.

Several countries have enacted considerably stricter rules. GDPR, Canadian privacy statutes, and other regulations around the world have come along recently in well intentioned and reasonably effective attempts to slow the flood a bit and give us control (to the extent that’s possible) over our own information.

The shapers of the GDPR asserted that we have the right as data subjects (the poor saps whose information is being collected) to protect the privacy of our information. Recognizing that data has been abused, misused, and even stolen, the regulation attempts to enforce among other things a concept called “privacy by design.” This means that systems should be designed to protect data, and to assume that data subjects want their information to be private.

I’m a terrible marketer.

As a technology professional whose specialty is marketing automation, I’ve been accused more than once of being a terrible marketer. Largely because I have thought from the beginning that dumping piles of unsolicited messages on unsuspecting consumers is a sure fire way to turn them away, I applaud the enforcement of the GDPR both as a consumer and as a marketer.

Let’s talk about why.

Oh noes! Our list will shrink!

The most common complaint I’ve heard about GDPR is that companies won’t be able to use most of their existing target list.


The companies that complain are generally the ones that acquired their lists by sneak attack rather than explicitly obtaining consent. One (former) client buys lists from providers, which is terrible practice for many reasons; another scraped the internet for contact information of their target audience. That stopped with the GDPR.

Both of these tactics may seem like no big deal, but they are. In both cases, the data subjects never said these companies could market to them. In the case of purchased lists, actual consent was probably given to some company or at a tradeshow or some such many steps back, the provenance too murky to trace. In the case of scraped emails one could argue that because the email is published it’s fair game. But think about it: most of the time, contact information is published because they want their prospects to reach out to them, not so that they can be prospected themselves. They didn’t consent to be hit up by random salespeople just because they posted an email address.

Here’s the real value of losing most of your list to GDPR: the people you have left are the ones who really want to engage with you. What you sacrifice in quantity, you more than make up for in quality. And companies are now required to gain explicit, clear consent for communications, which means that the resulting list is really, truly, the people you want.

The hidden benefits of GDPR? It generates much better will between provider and consumer; it makes companies improve their messaging so that people want to engage. Companies must now get creative again about how to reach the people they want to reach, and market to them effectively. They must now publish content that attracts attention, proving thought leadership and authority in their field.

How is this anything but good for your business?

Note: This is the beginning of a series on GDPR. In future articles we’ll analyze the main points of GDPR, how they can be interpreted, and how they can be put to good use. Each article will include links to resources for further study.

%d bloggers like this: