While there are some great examples of organisations ready to hit the ground running with the new GDPR requirements (effective from 25 May), using clear and concise opt-in options on their marketing communications, there already appear to be others planning how to mislead customers and obtain consent in a less conspicuous manner.
To date it has been admissible to use pre-ticked boxes that, as a consumer, you have to actively untick to opt out of marketing messages from organisations. But phrases such as “Unless you untick the box below you are accepting that we can contact you…” will no longer be legal from May.
So, how should these now start to look and how could consumers be caught out?
It is advisable to be cautious of messages next to preference boxes that begin with the word “Don’t”. Previously this preference box may have been ticked out of habit as an opt out – assuming the message was ‘Don’t send me email, SMS etc’. But in a real example from a TV broadcaster the following phrase is being used to secure opt-ins even with the GDPR on the horizon: “Don’t get FOMO. Make sure you’re the first to know….by ticking this box”.
Best practice by those organisations wishing to play by the rules will be to include opt-in boxes for each channel preference (email, post etc), to separate general Ts&Cs from communication preferences (known as “unbundled consent”), to name organisations and any third parties who will be relying on the consent and, importantly, to provide instructions for how to withdraw consent at any time.
The GDPR is putting consumers back in the driving seat and organisations need to play fair or risk the consequences.