Miss you already – why GDPR is the next PPI

1 min. read


If I had a pound for every PPI related advert, email, text or unsolicited phone call I’ve ever received I’d be a wealthy woman, it would certainly amount to more than most actual PPI claims. So when I heard that a deadline had been announced for PPI claims (August 29th, 2019) I was delighted – only another couple of years to go until the deluge of PPI-related crud comes to an end. Or so I thought.

GDPR is very much the compliance topic de jour, and the number of seminars, webcasts and white papers dedicated to the topic is truly staggering. Technology companies, legal professionals and consultants alike have all jumped on the bandwagon in order to peddle their wares. It’s no surprise then that GDPR fatigue has set in. Enough already!

Any IT vendor worth its salt will openly admit that there is no such thing as a GDPR product or solution, and most organisations are already partway to compliance as a result of their existing IT security technologies and processes.

That said, there is a role for GDPR experts who can help companies to translate what the regulations mean for them and how they should approach implementing processes, technologies and educating their employees. Make no mistake, if data is the lifeblood of your organisation, the safeguarding of that data under GDPR will affect all areas of your business.

As a marketing professional, I am very aware of what GDPR means for the privacy and protection of data relating to our customers, partners and business associates. GDPR may well signal the end of email marketing (if it wasn’t already on its uppers), and certain provisions such as the right to be forgotten will also have a major impact across all areas of marketing.

So far so good for the consumer – or is it? There is a very real possibility that no sooner will the constant calls to claim our long lost PPI stop, than the offers of help to claim compensation for the mishandling of our personal data will begin. In theory, any company that sends you a marketing email you didn’t subscribe to, or retains information that identifies you as you on some long-forgotten server, would be ripe for a claim.

So should we expect the current PPI-related adverts, emails, texts and unsolicited phone calls to simply be replaced by those from supposed personal data breach specialists (maybe they’ll even be the same firms adding a new string to their bow)? Yes and no. I’d like to think that the companies behind such marketing efforts will be textbook examples of how to manage PPI (personally identifiable information), but then I also like to imagine an impending lottery win…

It seems highly probable that given the legal scrutiny that will soon be placed on the protection of personal data, the personal claims tribe won’t be too far behind. Whether it will be on the same scale as PPI remains to be seen, but it certainly has greater longevity. The provisions of GDPR are only likely to become more stringent over time, and there is no deadline. Looks like GDPR and its related hangers on are here to stay.

by Natasha Scott, Marketing Manager, Infradata UK

Sign up for our newsletter

Get the latest security news, insights and market trends delivered to your inbox.


More updates