In just a few days, on May 25, the clock will expire on the two-year transition period for companies to reach compliance with the General Data Protection Regulation (GDPR). This not only impacts organizations operating in the European Union (EU), but also affects companies in the United States and elsewhere that handle the personal data of anyone who resides in the EU. Those who fail to comply with the GDPR rules on contact data will face fines of up to €20 million ($24 million)—or 4 percent of global revenue/turnover.
GDPR has been billed as “data protection on steroids,” and with just a few days to go, 83 percent of all companies subject to the law lack confidence they’ll be able to meet the deadline. Based on my own recent discussions with various European channel partners—companies that partner with a manufacturer or producer to market and sell the manufacturer’s products, services, or technologies— only about half, within the UK, said they had completed their preparations and fully tested their compliance with GDPR.
How will GDPR specifically impact distributors and resellers?
According to research from the International Data Corporation, GDPR will potentially fuel a $3.7 billion annual IT security spending bonanza, and research company Canalys predicts that the European IT security market will enjoy a GDPR-induced bounce of up to 16 percent; however, the majority of distributors and resellers are ambivalent about GDPR and the impact it will have on their revenue.
Many channel partners feel poorly equipped to offer technology advice to their clients around GDPR compliance, and one of the key aspects of compliance is the ability to remove customer or prospect data if required; however, this is where the larger channel distributors have the resources to better manage their clients’ (resellers’) data.
Here are three major ways GDPR will impact the distributor/reseller relationship.
- Resellers must ensure clients have opted in to communications
A big area of change associated with GDPR is email consent. Customers must actively opt in (i.e., check an unchecked “opt-in” box) to receive future communication from a company. This has left many distributors busily emailing and encouraging their resellers to opt in to their communications.
Also, most resellers work with multiple distributors to increase their range of products. Now resellers will have to be sure they actively accept a distributor’s terms and conditions and opt in to their email and communication to continue doing business with them.
- Companies will need to update/change client contracts
Many companies have to update their contracts to become GDPR-compliant, which, in a nutshell, means they have to include certain privacy terms and include new data-handling obligations. Distributors have to ensure resellers are aware of and accept updated contracts, and resellers will have to do the same with end users.
- GDPR will restrict sales and marketing activities—especially with new prospects
One issue that GDPR is trying to address is the cold calls/emails that are received on a frequent basis. No longer will resellers be able to buy a list of contacts and send out a mass email blast. They’ll now have to get rid of their lists altogether or get approval from prospects before contacting them. Now, whether GDPR will be effective in reducing this traffic, is yet to be seen. There are plenty of dubious sales and marketing companies that will move offshore and continue their practices with impunity.
The Months Ahead
GDPR certainly sounds tough on paper, but whether regulators across Europe will have the manpower to enforce the regulation is another question. Many companies are already looking at alternative work-arounds to the regulation. For example, it’s possible that marketing activities will be, in part, moved to social media platforms. This is an interesting loophole, but it can be assumed that the EU will squash these efforts as soon as possible.
Though May 25 is the official GDPR deadline, vendors and partners will spend the next few months trying to fully understand the hundreds of components and nuances associated with the regulation. It will be interesting to see how companies will fare from the ruling or if GDPR will make a huge impact on the sales and marketing efforts of organizations struggling to become compliant with the policy.