Here we are again. Every once in a while, data protection makes the headlines, creating a ripple of panic in the marketing stratosphere. With so many different countries and so many laws and regulations to follow, it’s hard to keep up with the news. But don’t worry, that’s what we’re here for.

What New US-EU Data Legislation Means For You And GDPR?

This time, a new bill was passed (or rather an old bill revoked) in US congress this week, so we thought it was about time we gave you the next chapter of your favorite saga, Privacy Shield. As you know, we’ve kept you updated (as best we can) and helped you to decipher the Privacy Shield code.

Why do you do this ? I hear you ask… It’s because we genuinely care about data privacy and we know it’s important to the rest of the emailing community.

What’s happened this week?

Earlier this week Donald Trump signed a law allowing internet service providers (ISPs) to sell consumer data, revoking a previous bill established by Obama, but which hadn’t yet come into effect. Although internet companies like Facebook and Google already had access to this kind of information and collect consumer data without asking permission, ISPs will be able to take this one step further and access full information on all the sites a consumer views.

Those against this new bill claim that all this data will expose consumers and leave their information in a murky area, while making ISPs a rich target for hackers. However, those in favour of this change argue that it fosters innovation, job creation and economic growth, and that federal rules still require broadband providers to protect consumer information.

The Federal Communications Commission (FCC, an independent US government agency) was supportive of the decision to invalidate this particular part of the Obama-era plan to regulate the Internet, and stated that, “those flawed privacy rules, which never went into effect, were designed to benefit one group of favored companies, not online consumers. […] American consumers’ privacy deserves to be protected regardless of who handles their personal information.”

The FCC also said that they’d be working with the Federal Trade Commission to restore its power to police the Internet, putting “America’s most experienced and expert privacy cop back on the beat.” So, although we don’t know what this will mean, we can hope that consumer data protection regulations will become more stringent in the US.

Ok, so what’s the situation in Europe?

In Europe, strict data protection regulations are already in place, and a stricter law will take effect in 2018. You may have heard us mention it once or twice, GDPR.

But it’s important to stay tuned to the issue, as many major companies like the likes of Facebook, Google and Microsoft (to name a few) are US based. Since they operate in Europe, these organizations have to comply with Privacy Shield, which was essentially established so that the data of EU citizens could be protected and wouldn’t be treated by US companies as second class data.

Want to catch up with the Privacy Shield Story?

We’ve talked about Privacy Shield quite a lot, since its predecessor Safe Harbor was invalidated on October 6th, 2015. If you’re still not sure what all the hassle is about, you can follow our past commentary here:

October 2015What is Safe Harbor and how will it affect your business?

March 2016Is Privacy Shield the future in Europe?

April 2016Privacy Shield: Not quite there yet

August 2016Privacy Shield: A new episode in the “Email Marketing & EU Data Protection” Series

You can also subscribe to our newsletter to be the first to hear how we understand any future updates on this or any other data protection news.

Want to stay in touch?

Want to receive more posts like this one?

What can marketers do?

It’s important for marketers to follow this story closely. However, it’s even more important to continue to prepare for GDPR (the EU General Data Protection Regulation). The DMA recently stated that a quarter of UK marketers (26%) feel that their businesses are unprepared for GDPR, however 68% have said they’ll be compliant by May 2018 when the legislation comes into play.

If you’re in Europe, preparing for GDPR should be at the forefront of your objectives. And, if you’re a US email marketer, ensuring your activities comply with Privacy Shield should be a top priority for you. Although, really, data privacy matters to everyone!

So, how can you ensure your email activities comply? Well, we’re glad you asked!

The simplest way is to partner with a European email service provider with data servers exclusively in Europe (hint: Mailjet’s one ), and they’ll do the hard work for you. Much like we do, ESPs headquartered in Europe will have terms and conditions and a sending policy that you have to adhere to if you want to be able to send your emails. This may seem like an unwanted headache, but it’s in your interest as a business to be data complaint. Take a look at your ESPs privacy policy (it should be on their website) to see how they treat and store your personal data.

Data control

If you’d like to keep up with Privacy Shield and GDPR but don’t want to be scouring the broadsheets on a daily basis, subscribe to our blog and we’ll give you the updates that matter to you and your business.

Want to share your data protection learnings and concerns? Tweet us using the #MailjetDelivers.