What happens when content design crashes into the General Data Protection Regulation (GDPR)?


What would it be like to produce content in a total data vacuum? Picture yourself working in soundproofed blacked-out box with a computer that can only send but never receive information. You have a brief to design some content, but you haven’t been given much information about your users. You’re going to have to rely on intuition and assumption about their needs, interests and behaviour. No matter – you’re a resourceful person, so you make the best of it and cobble together some best-guess content. It’s a relief to press send.

Off it goes into the ether and you’ll never have to think about it, the users or their needs again – because there won’t be any feedback. That includes all metrics, page views, click-throughs, bounces and everything else you’re used to for assessing whether your work is fulfilling its aims. It sounds like a recipe for awful content, doesn’t it? It must be – though of course you won’t get to know either way.

Data drives content

For content professionals, such a scenario in the real world is unthinkable. Content is driven by data and databases, from analytics to A/B testing. Data is the beating heart of how content designers think about user needs and what we do to deliver on them. It’s also the biggest weapon in our armoury when it comes to dealing with sceptical and obstructive forces in the organisations we work for.

And yet, the situation above isn’t just a thought exercise. Working in a data void – or at best with a seriously diminished data set – could well become a reality for many of us in a couple of years if we don’t take timely steps to stay compliant with imminent new data protection legislation, according to Hazel Southwell, Data Protection Consultant, speaking at a recent Content, Seriously meetup.

Ignore data protection at your peril

Content producers who ignore the new rules will be destined to launch their content into the void, she warned, like the Soviet scientists who shot Laika, a Moscow street dog, into space with scant means of monitoring her progress and no hope of her survival. The ill-fated dog died from overheating after only a couple of hours and the scientists learned next to nothing from the adventure. At least she got to be the first animal in orbit – which is far more than content producers can hope for in return for their doomed efforts.

Producing content without user research and analytics (both pre and post publication) makes it far more likely to be irrelevant to target audiences – and useless to our objectives. More than that, data is the trump card, the invincible ace of spades, in any argument about the direction that content should be taking.

How often does data come to our rescue when subject matter experts are blocking improvements to clarity and readability, or when managers are resistant to important content changes? They can’t argue with the data. Without data in the armoury, we’re fighting blindfold with both arms tied behind our back.

Say hello to the General Data Protection Regulation

On 25 May 2018, the EU General Data Protection Regulation (GDPR) will come into force, making sweeping changes to rules governing the way we collect, use and store data. It will have an impact on any organisation, whether based inside or outside the European Union, that processes the personal data of any resident of the EU or any EU citizen elsewhere.

Companies will no longer be able to sidestep data protection obligations because their head office is in the US, say, or their servers are in Vanuatu. If they’re dealing with the personal data of EU citizens then they must comply with the rules. So Brexit will not provide a way out for UK organisations either.

The UK currently has one of the toughest data regimes in the world in the Data Protection Act 1998, backed up by the enforcements of the Information Commissioner’s Office (ICO). But the GDPR knocks that into the shade, not least with sanctions that are designed to bring the global tech behemoths out in a cold sweat. Even the likes of Google and Facebook might think twice about transgressions, faced with fines totalling €20 million or 4% of worldwide annual turnover – whichever is greater.

Personal data will include photos, email addresses, bank details, social media posts, cookies and IP addresses – anything, in fact, that identifies you directly or indirectly in your private, professional or public life. And if you’re processing this data, whether you’re a multinational or working from your front room, whether you’re turning a profit or not, then you’ll need to comply.

It might be a shock for a humble WordPress blogger to find their use of tools such as Google Analytics (much of which is based on monitoring IP addresses) could fall foul of the law. And their difficulties will be compounded if they deal with personalised content tailored to their audiences – for example, if they use a formula whereby 2 users might see a different paragraph within a single page depending on their age. It seems the quest for making highly relevant content is to become even more tortuous.

So how do you comply with the GDPR?

You’ll have to get explicit consent for obtaining and keeping personal data, which must be given to you freely, rather than as a bargaining chip for accessing your services. You’ll need to ask for it in clear and obvious way, not just imply you’re taking it and going ahead.

Having obtained consent fair and square you’ll have to store it, not only so the ICO can check you’re doing things right, but also so individuals concerned can see what you have on them. They should be able to transfer their data to other data controllers if they want – what’s being described as a new right of ‘data portability’.

Consent can be withdrawn as well as given, and you’ll have to erase data or correct inaccurate data if requested, or restrict processing data if you get an objection. If the data you’re keeping gets compromised through a security breach you may have to notify the relevant authority, the individual concerned or the public at large.

You’ll have to demonstrate that you’re complying with the GDPR, through policies and procedures, staff training, monitoring, documentation – and if your organisation is large enough, with the appointment of a designated data protection officer and appropriate records of your data processing activities.

Privacy will be prioritised by better design (privacy by design) and through more stringent default settings (privacy by default), and you’ll be encouraged to use data only when strictly necessary for your services.

Privacy fights back

If it sounds tough, that’s because it is. There are some obvious exemptions to the rules – such as for national security, defence, law enforcement, public services and health and so on – but it seems the EU has had enough of companies storing and selling huge quantities of personal information, our interests, health, social background, jobs, wealth, education and much more – information that has very likely been obtained in ways we were not wholly aware.

While we unwittingly surrender the details of our address books, calendars, emails and map co-ordinates to apps and companies that seem to have no call to know them, many of us are only dimly realising that our most private information is forming part of a vast global trade far beyond our control. Marketing giant Acxiom, for instance, is said to have stockpiled up to 3,000 separate nuggets of information on each of the 700 million people in its files.

In this context, the GDPR could be a welcome rebalancing in favour of the individual. Even so, EU member states still have some flexibility about how they implement many of the GDPR’s 99 Articles – not to mention the uncertainty of how a post-Brexit UK might slot into those arrangements.

There may also be ways to anonymise or ‘pseudonymise’ data so that it can be used without stepping on anyone’s toes, or making the most of exemptions for statistical research that doesn’t rely on the identifying aspects of the data. The sweep of the legislation may be fixed, but the crispness of its final boundaries are still to be defined.

Respect privacy, improve content, win trust

However the cookie in your cache might crumble come May 2018, content strategists must start putting data protection much higher up the agenda now. Content professionals are creative people and will be able to conjure up inventive and unimposing ways for users to give consent about their personal data.

It’s in everyone’s interests that content is engaging and relevant, and it won’t take much for users to understand how important data is for the best in content creation. It will be even more important for content professionals to create the kind of compelling content that will make users care enough to click the consent button – in whatever form it takes – without a second thought.

Many thanks to Hazel Southwell for her contribution to the Content, Seriously meetup.



Talk to us


Better metrics for social media

In 2015, virtually all companies have an online presence, from the Fortune 500 down to the local dry cleaner. Companies encourage customers to like, follow, share – anything to show engagement. But does that really work?

According to Charlie Southwell, most companies aren’t putting enough thought into their social content. He points to an article on Marketing Week reporting that nearly half of Chief Marketing Officers claim that social media has a “below average” impact on profitability. So where is the disconnect?

It’s not a numbers game

In 2016, we can buy thousands of Twitter followers, YouTube views, or website views for the price of a fancy coffee. But it won’t change your business. Charlie points out that you would get more business impact by taking the money you budget for social and throwing it off the roof. There’s even a name for it: the MoR (Money off Roof) Test. The premise is that the excitement of seeing an executive standing on a roof, throwing money at passersby, would generate more viral excitement than most social media content.

Productive uses of social media

There are six main uses for social media in business, and you need to plan your social media strategy with all six pillars in mind. To summarise Charlie’s points:

  • HR – social content can be used to attract talent, onboard staff, and keep them engaged, both while employed and as alumni.
  • PR, marketing, and advertising – social content can help with lowering the cost of marketing, acquisition, and customer retention.
  • Sales – the use of social content here is embodied by FRY: Frequency of purchase, more customer Reach, and Yield of average transaction.
  • Customer service – Fielding and resolving customer problems has become one of the top uses for social media.
  • Business intelligence – Combine any of the number of measurement and analytics tools in the market to draw some powerful conclusions about how business is perceived and how to proceed.
  • Internal communications – Social tools help your teams collaborate, and reduce down time spent on fruitless information chases.

Charlie provided a number of example objectives that could be used as a starting point, and emphasised that each organisation will have unique objectives. Those objectives should be platform agnostic, as platforms come and go (remember MySpace?). Each platform and channel has its own idiosyncrasies, and the timeline for seeing return on your investment will vary. You don’t have to be Einstein to measure social media, Charlie reminds us, but you do have to engage in some rigorous planning that starts with business objectives.

Many thanks to Charlie Southwell.

Twitter @charliesaidthat



Talk to us

Need a deeper understanding of content best practices?
Attend the meetup for content professionals – Content, Seriously

Want to upgrade your content strategy skills?
Take a content strategy workshop – Content Strategy Intensive

Need help with your content strategy?
Scroll can help – Scroll content strategy services

Applying science to content analytics

Analytics Eats HIPPOs for Breakfast was the attention-getting line that opened Adrian Kingwell’s presentation at the March meetup of Content, Seriously. Any line that involves large mammals is bound to get the audience’s attention, even though in this case, HIPPO stands for “HIghest Paid Person in the Office”.

The vast majority of writers can relate to the situation where the HIPPO, whether that be client or in-house executive, decides that content should be written in a certain way, or delivered in a certain channel, generally based on personal opinion. The writers are left scrambling to mind-read the HIPPO’s instructions, balancing that with what information could be gleaned about what content actually works for the intended audiences.

Using analytics, the HIPPO can be tamed, and may even be happy about it. Instead of acting on opinions, writers can use the data behind analytics to determine what content works and why.

The starting point for analytics

Adrian Kingwell

Adrian Kingwell

The reason that organisations create content is to solve a business problem. That meant asking the right business questions. Then, the primary job of analytics is to get answers to those questions. Start with why: why is content being created at all? What is the business purpose? Then ask how: how should the content be created and delivered? Which channels are most appropriate? For which audiences? Once those criteria have been established, ask what: what content would be most appropriate for those audiences, in those channels, for those business purposes?

Starting with “why” and working backwards, analytics can reveals information about our customers and shows ways to improve content. Every piece of content on a website has an objective. It’s important to agree on the objectives and the key results. As well, ask what else could add value? Once that’s been decided, have the analytics analyst tag the pages.

The goal of analytics is to improve results

Adrian pointed out that the content strategist’s best friend is the conversion rate, which can be calculated as goals divided by number of visits. Each organisation has different goals, which could translate into number of sales, value of sales, number of subscribers.

Goals unrelated to conversion might be time on page divided by time on site, return visitors, recency of visit, or page values. What’s important is that the metric is agreed upon, and that you measure results over time. A single-day snapshot is meaningless. The iterative cycle of measuring, improving, measuring again, and improving again that will ultimately get results.

Many thanks to Adrian Kingwell for his contribution to the Content, Seriously meetup.

Twitter @adrian_kingwell
Mezzo Labs

Talk to us

Need a deeper understanding of content best practices?
Attend the meetup for content professionals – Content, Seriously.

Want to upgrade your content strategy skills?
Take a content strategy workshop – Content Strategy Intensive.

Need help with your content strategy?
Scroll can help – Scroll content strategy services.

© Scroll Ltd.