It is human nature to assume that our past experiences are relevant to our future lives. It they weren't, we'd still be burning our hands in the fire, both literally and metaphorically. In business generally and marketing specifically, there is an in-built presumption that past performance does provide an indicator of what will happen next (despite what the financial services regulator may require you to say). That's the basis of all modeling and forecasting.
Yet when the members of the IDM Data Council were asked in December what they lived through in 2012 and how it was likely to impact on them this year, you might be surprised to learn that they are not expecting a repeat performance of the biggest issue of the year. Along with their colleagues in digital marketing, data practitioners spent at least half of 2012 fretting about what would happen when the Information Commissioner started to enforce the "Cookies Law" last May.
Marketing vs legal over cookies
Ahead of that dreaded date, a significant conflict arose between digital marketers determined that cookies notices and consent requirements should not harm the customer experience and legal departments insisting that the law needed to be respected. What actually happened was a blend of both, rapidly followed by a half-year of indifference among consumers.
The story arc for the "Cookies Law" comprised Act One - ignorance, Act Two - panic and denial, Act Three - neglect. Few at the time paid attention to the amendments made to the ePrivacy Directive in 2010 and only slightly more understood their implications when they came into force during 2011. Such was the level of ignorance among digital marketers and data practitioners that the ICO was forced to provide a year's grace. (Other countries in the EU are yet to implement the law and may in fact never do so.)
What really happened
When the alarm was finally raised across the direct, data and digital communities - not least through the efforts of the IDM via events and council meetings - the reaction was strongly negative. Too late to alter the law itself, many pledged just to ignore it (go to http://nocookielaw.com for a prime example). What ultimately happened was widespread adoption of some form of compliance, followed by growing familiarity among consumers that they now had a choice, and then the slip into invisibility of the whole issue which happens when there are no real consequences.
That model from 2012 of how to react to a new data law can not be followed this year, however. During 2013, revisions to data protection legislation will be introduced that could have require wholesale rethinking of much direct marketing and data practice. This time, it will not be feasible to pretend they do not exist or should be ignored. But there is also time to effect some degree of change.
What happens next
Politically, the proposed Data Protection Regulation has a lot of backing and there is a will to resist any major alterations. That does not mean nothing can be done, especially when MEPs start to think about the economic implications of hitting data hard right now. Putting that business case is a vital part of current lobbying efforts.
As with cookies, consumers have a general idea of their data rights but few actively exercise them. That is unlikely to change much, even when they are presented with new consent requests. Unlike the situation with cookies, however, companies will not be able to take the soft option and only comply broadly with the law - this is a tough new regulation that will come with a newly-aggressive enforcement regime.
So the cookies lesson should be forgotten when thinking about how to enact data protection rules in your marketing campaigns. This time, what the lawyers want, they seem likely to get.