Welcome to the SecAware blog

I spy with my beady eye ...

25 May 2018

NBlog May 25 - GDPR day

Tucked in among the avalanche of 'please confirm your details to continue receiving our marketing tripe' and phishing emails this week came some sad news about the GDPR-related demise of what has been a useful service ...

"Dear AuroraWatch UK subscriber,

It’s with great sadness that we are going to have to close the AuroraWatch UK email alert system with immediate effect.  This doesn’t mean that we’re shutting down AuroraWatch, it’s just that we won’t be sending out any more alerts via email. You will still be able to get alerts via social media platforms including Twitter, Facebook, Telegram and via our smartphone apps (https://aurorawatch.lancs.ac.uk/alerts/).

We know that this will disappoint some users. We’re also very sad, but this is something we’ve been putting off for some time. Operating a reliable mailing list service for 100,000+ individuals requires constant effort and ongoing resources. Up to now, we have been able to undertake this service (for free) amid our research and teaching activities at Lancaster University, but that effort is no longer sustainable. 

Since AuroraWatch UK started almost 20 years ago, long before Facebook and smartphones, technology has moved on. Today AuroraWatch UK has almost 100,000 Twitter followers and almost 200,000 likes on Facebook meaning that email is a relatively small fraction of the AuroraWatch UK alerts issued. Nevertheless, the maintenance of the email infrastructure puts a considerable burden on the team and provides the most headaches, e.g. bouncing emails, delayed alerts, sign-up problems and mis-identified spam. By focussing on social media alerts we will benefit from more robust and efficient infrastructure.

Some of you might be wondering if this is related to the new General Data Protection Regulation (GDPR) that comes into effect from tomorrow (25 May 2018). The honest answer is that GDPR has contributed to the decision.  We’re very proud that AuroraWatch UK has always operated within the spirit of what the new GDPR is trying to achieve - we take privacy and data security very seriously.  However, we face challenges demonstrating when consent was received to store the email addresses of some 20,000 legacy users. Furthermore, the GDPR could result in significant financial penalties in the event of data loss.  The upshot of this is that we will be securely deleting your subscription email address shortly.

If you’re not already signed up to receive alerts via the AuroraWatch UK social media feeds, then you can find out more information on the Alerts page of our website at https://aurorawatch.lancs.ac.uk/alerts/

Once again, we’re sorry that we’ve have to make this decision, but we hope you will still wish to receive our alerts through other channels.

Very best wishes,
The AuroraWatch UK team"

I'm not a Twit and I actively avoid FarceBook. Patently I do blog and I track a bunch of blogs and call-in on my favorite Web haunts from time to time, but I despise pop-ups and generally try hard to limit the rate of push-interrupts. The email aurora alerts from Lancaster Uni were a rare example of a useful time-sensitive information service pushed out by email. I'll miss 'em ... but for me this is just an annoyance, hardly a show-stopping business-critical disaster.

It is, though, an example of collateral damage caused by the legislation. I'm sure there are others, other situations where information providers have looked at what they would need to do to comply with GDPR and decided it's simply not worth the effort and expense. I guess some are using this as an opportunity to Spring-clean their mailing lists. A few may have decided to abandon their existing approaches rather than try to sort out the accumulated mess and bring them into compliance, planning to rebuild their contact databases from scratch. Some, like Aurorawatch, may have pulled out for good. Today's GDPR deadline could be the final straw.

It will be interesting to see how this situation evolves over the remainder of 2018. I expect to see a lot of 'rebuilding our contact list' stuff going on, a billion desperate marketers frantically using all the stunts imaginable to net as many new customer prospects (fresh meat) as possible, hopefully but not necessarily in a GDPR-compliant privacy-aware manner. Just watch for the special offers, discount coupons, this-week-only deals and other incentives to convince people that they really do want to be marketed-at. 

As for us, we'll simply continue providing a unique information service that customers find valuable ... and persuading/hammering organizations that don't respect privacy and security ... which means knowing our stuff ...

PS  It seems Instapaper, for one, has failed to beat the deadline so is shutting off access to its service for European residents while it "continues to make changes".

No comments:

Post a Comment