Building Email Lists In The Era Of GDPR

March 20, 2018 3:21:39 PM | By Matt Benati

Building Email Lists In The Era Of GDPR

List building has always been a critical part of any sales representative’s job. But as email regulations worldwide are tightening to protect recipients from spam, sales is finding they can no longer count on purchased lists as a reliable source of leads. While US-centric lists still work under CAN-SPAM laws, you run the risk of there being non-US citizens on the lists that are simply working in the US temporarily. Unlike CAN-SPAM, the Canadian Anti-Spam Law (CASL) and the European General Data Protection Regulation (GDPR) are opt-in based regulations, which means higher scrutiny.

However, the governments that created these laws purposely crafted alternate methods that allow us to engage with new contacts. Through “implied consent” and “legitimate interest”, respectively, CASL and GDPR enable sales and marketing teams to lawfully communicate with prospects and customers. One of the best sources of account intelligence, reply emails, provide us with net new contacts that meet the litmus tests for “implied consent” and “legitimate interest.”

The Importance Of List Building

A sales team’s world revolves around their database. Getting more leads, keeping contact information updated, managing subscription requests, and ensuring email gets delivered are essential to being able to effectively engage leads, move them through your sales funnel, and close deals.

But a lot of things change over the course of a year. With B2B data decaying at an estimated 70% annually (Harte-Hanks), it’s critical for sales teams to stay on top of changes with their leads and accounts.

B2B data decays at an estimated rate of 70% annually according to @hartehanks. #B2B #Sales Click To Tweet

What does sales need to be on the lookout for? According to ZoomInfo:

  • Job changes – 30% of people change annually
  • Title/role changes – 34% of people change annually
  • Email changes – 37% of people change annually
  • Phone number changes – 43% of people change annually
  • Company name changes – 34% of companies change annually

It’s understandable that database vendors have no problem staying in business by providing list-building solutions to sales teams to help them identify these changes.

The Problem With Purchased Lists

The problem with purchased lists and online databases, however, is two-fold.

First, if you’re monitoring your existing leads and accounts, you could be missing out on a lot of changes. For example, data vendors often monitor press releases for job changes, but generally only executive level changes warrant formal announcements. You’re likely missing changes at management and other levels — the very people in charge of sourcing solutions to put in front of the C-suite. Additionally, relying on a list vendor is not timely. Press releases are often distributed months after the hire has taken place, which means you’ve lost the timing advantage you could have had if you found out about the change right away.

Second, lists of new contacts are just that: new. Even if they might fit your ideal customer profile (ICP), they’re people who have not opted-in to receive communication from you. This is where things begin to get murky, as you are forced to navigate email spam laws that affect recipients in the US, Canada and Europe to figure out who you can and can not engage from a list of contacts.

The problem with purchased email lists is twofold: 1) The list begins decaying immediately. 2) List contacts have not opted in. #GDPR #emailmarketing Click To Tweet

Understanding Email Spam Laws

We have written on email regulations extensively, and have even created a dedicated landing page specifically about how LeadGnome helps you stay compliant.

Here’s a quick refresher:

United States: CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography And Marketing) 

CAN-SPAM is primarily based on giving email recipients a frictionless way to opt out of your call/mailing list. This means that, for the purposes of using purchased lists, you are free to send to people on the list as long as you make it easy for them to unsubscribe, and you stop sending to them if they do unsubscribe. However, we still recommend practicing permission-based marketing and always asking new contacts to opt-in to your mailing list. While you may not be legally obligated under CAN-SPAM, it shows recipients you are respectful of their information and time, and should US regulations change in the future, you will already have consent on file.

The caveat, as mentioned earlier, is that there may be non-US citizens on the list that you cannot legally send to without permission. While you may have paid a professional and trusted list vendor for the information, you are ultimately responsible for abiding by other countries’ email spam laws, and you are liable if you violate them.

Canada: CASL (Canadian Anti Spam Legislation)

CASL differs in that it requires you to obtain express consent or implied consent, be able to prove you have it if audited, and give recipients an easy way to opt-out. When asking recipients to opt-in, such as with a website form or during the registration/checkout process, if you include an opt-in “box” it must be unchecked. This ensures prospects have to manually enter their name/check the box to unequivocally agree to being added to your mailing list.

European Union: GDPR (General Data Protection Regulation)

Set to take effect May 25, 2018, GDPR is something you need to be paying close attention to if you do business with any European Union citizens (regardless of where they reside). Like CASL, it requires you to obtain consent or show legitimate interest and make opting out as easy as opting in. Additionally, you must grant EU residents the right to access their data and the right to be forgotten at their request.

If you purchase a list of new contacts that contains Canadian or European citizens, you cannot legally send to them. Period. However, if you’re obtaining new contacts from email mining, you can send to them under “implied consent” or “legitimate interest.” More on how that works next.

You CAN Send To New Referral Contacts Mined From Reply Emails

Here’s the game changer. If, instead of list vendors, you rely on a far more accurate and efficient means of obtaining new contacts and maintaining your database – reply email mining – you can add new contacts to your database and legally send to them under CAN-SPAM, CASL and GDPR.

Here’s how it works.

When you send an email marketing campaign, personal (human) replies and auto-responses like Out-Of-Office (OOO) and Left-The-Company (LTC) are inevitable. Once considered nuisance emails, we now know that auto-responders actually contain incredibly valuable and actionable intelligence. Think about it: when your contact Bob is out of the office, he puts an OOO auto-response in place that asks you to contact Jane while he’s out. And when your contact Sarah gets a new job, her company puts an LTC auto-response in place to tell you that your new contact is Kevin. We call these referral contacts, and you can lawfully email them under CASL and GDPR

CASL “Implied Consent” – Through action or relationship, it is implied you can send email. Implied consent expires after 24 months, after which time you will need to have proof of express consent.

GDPR “Legitimate Interest” – GDPR acknowledges that direct marketing – like email marketing – will often be a ‘legitimate interest’ of the data controller.

However, I will reiterate that even if you’re emailing under implied consent (CASL) and legitimate interest (GDPR), it is always a best practice to reach out, introduce yourself, make your intentions clear, and ask them to opt-in. In fact, CASL mandates that you obtain explicit consent within 24 months of receiving implied consent. Also you must always provide an easy way to opt-out.

Please note that this article provides an overview about international email laws, but is not intended, and should not be taken, as legal advice. Please contact your attorney for advice on email marketing regulations or any specific legal problems.

Other Ways Reply Email Mining Protects You

From a sales perspective, adding new contacts and maintaining accurate contact information are a top priority. But when it comes to email spam laws there are a couple other ways that reply email mining helps to protect you.

Handling manual unsubscribes – It doesn’t matter what length you go to to create an easy, automatic, frictionless way for recipients to unsubscribe, you will always have people who simply hit the reply button and manually ask to be removed. Not catching these unsubscribe requests puts your company’s reputation at risk and could cost you millions in fines under CAN-SPAM, CASL and GDPR. Reply email mining identifies these manual replies, categorizes them, and moves them to a designated folder so that you can act on them and remove the contact from your lists immediately. Mining solutions also integrate with marketing automation and CRM systems, which automate the process of removing opt-out requests from your lists.

Not catching emailed unsubscribe requests puts your company's reputation at risk + could cost millions in fines under CAN-SPAM, CASL and GDPR. #email #emailmarketing Click To Tweet

Ensuring email deliverability – Today’s corporate spam filters protect employees by quarantining messages from unknown senders until a manual sender verification process (i.e. CAPTCHA) is completed. Not catching these sender verification requests not only means you’re messages aren’t reaching the intended recipients, but because you’re not completing the request, the server may eventually block you completely — and this will affect your overall email reputation. As with manual replies, reply email mining catches these requests and moves them to a folder so that you can process them ASAP. Integration with marketing automation and CRM solutions also allows your team members to be alerted to these types of auto-responses.

Better Safe Than Sorry

At the end of the day, email spam laws are not something you want to risk violating. Play it safe and get your contacts to opt-in by:

  • Having them come to you – Inbound marketing that uses website forms makes it clear your website visitors are opting in to receive communications from you when they submit their contact information.
  • Asking them to opt-in with your initial outreach – When sending to new contacts under implied consent or legitimate interest, ask them to opt-in right away to increase the strength of your relationship. Leveraging reply emails allows you to enrich records and expand into your target accounts without purchasing lists.

LeadGnome CASL List Building

Get Ahead Of GDPR And Protect Yourself

If you have any EU contacts in your database, you need to be on top of GDPR requirements well before the May 25th launch date. Download our 1-page overview to understand how GDPR affects your email marketing and how LeadGnome’s automated email mining service can help you remain compliant.

Download GDPR Brief


Related Blog Posts:

Pin It on Pinterest