Left side advert image
Right side advert image
Super banner advert image
Subscribe to Print Monthly's RSS feed

Enter your email address here to sign up for our weekly newsletter

Focus On


It’s been almost a year since GDPR was introduced, so where is the print industry with the regulation now, and how can the sector wield it to its advantage? Summer Brooks explores

Article picture

The introduction of GDPR was the most significant change in data privacy for 20 years

Where are we now?

The General Data Protection Regulation, or GDPR as it is better known, sent shivers down the spine of nearly every business in the UK and abroad as some rushed to understand what it meant, whilst others waited until the last moment to implement changes. Google was the most recent high profile company to fall, suffering a huge $50m (£44m) fine over adverts that the French regulator CNIL said were not transparent enough regarding how Google collected data to personalise those adverts. Even the mighty fall. And many are still not aware of the huge penalties for violating GDPR – fines can be up to 4% of a business’ annual global turnover or $20m (£17.4m) – whichever is the greater amount.

The regulation was implemented to keep personal data safe, whether its processed digitally or physically

But what has it meant for the print industry? Positive change, by all accounts. Brendan Perring, general manager at IPIA, says the change has been an important wake-up call for businesses. “GDPR has been an important element in the growth of print volumes for much of trade print members, which are seeing a growth in demand for services such as partially addressed mail,” remarks Perring. “Additionally, it has been a positive call to action for our members to get in touch with their customer base, clean their data and proactively market themselves in a much more targeted and cohesive way.”

Please, Mr. Postman

The Strategic Mailing Partnership (SMP) has been pleasantly surprised by the effects of the regulation, despite initial fears. The SMP was launched in 2008 to represent and protect the interests of mailing houses across the UK and is headed by Judith Donovan CBE. “Before GDPR came into force, our members were very worried and we were picking up high levels of stress,” Donovan comments. “One worry in particular involved clients leaving it late to take action. However, once it was in place, it became obvious that the situation was ‘doable’. I doubt it’s something our members would want to go through again, but it’s not been as bad as they had feared.”

Judith Donovan CBE chairs the Strategic Mailing Partnership

Whilst the worry was not completely warranted for the mailing houses of the UK which have enjoyed a boost in direct mail, some businesses found that they were left with “significantly lower volumes of mailable names”. Donovan suggests that for those who went back to the market have reported much higher response rates. “GDPR hasn’t affected our members as much as had initially been feared,” Donovan comments. “While some members saw a short-term reduction in orders, others produced specific GDPR mailings seeking re-permissioning. By autumn, most were reporting that things were by and large back to normal.”

It has been a fantastic moment for the print industry to seize upon by advocating the value add that
can be generated with print-based marketing

Perring agrees, citing Royal Mail Market Reach as a key example of an IPIA member that has seen a “marked increase” in demand for its services. “It has been a fantastic moment for the print industry to seize upon by advocating the value add that can be generated with print-based marketing when it is produced in a creative and targeted way, before being driven by clean and up-to-date data.”

Despite many businesses making changes, some SMEs are still in the dark about what the regulation means

GDPR has allowed print to shine in many ways where digital has been unable to, due to the nature of print products and the way they are received. Donovan reiterates: “Members have seen increased reply rates from people who want to receive relevant offers by mail. The direct mail of today is a far cry from the junk mail of the 1990s.”

Echoing the positivity that has come out of GDPR for businesses, Perring adds: “I honestly do not think there is any damage to our industry in regard to GDPR, it is only an opportunity to be seized upon both on an individual basis to clean house, and to get customer outreach systems put in place on a strategic basis, and it certainly gives print an added competitive edge as a route to market.”

Private and confidential

ASL Group provides impartial and independent advice for business office requirements and is one of the largest managed office services suppliers in the UK. The organisation places a huge emphasis on printer security – an issue that is of increasing concern to businesses in all sectors.

“We understood from a very early stage how important both GDPR and data security is to the print industry,” says Trevor Clarence, head of professional services. “Probably the most important concern where print is concerned for many organisations is: do we leave any personal data/confidential information lying around the printer uncollected? Secure print is the answer. Secure print ensures that the print is only released when the user is stood next to the machine. Many organisations have deployed print management solutions to address this issue.”

The issue, Clarence says, arises with digital printers and those connected to the Internet of Things. “Digital printers however pose more of a challenge than just ensuring no paper is left lying around to be picked up by anyone. Varying levels of personal data are printed every day, so how can organisations ensure this data is fully protected? First, the ‘print data’ must be encrypted as it travels across the network. However, once the data reaches the printer and the text and images are produced, the data may still exist on the printer’s hard drive.”

O Factoid: Whilst larger firms are more likely to be targeted by a cyberattack, the number of SMEs targeted has risen on average by 59% since 2018 compared to 2019. O

The Global Print Security Landscape Report by Quocirca found that almost 60% of businesses surveyed across the UK, France, Germany and the US had experienced print-related data losses in 2018, costing a business on average £313,000 per annum to resolve. The report also found that the use of a managed print service lead to improved print security for businesses – another opportunity for the industry to capitalise on.

Print manufacturers are responding to concerns by elevating awareness of print security risks, and by offering built-in hardware security in their products. However, organisations should be putting a larger focus on print security as it is often the gateway to valuable, confidential and sensitive information that could land you in breach of GDPR.

Print security is of growing concern for a significant number of businesses in the UK and abroad

As with everything in business at the moment, the issue of Brexit has come into play. However, guidelines have stated that GDPR will still apply to British businesses after leaving the EU, as the UK government plans to incorporate the GDPR into UK law once the country has left. The Information Commissioner’s Office has published guidance for businesses regarding Brexit and data protection depending on if you operate solely in the UK, across the European Economic Area (EEA) or globally. 

No excuses

Understanding GDPR is the first step, but learning how to use it to your advantage is step two, as Perring concludes: “Every single print business in the UK needs to not only be GDPR compliant themselves, but each company’s decision makers need to understand it fully and then exploit it from a commercial standpoint by explaining to their customer base how print can overcome the restrictions it has put in place.”

Donovan adds: “Almost a year on, much of the hard work has already been done, so if companies are not compliant by now, there’s something wrong with the leadership.”

Whilst much of the “hard work” has been done, some businesses are still not fully compliant
By this time, there really is no excuse for not implementing security measures for your business, in order to maintain GDPR compliance. “Your organisation has a responsibility to protect all of the personal data it either controls or processes and your printers are very often involved in these processing activities,” warns Clarence. “Print security is important; a printer is another network ‘end-point’ much like a PC or laptop. However, does your printer have anti-malware installed? Would you know if the firmware is infected? If you’re not sure, consult a trusted partner to identify any security risks and they will advise you on how to mitigate them.”

Print printer-friendly version Printable version Send to a friend Contact us

No comments found!  

Sign in:


or create your very own Print Monthly account  to join in with the conversation.

Top Right advert image
Top Right advert image

Poll Vote

What is your top priority for 2020?

Top Right advert image