A recent news article at vnunet.com cites a study by EU compliance company, SCC, indicating that the email marketing programs at 87 percent of the 25 blue-chip British businesses surveyed currently fail to comply with the legal requirements of the U.K. Data Protection Act.
Of course, vendor studies often are biased in ways that highlight the problems their solutions can solve. Spam-impact studies are most commonly conducted by anti-spam vendors; Internet security studies are conducted by Internet security software companies, and so on. Silverpop even recently conducted a study on the state of retail emailing practices. And, yes, we did find room for improvement. And yes, we can help <grin>.
But what struck me about the SCC's study was, not only the extraordinary lack of compliance, but that the SCC arrived at its figures by polling its own customers. So, even with a significant haircut on the data, it's clear that many U.K. companies are still struggling to comply with the DPA.
In my book, I discuss the case study of British Sky Broadcasting and its successful efforts to put enterprise email compliance into place. Our experiences with Sky confirmed what we all intuitively believe--the U.K. DPA sets a much higher bar than U.S. CAN-SPAM.