James J. Robinson
If an EU member
does not opt-in,
he or she will no
longer receive the
sent by TMS.
I would like to know if anyone has taken steps to comply with European Union’s
General Data Protection Regulation (GDPR) taking effect on May 25, 2018?
We have members in those countries and would like to know what was done or
is being done for being in compliance.”
—Question posted to an association management discussion board
About two years ago, the European Parliament and Council established the General Data
Protection Regulation, or GDPR for short. The law went into effect in the spring of this
year, and it regulates how organizations handle the personal data of people living within the
European Union (EU). Considering the torrent of news about how user data can be abused
(I’m not “liking” you on this count, Facebook), I can’t really argue with any government
adopting reasonable safeguards to ensure that its citizens are protected from data shenanigans
and misuse. The many GDPR requirements include securing the consent of individuals for data
processing (think mass e-mailings), employing diligence in handling user data, and providing
The adoption of the GDPR is big news in the association management community, especially
for professional societies like TMS that have members in the European Union. Even though
TMS is headquartered in the United States, we are subject to compliance with the GDPR.
Many association leaders have confusion over who is required to comply with the GDPR and
have expressed increasingly urgent wonderment via do-we-really-have-to-do-that questions.
Among the potential showstoppers within the association world is the idea that you cannot
send a mass e-mail to a client, prospect, or member within the EU unless that individual has
consciously opted-in for receipt of e-mail from said association. That’s a scary proposition—
via e-mail. If an EU member does not opt-in, he or she will no longer receive the preponderance
of communication sent by TMS. The opted-out member gets no newsletter, no call for papers,
blackout of mass communication with EU members, TMS undertook work to not only comply
with the GDPR, but to also contact our EU constituents with the exhortation to proactively
update their TMS member records for opt-in of TMS e-communications.
You may have received one of the messages with the subject line, “Don’t Miss Out on
Important TMS Membership Information.” The message then instructs the recipient on
updating communication preferences via the TMS web site, concluding with, “We respect your
privacy and assure you that TMS does not sell or share your contact information or online user
that we can still send you news and updates on society events and initiatives, membership
opportunities, and other activities important to the minerals, metals, and materials community.
You are always free to further update your subscription preferences to only receive mailings
that interest you or opt-out of all messages at any time.” If you received the e-mail but didn’t
act, you can still visit the TMS web site to update your member record. Otherwise, you will
effectively only be seeing JOM each month as your message bearer from TMS.
Is compliance with the GDPR easy? No; it cost a lot of staff time and other resources to
measure up, and the effort is ongoing. Could we get away with not complying since we are
not brick-and-mortar in Europe? I don’t know because there’s no room at TMS headquarters
to even conduct the thought exercise toward answering such a question. The point is moot
legally and ethically. We’re not in the business of trying to nuance our way around what is
right and what is wrong. After all, the stated TMS vision is to be, “the professional society of
choice for the worldwide minerals, metals, and materials community.” An organization does
not earn and hold the respect of the world community by selectively ignoring the laws and
regulations that it does not like.
We’ll take the higher road. Our members would expect nothing less of their professional
2018 The Minerals, Metals & Materials Society