|What You Need to Know About Data Privacy Regulations|
|Tuesday, June 29 2010|
When it comes to privacy considerations, most individuals simply want to ensure that certain boundaries are not breached. Data privacy is no exception. In recent years, the media has increased its coverage on data privacy, helping to create more public awareness about how information is used (and sometimes abused). Marketers and advertisers have an incentive to create their own privacy policies to show customers that they understand this issue and that they are taking steps to protect the information that customers might not want to share. This self-regulation shows a company’s commitment to its customers when handling sensitive, identifying information.
Many businesses have developed market-driven solutions to provide a level of comfort for consumers, and the government is also trying its hand at resolving this matter. Most individuals are concerned about the private sector obtaining confidential information and selling that information to unknown third parties, or otherwise handling the data in an insecure way. Governmental intervention on this issue could help standardize the methods and types of data that would be protected, but it is clear that the industry would prefer to self-regulate and maintain its own standards rather than having the government intervene. Self-regulatory programs have been established with the collaboration of multiple marketing and advertising industry organizations. One example is the Self-Regulatory Principles for Online Behavioral Advertising, which was jointly crafted by the Interactive Advertising Bureau, American Association of Advertising Agencies, Better Business Bureau, Direct Marketing Association, and Association of National Advertisers. The standards developed aim to:
The DMA Choice mail preference service is another self-regulated program that consumers can use to manage the type of advertisements they receive. Developed by the Direct Marketing Association, DMA Choice provides online tools enabling consumers to login and select the types of offers they want to or do not want to receive, such as a offers from credit card companies and catalogs. These selections are reported back to participants in the program, and recipients’ information is subsequently taken out of the appropriate channels. Of course, while DMA members are required to participate in DMA Choice, not all direct marketers are DMA members. Nevertheless, DMA claims that its members produce 80% of the country’s marketing mail volume, meaning that DMA Choice can be an effective method of reducing unwanted solicitations.
As the advertising industry tries its best to self-regulate, the U.S. government is also taking a look at what can be done to protect individuals and their information. U.S. Representative Rick Boucher from Virginia (Chairman of the Subcommittee on Communications, Technology, and the Internet) and Representative Cliff Stearns of Florida (Ranking Member of the Subcommittee) released a discussion in May 2010 involving a draft of legislation designed to more tightly regulate data-driven, behavioral online marketing. While the entire draft bill can be found here, its main premise is to have advertisers provide more transparency to users by presenting clear privacy policies about data collection and usage. Furthermore, consumers would have to provide consent before their data could be sold to third parties. A past government bill that also dealt with the online advertisement and direct marketing initiatives is the CAN-SPAM Act of 2003, which is now administered by the Federal Trade Commission. This law specifically defines rules for commercial e-mail marketing, including:
Although CAN-SPAM was the largest type of bill developed within the realm of online marketing, it didn’t do much to stave off the amount of unsolicited spam sent to the inboxes of millions of Americans. In fact, you probably have quite a bit of e-mail from Nigerian princes and discount pharmaceutical schemes in your spam folder right now. At the same time, however, CAN-SPAM’s guidelines provide consumers with control over the e-mail marketing they receive from legitimate companies.
Striking a balance between consumer data privacy and marketers’ ability to better target their messaging may require self-regulation as well as government intervention. In next week’s blog, we’ll wrap up our discussion on consumer privacy as we explore how different marketers and advertisers are handling this delicate issue.