In last month's column, I wrote about how the digital communications legal landscape is like the weather in New England - constantly changing. And while change is a constant, there are a few best practices marketers can adhere to in order to stay above the law in almost any region of the world. They are: achieve a high degree of marketing relevance; obtain explicit permission; provide transparent disclosure when gathering customer data; and let consumers control how they provide their data and how you use it. In this month's column, I will delve deeper into the changing legislation in the U.S., Canada, the European Union (EU), and Asia Pacific (APAC) - and how marketers can keep up with the constant changes.
The CAN-SPAM Act, which went into effect in January 2004, provided the foundation for digital communications legislation in the U.S. as it applies to email marketing communications between brands and consumers. CAN-SPAM applies to all email being sent to or from the United States. An opt-out mechanism is required, but permission is not. CAN-SPAM doesn't apply to transactional messages. Spam remains a global problem, but most U.S. consumer brands and B2B marketers have complied above and beyond the law as required by CAN-SPAM, through self-regulation and automated compliance, as well as technology and counsel provided by their email service provider (ESP).
Nonetheless, a number of new legislative initiatives are in the works that focus on consumer privacy, data collection, and data use. The main thrust of all of these proposals is to give consumers more control over how their personal profile information is gathered, used, and shared by marketers. It's still too early to tell what the final legislative outcome will be, but marketers should be prepared for the following changes:
One important distinction to remember is that U.S. standards follow an opt-out-of-tracking mechanism for behavioral targeting rather than the opt-in mechanism required by the European Union. Still, change is coming for U.S. marketers, and instead of a "wait and see" mentality, marketers should take the following steps to proactively prepare for tighter regulation of consumer data use:
Similar to U.S. proposals, Canada's Online Protection Legislation (COPL) expands regulation of marketing messages to and from Canada beyond email to include IM, SMS, social, and mobile marketing. Unlike the U.S., COPL also applies to all commercial content, including transactional messages. Other important distinctions for marketers to take note of:
Implications for marketers:
European Union (EU)
The European Union has some of the strictest regulations in the world through the EU Data Privacy Directive. The directive requires opt-in prior to sending unsolicited email and compliance with eight data protection principles:
The EU also provides for individual rights when it comes to personal profile data. Individuals have the right to gain access to their data and to seek compensation for non-compliance. Consumers also have the right to opt out of having their data used for direct marketing as well as an opt-out of fully automated decision-making about them. Permission is required for web tracking and there is a proposal in the works that will require explicit permission for the collection of cookies and other tracking technology.
The implications for marketers navigating this tightly regulated environment are as follows:
Asia Pacific (APAC )
A quick snapshot of the Asia Pacific region reveals a wide range of regulatory environments from strict compliance laws to a near total lack of controls over marketing communications. Australia, for example, maps to the EU requirements, which are among the strictest in world, whereas India, Malaysia, Taiwan, and Thailand currently have no applicable requirements.
How Do I Keep Up With the Changes?
As you can see, keeping up with the U.S. regulatory environment alone can be a daunting task. Outside the U.S., the regulatory environment ranges from very strict in the European Union to virtually no regulation in some Asia Pacific countries. How can marketers navigate this constantly shifting regulatory landscape? The best approach and best practice is to always err on the side of caution. Adopt a full permission mentality by asking permission for everything relevant to your contact strategy and take the time to understand the nuances of the respective cultures where you're marketing to consumers.
Keep in mind the following no matter where you're marketing to consumers:
Finally, make sure that you have dedicated resources - whether in-house or in partnership with your email service provider - to monitor domestic and global regulatory environments and develop action plans for your marketing and communications teams.
Meet Your Favorite ClickZ Contributors
Many of ClickZ's leading expert contributors will be at ClickZ Live, the new online and digital marketing event kicking off in New York (March 31-April 3). Hear from the likes of: Jeremy Hull, Lisa Raehsler, Andrew Goodman, Bryan Eisenberg, Mathew Sweezey, Aaron Kahlow, Stephanie Miller, Simms Jenkins, Jeanne S. Jennings, Dave Hendricks and more!
Rick Buck is vice president of privacy and ISP relations, CIPP at e-Dialog, a provider of advanced e-mail and multichannel marketing solutions. Rick works with clients, ISPs, and privacy organizations to promote best practices around responsible marketing. He is an active member of the Direct Marketing Association where he sits on the Ethics Operating committee and previously served as the Ethics Policy committee chair. Rick is also a board member of the E-mail Sender and Provider Coalition (ESPC). Prior to his current role Rick served as vice president, business lists and data for Harte Hanks.
Rick is an accomplished speaker and author on such topics as e-mail deliverability, privacy, and CAN-SPAM compliance. Rick has over 20 years of experience in privacy, acquisition strategy, database management, and Internet marketing. He joined e-Dialog in 2000.
March 19, 2014