FTC Regulations and Email Marketing

What can email marketers learn from the FTC's final privacy report?

Last week, the United States Federal Trade Commission (FTC), the nation’s chief privacy policy and enforcement agency for 40 years, issued its final and long-awaited industry privacy report. The report also notes that the FTC received over 450 comments on the staff’s preliminary recommendations. Based on technological advances and industry developments since the December 2010 staff report and in response to the comments, the report refines the guidance for when companies should provide consumers with choice about how their data is used. While Congress considers privacy legislation, the Commission also urges individual companies and self-regulatory bodies to accelerate the adoption of the principles contained in the privacy framework. What was exciting was the report’s clear acknowledgement of how the industry self-regulatory models are working and its wishes to continue that. “We are confident that we as an industry can continue the self-regulatory efforts without legislation and the FTC agrees in their report.”

It also said that:

  • The FTC would be vigilant in enforcing self-regulatory codes of conduct among companies in the area of data privacy.
  • A company’s failure to live up to a voluntary code of conduct would act as a scarlet letter in an FTC enforcement action, which we’ve already seen heavily in the last year.
  • The FTC is interested in developing sector-specific codes of conduct, meaning tackling specific issues with specific regulations vs. umbrella regulations.

Also, over the course of the next year, the Commission staff will work to encourage consumer privacy protections by focusing on five main action items:

  • Do-Not-Track. The Commission did commend the progress made in this area: browser vendors have developed tools to allow consumers to limit data collection about them, the Digital Advertising Alliance has developed its own icon-based system and also committed to honor the browser tools, and the World Wide Web Consortium standards-setting body is developing standards.
  • Mobile. The FTC urges companies offering mobile services to work toward improved privacy protections, including “short” and meaningful disclosures. To that end, it will host a workshop on May 30, 2012 to address how mobile privacy disclosures can be short, effective, and accessible to consumers on small screens. If you haven’t seen TRUSTe’s mobile-optimized privacy notice, I suggest you check it out here.
  • Data brokers. The Commission calls on data brokers to make their operations more transparent by creating a centralized website to identify themselves, and to disclose how they collect and use consumer data. In addition, the website should detail the choices that data brokers provide consumers about their own information.
  • Large platform providers. The report cited heightened privacy concerns about the extent to which platforms, such as Internet service providers (ISPs), operating systems, browsers, and social media companies seek to comprehensively track consumers’ online activities. The FTC will host a public workshop in the second half of 2012 to explore issues related to comprehensive tracking.
  • Promoting enforceable self-regulatory codes. And again, the FTC will work with the Department of Commerce and stakeholders to develop industry-specific codes of conduct. To the extent that strong privacy codes are developed, when companies adhere to these codes, the FTC will take that into account in its law enforcement efforts. If companies do not honor the codes they sign up for, they could be subject to FTC enforcement actions.

The final report also calls on companies handling consumer data to implement recommendations for protecting privacy, including:

  • Companies should build in consumers’ privacy protections and data management procedures at every stage in developing their products using Privacy by Design, which is a wonderful concept, invented and championed by Ontario Privacy Commissioner Ann Cavoukian. These include reasonable security for consumer data, limited collection and retention of such data, and reasonable procedures to promote data accuracy.
  • Simplifying consumer choice, which simply could mean being more upfront about their choices for communications and also preference centers.
  • Companies should provide reasonable access to the consumer data they maintain; the extent of access should be proportionate to the sensitivity of the data and the nature of its use.
  • Incorporating substantive privacy protections into their practices, such as data security, reasonable collection limits, sound retention and disposal practices, and data accuracy.
  • Companies do not need to provide choice before collecting and using consumer data for practices that are consistent with the context of the transaction or the company’s relationship with the consumer, or are required or specifically authorized by law.
  • Increasing the transparency of their data practices.
  • Privacy notices should be clearer, shorter, and more standardized to enable better comprehension and comparison of privacy practices.
  • All stakeholders should expand their efforts to educate consumers about commercial data privacy practices.

Hopefully you can see that this is not a regulation or enforceable framework, but does apply to all commercial entities that collect or use consumer data that can be reasonably linked to a specific consumer, computer, or device, unless the entity collects only non-sensitive data from fewer than 5,000 consumers per year and does not share the data with third parties. For many of you this will apply and you should already being doing a lot of this because of best common practices you’ve learned over the years when it comes to digital marketing through channels like email.

Subscribe to get your daily business insights

Whitepapers

US Mobile Streaming Behavior

Whitepaper | Mobile US Mobile Streaming Behavior

5y

US Mobile Streaming Behavior

Streaming has become a staple of US media-viewing habits. Streaming video, however, still comes with a variety of pesky frustrations that viewers are ...

View resource
Winning the Data Game: Digital Analytics Tactics for Media Groups

Whitepaper | Analyzing Customer Data Winning the Data Game: Digital Analytics Tactics for Media Groups

5y

Winning the Data Game: Digital Analytics Tactics f...

Data is the lifeblood of so many companies today. You need more of it, all of which at higher quality, and all the meanwhile being compliant with data...

View resource
Learning to win the talent war: how digital marketing can develop its people

Whitepaper | Digital Marketing Learning to win the talent war: how digital marketing can develop its people

2y

Learning to win the talent war: how digital market...

This report documents the findings of a Fireside chat held by ClickZ in the first quarter of 2022. It provides expert insight on how companies can ret...

View resource
Engagement To Empowerment - Winning in Today's Experience Economy

Report | Digital Transformation Engagement To Empowerment - Winning in Today's Experience Economy

4w

Engagement To Empowerment - Winning in Today's Exp...

Customers decide fast, influenced by only 2.5 touchpoints – globally! Make sure your brand shines in those critical moments. Read More...

View resource