Protecting consumer privacy is a good thing, and the Federal Trade Commission has always been very serious about safeguards on the collection and use of online data. Thus far, the FTC has largely allowed the industry to self-regulate. This has resulted in industry initiatives like the AboutAds self regulatory program. AboutAds asks site owners to prominently place an icon linking to information about how behavioral data is collected and used online.
Things are changing. On December 1, the FTC gave notice that it is recommending Congress enact a “Do Not Track” mechanism along with other industry regulations and penalties. The recommendation – all 122 pages of it – is open for comment only until January 31, 2011. The report outlines a broad framework for protecting consumer privacy on- and offline. The FTC is particularly concerned about the use of technology that captures and uses personal information, often without the consumer’s knowledge. According to the report, the FTC feels that clear notice (by collectors of data) and informed consent (by consumers) is not valuable if there is a lack of understanding on how information can be used. For example, a consumer can agree to the use of their personal data, without knowing or understanding all the details.
FTC Chairman Jon Leibowitz said that so far, the marketing industry has not done nearly enough to make sure people understand what personal information is being collected, or to provide them adequate control over that data collection.
Among other recommendations, the FTC would like to create a “Do Not Track” tool, similar to the “Do Not Call” registry for telemarketers, that allows consumers to prevent marketers from tracking their Web browsing habits and other online behavior in order to target advertising and other content. Since it was opened in 2003, more than 190 million people have registered for the Do Not Call registry.
Extending Do Not Call to the Internet seems simple. However, online tracking is used for broader purposes than just online advertising. It is the foundation for all kinds of personalized Web, e-mail, and marketing content (think sports scores, stock prices, recommendation engines, and PURLs), and could prevent marketers from effectively managing messaging or experiences across channels.
While any implementation of the proposed regulations on mobile, e-mail, or social would be technically different, the FTC report covers all digital marketing. In fact, the emergence of location-based mobile services and social data mining technology may have heightened concern about data collection.
Is there a technical solution that could be more effective than regulation? Ben Isaacson, privacy and compliance leader with Experian CheetahMail, believes that is far off and complicated by the need for industry and government consensus. “Ten years ago, the online industry worked very hard to develop the Platform for Privacy Preferences (P3P) protocol, which everyone (including the FTC) thought was going to work pretty well,” he said. “Unfortunately, the browser companies only bought in half way to the proposal and it never became an official standard. [Continued industry collaboration on self regulation] may be the best effort to minimize consumer concern until such time as the industry can get back to developing a true IETF standard that can be implemented across the ‘world wide web’.”
Among the recommendations are those for more standardized privacy policies and a requirement for new, affirmative consent if use of data changes from the time a consumer first visited a site or signed up for an e-mail or Web program. The former might be most welcome by business and consumers, however, the latter could prove messy and onerous for any marketer with data collected over months or years. It’s not clear to me (I’m no lawyer or technical genius) how the industry would comply with recommendations like the ones requiring “substantive data security” and “data accuracy” protections.
As someone who is excited about the data access and integrated marketing opportunities made possible by advanced technology, these proposed restrictions could limit marketers’ ability to create amazing and custom customer experiences. I’m all for protecting consumers, and even for giving consumers an educated choice in what data can be used, but I believe there is a need for balance. Most consumers love the benefits of data collection – custom websites, pre-populated forms, offers that speak to their personal needs. Most marketers truly respect their customers, take wide precautions, protect data vigilantly, and generally do the right thing. I am confident we can find a win-win-win for the industry, consumers, and the regulators.
Now is the time for every marketer to step up and be educated about privacy and consumer protection. If you don’t know how your firm or your vendors collect and use consumer data on your behalf, learn now. Participate in efforts like AboutAds. We must continue to demonstrate our willingness to be transparent and vigilant around consumer and data protection.
I also recommend you send the FTC report to your internal legal counsel, as well as ask your marketing vendors about their plans to evaluate and accommodate any likely impact. Industry groups like the Interactive Advertising Bureau, The Direct Marketing Association, and Privacy.org will likely be collecting comment from the industry – so if you are a member and can add your voice to the conversation, please do.
With Halloween, the US presidential election and Thanksgiving in the rear-view mirror, we're now headlong into the all-holiday-all-the-time stream. And, we all know what's coming.
Here's what will happen with email in 2017: nothing is going to change until we as marketers change how we think about email.
Black Friday can be a great commercial opportunity for brands and email marketing can be an integral part of your marketing strategy. What's the best way to increase its effectiveness?
In March, LinkedIn launched Sponsored InMail, an ad solution that allows marketers to send promotional messages to the InMail inboxes of LinkedIn users.