Changes to permission rules in U.S future?

Recently a customer of mine called me challenging whether or not their attorney was right in requiring their marketing department to include ADV in the subject line of their U.S. based emails.

Now, in my off the top head of knowledge I knew it was NOT a requirement to have ADV in the subject line based on Can-Spam, but I went ahead and emailed a few trusted colleagues the question just to see what their thoughts where on the use of it. In 2005, the FTC gave a report to congress on whether the use or requirement of ADV in the email subject line was a good or bad idea. In this report it was voted NOT to include it as a requirement. http://www.ftc.gov/opa/2005/06/adv1.shtm

When my colleagues responded, one of them added this, "Look into Can-Spam Sec 5(a)(5)(A)(i) and (B). "clear and conspicuous identification that the message is an advertisement or solicitation" is required unless there is prior affirmative consent. There is not specification on what constitutes "clear and conspicuous identification" which says there is not a standard format for doing this".

when another colleague responded he also reminded us of some changes in the FTC to come and that also in the report to Congress FTC Commissioner Leibowitz heavily suggested the use of ADV in the subject line. "In his dissenting statement, Commissioner Leibowitz said, “Requiring commercial e-mail to be labeled is not a panacea but, as the CAN-SPAM Act clearly recognizes, there is no single bullet theory for solving the spam problem. An ADV labeling requirement could be a modest tool to empower consumers to filter and sort commercial e-mails – to read them later, evaluate them individually, or delete them in bulk if they choose – and for that reason I respectfully dissent from the majority and urge Congress to consider a labeling requirement.” Again, the Commission voted to submit the 2005 report was 4-1 with Leibowitz dissenting.

So here's the interesting part in all this, on February 27, 2009, President Obama announced his intent to nominate Jon Leibowitz as Chairman of the Federal Trade Commission.

Just two weeks prior to the announcement, the new chairman also warned media companies and marketers that the FTC's new privacy protection guidelines could be their last chance to avoid regulation. "As the Report points out, targeted advertising can benefit consumers, subsidize free content, and promote a robust online market. But the concomitant online tracking and data collection, coupled with inadequate notice to consumers about what information is collected and how it is used, raise critical privacy concerns. How companies collect, combine, disclose and dispose of this data has serious ramifications for consumers." 

What does this mean for us in the email world here in the U.S.? Will we see stricter rules on email permissions, labeling, handling, and a step up in Can-Spam violation prosecutions if you don't do it right.

This also means then we could be seeing possible regulations on how behavioral marketing is performed. We could be seeing a fundamental shift in current U.S. law to one the MIGHT resemble how the European Union (EU) protects it's consumers with default opt-in choices on email, cookies, etc

How will react to changes from the FTC when it comes to permission or requirements on email, advertising and cookies? How does your company measure up to the self-regulations I just blogged about.

Folks, start looking at this stuff now. Starting auditing you companies data flows and permissions. I would suggest you start creating committees in your company that consists of decision makers from each department that's in charge of customer data. Everything from IT, sales, and marketing. These committees should be discussion at a minimum how you secure your data and handle consumer permissions. These groups should be the people who store the data for you, back-up the data, obtain the data, transfer the data, use the data, touch the data in any way (including third parties). They should meet weekly to discuss changes to your systems or process to understand the impact it will have on consumers and your company or even future self or required regulations.

I know a few email/privacy coalitions and alliances are watching this one carefully. Maybe your company should be as well.

-Dennis

Don't Just Send, Deliver!