My friend DJ Waldow does an excellent job of pointing out the fact that not following what you say you will or shall do with customers information within your privacy policy can get you into trouble with the end-users not agree with the mail they receive. However, I would also add to this piece that you could as well get the attention of the U.S. Federal Trade Commission (FTC) or a Data Protection Authority (DPA) in some countries by performing an unfair or deceptive trade trade practice. Not following process or promises within in your stated privacy policy can violate Section 5 of the FTC Act. Section 5 of the FTC Act prohibits unfair or deceptive acts or practices in the marketplace.
Per the FTC's site on Unfairness & Deception, a key part of the Commission's privacy program is making sure companies keep the promises they make to consumers about privacy, including the precautions they take to secure consumers' personal information. To respond to consumers' concerns about privacy, many Web sites post privacy policies that describe how consumers’ personal information is collected, used, shared, and secured. Indeed, almost all the top 100 commercial sites now post privacy policies. Using its authority under Section 5 of the FTC Act, which prohibits unfair or deceptive practices, the Commission has brought a number of cases to enforce the promises in privacy statements, including promises about the security of consumers’ personal information. The Commission has also used its unfairness authority to challenge information practices that cause substantial consumer injury.
Some Enforcement Examples:
Make sure folks you have someone on staff that can understand privacy and not just email best practices.
A good information or privacy officer must:
- Hold a senior position
- Be familiar with how information is collected, stored, used and disclosed in the business
- They must understand how privacy impacts your business and it's customer
- Know how to ensure your company is in line at all times with it stated polices
- Be experienced with client relations
- Be comfortable with legal matters
This is a great piece DJ! Thanks for putting it out there and reporting on some of the industry discussions at the conferences.
--------
March 17th, 2009 by DJ Waldow
Privacy Policies.
Everyone has them (even Bronto). You can usually find them in the fine print at the bottom of pretty much every website.
When I first wrote that last sentence, I was kinda joking, but then decided to test it out. Try it. Go to your favorite website. Maybe it’s Google or ESPN or CNN. Scroll to the bottom. I promise that you’ll see a link to some form of a privacy policy. Trust me (or google “privacy policy” now).
But, what do “privacy policies” really mean? Who actually follows them to the letter or even spirit of the law? I’d argue that the answer to that last question is very very few.
I sat in on a session at the Marketing Sherpa Email Summit 2009 yesterday afternoon and heard the following statement from a representative of a major marketer when asked about how they adhere to their email privacy policy.
“[Company ABC] has a pretty liberal privacy policy.”
It was followed by an uncomfortable, somewhat awkward laugh, then silence. I’m not sure, but I may have even seen a “wink wink.” That type of statement worries me…and it should also make you - as a consumer - uncomfortable. When thinking about email marketing, what exactly does “pretty liberal privacy policy” mean?
As a marketer, if I have a “pretty liberal [email] privacy policy” does that mean I don’t need to honor the rights of my subscribers? Does it mean that I can send them any email I choose because my privacy policy states it is okay? Does it mean I can send third party emails? Because I have a privacy policy, can I just do whatever I want with “my” data or “my” customers?
If you’ve answered “yes” to any of the questions above, you may be experiencing deliverability issues. After all, much of good deliverability is about sending relevant, timely, targeted emails to those who have asked for it. Loose adherence to privacy policies tends to break one - if not many - of the above adjectives. If you think slapping that privacy policy on your website is the same as earning permission to email those who use it, think again.
Is it time to review your privacy policy? What do you think?
*Happy St. Patrick’s Day
DJ Waldow
Director of Best Practices & Deliverability at Bronto
------
-Dennis
Don't Just Send, Deliver!
its great you brought up this issue as so many peopledont really care about it.i will post more on this issue in my next blog.
Posted by: matutu | March 30, 2009 at 05:33 PM