eprivacy law marketers need to know
Post on 11-May-2015
1.179 Views
Preview:
DESCRIPTION
TRANSCRIPT
© 2014 Marketo, Inc. Marketo Proprietary and Confidential
Duncan Smith CEO, iCompli
Autumn Tyr-Salvia Email Strategy & Compliance Analyst, Marketo
Liz Smyth EMEA Marketing Director, Marketo
© 2014 Marketo, Inc. Marketo Proprietary and Confidential
Liz Smyth EMEA Marketing Director
@lizsmyth
Page 3 © 2014 Marketo, Inc.
The Rise of the Marketing Nation
Page 4 © 2014 Marketo, Inc.
THEN NOW
Information: SCARCITY
Purchasing Power: SELLERS
Organizational Power: SALES
Information: ABUNDANCE
Purchasing Power: BUYERS
Organizational Power: MARKETING
Unprecedented Changes in Buying
Page 5 © 2014 Marketo, Inc.
Finding customers Being found
Point in time blasts 1:1 Durable relationships
Demographic Behavioral segmentation
Few/isolated channels Exploding/integrated channels
THEN NOW
The New Rules of Marketing Engagement
#1
#2
#3
#4
Intuitive decision making Owned, big time series data #5
Page 6 © 2014 Marketo, Inc.
The Bottom Line: Everyone Can Market Like Amazon
Duncan Smith CEO, iCompli
@Duncan_iCompli
Copyright iCompli Ltd 2014
Two important privacy ‘agents’
What PEOPLE are aware of
and want
What the LAW requires us to
do
People ‘datafication’ How accurate is too accurate?
The understanding and application of privacy is not an academic exercise; it has a measurable impact on corporate risk and customer relationships. Let’s look over the ‘brow of the hill’ and prepare ourselves for legal and cultural changes.
Copyright iCompli Ltd 2014
Is the Perfect Storm on it’s way? “Perfect storm" of more data, more REGULATION
more ENFORCEMENT AND more AWARENESS
Copyright iCompli Ltd 2014
Data
Device
‘Hamster Wheel’
Copyright iCompli Ltd 2014
Copyright iCompli Ltd 2014
CULTURE AND AWARENESS Are they people saying anything?
Copyright iCompli Ltd 2014
Two important privacy ‘agents’
What PEOPLE are aware of
and want
What the LAW requires us to
do
Copyright iCompli Ltd 2014
DMA research
The Data privacy: What the consumer really thinks is published by The Direct Marketing Association (UK) Ltd
Copyright iCompli Ltd 2014
Copyright iCompli Ltd 2014
‘Stealth wear’, a reflection on changing attitudes
Copyright iCompli Ltd 2014
‘Stealth wear’, a reflection on changing attitudes
Hyper-local maps
Copyright iCompli Ltd 2014
Copyright iCompli Ltd 2014
Two important privacy ‘agents’
What PEOPLE are aware of
and want
What the LAW requires us to
do
Copyright iCompli Ltd 2014
Source: Data Guidance http://bit.ly/1j2s9iw
Copyright iCompli Ltd 2014
Do PEOPLE care about their privacy?
Technology is driving the collection/appetite for data Is the backlash coming?
Black, gay or Democrat? Facebook Likes are 85-95% accurate
we found out that as long as a pregnant woman thinks she hasn’t been spied on, she’ll use the coupons
Copyright iCompli Ltd 2014
What changes are on the RADAR
EU General Data Protection Regulation (GDPR) 2014: On going negotiation between EC, Council of
Ministers and Euro MPs 2014/15 Plenary Vote 2016 Q1 Possible implementation
PRISM mass surveillance under microscope 2014 Q1 first reading of enquiry including reviewing the Safe Harbor and binding
corporate rules governing EU to US data transfers Rise of ‘Trust Me’ badges
Copyright iCompli Ltd 2014
6 to watch out for..
Breach Notification
Mandatory data loss
disclosure
Privacy Process
PIA and Policies
Children
Under 18s
Right to be forgotten
Consent withdrawal, data erasure
Processor Controller obligations
More responsibility
for data security
Legitimate interests
Consent rules ‘harden’
Copyright iCompli Ltd 2014
Copyright iCompli Ltd 2014
New Behavioural Advertising Rules
Re-Targeting and Re-
Marketing
User visits a site
User completes a
particular action
Groups of users
formed based on
their actions
Groups are re-targeted and served specific ads
• OBA Rules - in force on 4 February 2013 - require third parties to give clear and comprehensive notice to users that; • they are collecting and
using web viewing behavioural data for the purposes of OBA, and
• how a web user may opt out of collection and use
• Must not create ‘segments’ to target under 13s
Copyright iCompli Ltd 2014
OBA Focus in the EU Non statutory changes These are in addition to Privacy
and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (‘Cookie law’) Emergence of self certify ‘Trust
Me’ schemes
© 2014 Marketo, Inc. Marketo Proprietary and Confidential
Autumn Tyr-Salvia Email Strategy & Compliance Analyst
@aceofemail
Page 30 © 2014 Marketo, Inc.
Global Privacy Law
Page 31 © 2014 Marketo, Inc.
Why is spam considered bad?
• Receivers pay to receive email • More than 90% of email is spam • = Lots of money wasted!
Page 32 © 2014 Marketo, Inc.
US Email Law
• CAN-SPAM • Does not prohibit sending unsolicited email • Requires functional unsubscribe • Prohibits email fraud
Page 33 © 2014 Marketo, Inc.
US CAN-SPAM
CAN-SPAM: Not terribly effective at reducing unwanted email
Page 34 © 2014 Marketo, Inc.
Canada Email Law
• CASL – Enforcement Starts July 1, 2014! • Requires opt-in
o Very specific about opt-in methods • Passive opt-in expires
o 6 months for inquiries o 2 years for former customers
• Covers all Canadians • Private right of action (2017)
Page 35 © 2014 Marketo, Inc.
Best Practices
• Stricter than US law – comply with global antispam community • Direct opt-in – not opt-in to a third party data vendor • Engage in best practices to get the best results
Page 36 © 2014 Marketo, Inc.
Cookies
• Essential functions: • Personalization • Site preferences • Shopping carts • Analytics • Marketing data
• Fears: • 1984
Page 37 © 2014 Marketo, Inc.
US Cookie Law
• California Privacy Law AB370 • Disclose whether you respect “Do Not Track” • Disclose whether 3rd parties collect PII for you • Have a comprehensive privacy policy
Page 38 © 2014 Marketo, Inc.
Canada Cookie Law
• CASL • Virtually no restrictions on cookie tracking
Page 39 © 2014 Marketo, Inc.
Australian Privacy Act (1988)
Ten National Privacy Principles for handling personal information: • Collection • Use & disclosure • Information quality & security • Openness • Access & correction • Identifiers • Anonymity • Trans border data flows • Sensitive information
Permission for email is by Opt-in only, that is Express consent (direct from the recipient) or Inferred consent (a relationship with the customer already exists).
Page 40 © 2014 Marketo, Inc.
Australian Privacy Act (2014) By March 2014, Australian organisations with annual revenues of over $3Million will need to comply with an amended Privacy Act. These organisations will need to detail how they handle personal information, & understand the changes to when personal information can be used for direct marketing or be sent overseas, for example –
• An organisation must notify a user of the intended purpose of collecting
their information at the point the personal information is collected. • Consent must be kept up-to-date & customers should be informed when
their data may be used for a different purpose to what was communicated when it was stored.
• From March 12 if data is disclosed offshore to a 3rd party provider the organisation can be held vicariously liable for any breach by that third party (i.e. a breach by your cloud computing provider is treated as your breach) meaning additional due diligence & bespoke contracts may be required.
Page 41 © 2014 Marketo, Inc.
New Zealand Privacy Act (1998)
Twelve privacy principles: • Collection of personal information (1-4) • Storage & security of personal information (5) • Requests for access to & correction of personal information (6 & 7) • Accuracy of personal information (8) • Retention of personal information (10 & 11) • Use of unique identifiers (12)
Permission for email is by Opt-in only, that is Express consent (direct from the recipient) or Inferred consent (a relationship with the customer already exists)
Copyright iCompli Ltd 2014
OUR ADVICE What are our recommendations?
Copyright iCompli Ltd 2014
Top 5 Things you can do now
1. Get your finger on the pulse and start ‘following’ people and organisations who report on changes to privacy law
2. Raise the privacy ‘bar’ in your organisation, get it on the agenda and start to prove the business case by demonstrating TRUST-PRIVACY-SALES go hand-in-hand.
3. Be AWARE of your target audience and their differing privacy attitudes
4. Privacy impact assessments and privacy by design are coming – you might as well start now (see 2 above)
5. Use personal data to deliver demonstrable benefits (‘Genius’).
@Duncan_icompli
Copyright iCompli Ltd 2014
5 ‘Low hanging fruits’; quick easy privacy impact assessments 1. Revisit your web assets and check what cookies/tags are
dropped 2. Confirm they are described/listed in your privacy policy 3. Confirm there is a clear message on ‘first access’ that
your site uses cookies and present options to manage/limit collection of data
4. Set your customer record to have a ‘provenance’ field aka ‘where did you get my name from’?
5. Record data provenance on all new contact/leads acquired
© 2014 Marketo, Inc. Marketo Proprietary and Confidential
Questions?
Duncan Smith
Autumn Tyr-Salvia Liz Smyth @lizsmyth @Duncan_iCompli @aceofemail
top related