View
217
Download
0
Tags:
Embed Size (px)
Citation preview
February 11, 2008February 11, 2008
Ensuring Compliance In The Ensuring Compliance In The Email RealmEmail Realm
• The compliance basics
• Third-parties and affiliates—compliance for experts
• The big “take aways”
Agenda
• The compliance basics
• Third-parties and affiliates—compliance for experts
• The big “take aways”
Agenda
While most of the law’s prohibitions are aimed at the worstactors, CAN-SPAM’s required inclusions target all senders ofcommercial email
Clear and conspicuous notice that email is commercial (not “ADV:”)1. Does not apply if sender has “affirmative consent” of recipient
Clear and conspicuous notice of ability to opt-out
Working unsubscribe functionality1. Internet-based mechanism2. Of the sender’s choosing 3. Applied within ten business days
Subject lines that are not misleading or deceptive
Valid physical postal address
The Compliance Basics
The Commercial Notice Requirement
Clear and conspicuous notice that email is commercial (not “ADV:”)
While not a “flashpoint” of FTC litigation, the FTC has made this a “rider” offense under CAN-SPAM cases
1.United States of America v. Jumpstart Technologies—emails appeared to be personal and were playing upon that notion2.Federal Trade Commission v. Optin Global—email portrayed as a confirmation without commercial notice
Generally prevalent in all FTC actions that involved “predatory and abusive” practices
Clear and conspicuous notice of ability to opt out
According to the FTC, 80% of its spam cases alleged violation of the opt-out requirement
Clearly a compliance concern, an obvious way to unsubscribe should be the cornerstone for commercial email campaigns
1.United States of America v. Jumpstart Technologies—emails contained unsubscribe links like:–“Go Here to Manage Your Mailing Preferences”–“Visit the BonusBonez Mailing Manager”–“Why wait? You can stop getting mail at any time”
2.So how does a marketer know when their opt-out disclosure is “clear and conspicuous?”–The placement of the disclosure–The prominence of the disclosure–The clarity of the language—is it understandable to the intended audience
Managers should avoid the fancy or esoteric
1.“To stop receiving commercial email from us…”
The Understandable Unsubscribe
Working unsubscribe functionality
Part of the 80%, ensuring that your unsubscribe link works is essential for CAN-SPAM compliance Two cases establish the need to ensure nearly perfect unsubscribe functionality
1.United States of America v. ICE.com–6,000 emails sent over 40 days–Sent more than 10 day business days after receipt of opt-out–Purported to be a technical outage–Resulted in settlement with FTC
2.United States of America v. Yesmail–Defendant utilized a reply-to address as its unsubscribe functionality–Spam filter blocked opt-out requests from getting processed
Ensuring the Honored Opt-Out
Rethinking the Subject Line
Subject lines that are not misleading or deceptive
Next to unsubscribe issues, deceptive or misleading subject lines are a lightning rod of activity for the FTC The FTC cases have been clear that, when taken on their own, subject
lines must rise above deceptive or misleading:1.Jumpstart Technologies
–“Hiya!”–“Invite”–“Happy Valentine’s Day”
“A subject heading that the defendant knew, or had reason to know, would be likely to mislead a recipient, acting reasonably under the circumstances, about a material fact regarding the contents or subject matter of the message.”
The Valid Physical Postal Address
Not As Difficult As the Law Makes It Sound
Other than cases involving a failure to include an address, the FTC has yet to prosecute where some valid address is present
FTC guidance on what it means?1. May 2005 NPR provides something to think on2. The FTC proposed defining “Valid Physical Postal Address” as including:
–Private Mail Boxes–Post Office Boxes–Street address
Agenda
• The compliance basics
• Third-parties and affiliates—compliance for experts
• The big “take aways”
• Working with other companies
• Ad networks• Affiliate programs & networks• Third-party email marketers• Offline direct marketers
• Various payment approaches
• Pay-Per-Click /Action• Pay-Per-Lead• Shared revenues• Pay for delivery
• Way to leverage own database more effectively• PII often necessary to share for affiliate monitoring, but also as part of the leverage
What Is Affiliate Marketing?
• Potentially joint ownership/use of consumer data
• Multiple privacy and contractual representations
• Transparency of transactions
How Does Affiliate Marketing Differ From Conventional Marketing?
Regulatory framework to be accountable for acts of affiliates
• CAN-SPAM: obligations imposed on advertiser, additional obligations on initiators
1. Implicit need to monitor actions of affiliates
• Gramm-Leach-Bliley: financial institutions must also require compliance by their vendors and service providers
• Section 5: prohibits unfair and deceptive trade practices. Application to affiliates?
Getting To Accountability
FTC ActionsCases brought by the FTC in several areas have suggested that marketers,
leveraging affiliates, should monitor affiliate behavior
• TJ Web – Jan 2007 settlement includes obligations onaffiliate review, based on CAN-SPAM
• Optin Global• Cleverlink Trading Ltd.• Zango• Cart Manager – March 2005
1. Director of Bureau of Consumer Protection’s press release statement of monitoring activities: “Companies and [vendors] must make sure that their privacy policies are in sync. A [vendor] cannot secretly collect and rent consumers’ personal information, contrary to a merchant’s privacy policy. At the same time, merchants have an obligation to know what their [vendors] are doing with consumers’ personal information.”
Getting To Accountability
New York Attorney General Actions
New NY AG Cuomo settles with major advertisers
in Jan 2007 -- online promotion of products and services
through another’s alleged deceptively-installed
adware programs
• Priceline• Travelocity• Cingular
Getting To Accountability
In what circumstances do companies have a
legal obligation to monitor affiliates?
What affirmative actions should your company
take to avoid any law enforcement action?
Establish necessary and reasonable policies and procedures,
depending on the level of relationship.
• It’s your playground, make the rules.• Know thy affiliate.• Don’t turn a blind eye.
Policies & Procedures
Establish standard operating procedures
for the relationship.
• Keep standards consistent.• If company doesn’t meet standards,
don’t bend rules – could be weak link.• Develop deployment strategies.• Rules for marketing: channels, media, frequency.
Playground Rules
Agenda
• The compliance basics
• Third-parties and affiliates—compliance for experts
• The big “take aways”
• Develop monitoring techniques to detect abuse• Utilize seeds • Leverage brand-monitoring solutions that identify
brand abuse• Ensure marketers are honoring channel representations• Verify/contractually require affiliates to use reputable
partners• Understand data collection and use policies
(and get contractual representations re: same)• Review applicable privacy policies as appropriate
(PII in particular)• Monitor suppression list and complaint activities
Know Thy Affiliate
The recent enforcement activities indicates that if youhave a close relationship with purportedly bad actors,you could be held liable for their actions, even if you didnot dictate them.
Blindness
Quinn Jalli, Esq.
Chief Privacy Officer and Vice President
of ISP Relations
Datran Media
345 Hudson Street, 5th floor
New York, NY 10014
Tel: (212) 706-4897
Fax: (212) 706-9758
Email: [email protected]
Contact Information