Welcome to Identity Trust CIC

 

 

Enabling Trust: Empowering People

 

 


FTC Behavioral Ad Guidelines: Compliance May Be Challenging
ISPI Clips 129.501: FTC Behavioral Ad Guidelines: Compliance May Be
Challenging
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This From: ClickZ News, February 25, 2009
http://www.clickz.com

Behavioral Ad Guidelines: Compliance May Be Challenging
http://www.clickz.com/3632890

By Robin Neifield, ClickZ,
Feb 25, 2009

As you likely know, the FTC released its staff report, "Self-Regulatory
Principles for Online Behavioral Advertising" this month, and the industry
has been buzzing about it.
http://www.ftc.gov/os/2009/02/P085400behavadreport.pdf

As head of an agency with a substantial stake in behavioral targeting, I'm
interested in the report, but it also has broader implications that all
marketers need to take into account.

On a call conducted early last week with industry association Network
Advertising Initiative (NAI  http://www.networkadvertising.org/ ), I
realized NAI governing principles are well aligned with the FTC's. But there
are still open questions on both sides, and the biggest takeaway is that
more work needs to be done by the two groups, especially when it comes to
innovation from the online advertising industry.

Yet behavioral targeting isn't the only discipline to make use of consumer
data; contextual marketing and other display disciplines leverage aggregate
demographic, geographic, and purchase data to target their audiences in much
the same way behavioral marketers do. As such, all marketers should pay
close attention to ensure they're falling in line with best practices set
out by the NAI, the Interactive Advertising Bureau, and other industry
organizations who are responsible for spearheading industry self-regulation.

But how? This is a pretty dynamic industry. By the time this debate of
self-regulation versus federal regulation comes to any sort of solution,
some new technology is sure to emerge to completely change the game again.
All we can do as an industry is use our best judgment, conduct regular risk
assessment, and stay up to date on best practices and principles coming from
both within the industry and from federal agencies. As in all things, it
helps to have guiding principles that make the consumer interest the top
priority; all the agencies have done a good job of that thus far.
<| Powered by www.ISPIClips.com |>

Here are some high-level guidelines to follow if you're not sure where you
fall on the FTC's spectrum, especially if you engage in behavioral targeting
in any way. It's good practice to check your practices against these new
guidelines for compliance. Keep in mind the added benefit of having happy
customers and a clean, healthy business model.

Disclaimer: I'm not a lawyer or federal authority. This is not an exhaustive
set of recommendations. These are simply high-level recommendations for best
practices -- plus common sense. Please consult your attorney for
authoritative guidance on your approach to privacy and data management.

  .. Make sure your privacy policy is clearly visible on your site.
  There is lingering debate about whether privacy policies are
  effective and what exactly the FTC means by "prominent" notice
  to consumers about privacy. Again, this is mostly about common
  sense. Many people still look for privacy policies. Make sure yours
  is easily found, updated, concise, clear, and written in layman's
  language. If you can open up your home page and find the link to
  your privacy policy without a magnifying glass or a "Where's Waldo"
  champion, you should be fine.


  .. Retain data only as long as necessary to fulfill a legitimate
  business need or as required by law. Both the NAI and FTC policies
  make this requirement clear, and, once again, data retention is a
  matter of common sense. Retaining outdated data is wasteful
  because it can create additional security and privacy burdens, plus
  it's no longer useful for marketing. We typically find it useful to ask
  how a particular data set can be used to optimize programs, make
  the customer experience better, or make messaging more relevant.
  If you can't answer any of those definitively, you don't need the data.
  If you don't need the data, don't keep it.


  .. Provide your customers with the option to opt out and opt in. This
  requirement can be trickier, because there are several factors that
  must be considered. Providing the mechanism for opt-out and opt-in
  is fairly straightforward, and the NAI can assist in defining that.
  When you make changes to your privacy policy, proactive or
  retroactive, you're supposed to provide an opt-in again. Then the
  issues of personally identifiable information (PII) and sensitive
  information come into play. The FTC report defines PII as data that
  "reasonably could be associated with a particular consumer or with
  a particular computer or device," but that's still awfully subjective.
  Better to be safe than sorry. And if your target audience includes
  minors, your requirements are significantly changed. Remember,
  the place to gather and use PII is after you've established a
  relationship with the consumer and received her permission.

Many open questions remain for the industry and the federal government. In
the end, much of the guidelines involve common sense and business sense. You
can protect your customers' privacy while maintaining your e-marketing
strategy to leverage data. Simply but rigorously ensure that security
measures are implemented appropriately and be as transparent with your
practices as possible. This will reinforce for your customers that you're
making their privacy a priority and will ensure that you are complying with
legislation. Maintaining that standard of business practice helps us
maintain the viability of industry self-regulation and safeguards the public
trust.


Incisive Interactive Marketing LLC. 2009 All rights reserved.


~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
Copyright © 1998-2009, Institute for the Study of Privacy Issues (ISPI)
 PO Box 201 - Crofton, British Columbia - V0R 1R0 - (250) 246-2784
   This e-mail address is being protected from spam bots, you need JavaScript enabled to view it    www.PrivacyNews.com   www.ISPI.info