The Digital Privacy Equation
description
Transcript of The Digital Privacy Equation
The Digital Privacy Equation
Matthew Vernhout, CIPP/C
Director, Delivery and ISP Relations
Agenda
• Privacy Equation
– Trust = Control + Transparency + Value
• CASL Update
• Q&A
TRUST = CONTROL + TRANSPARENCY + VALUE
What is Trust?
• Trust is built through your products, reputation, actions, and marketing – Paid, Earned and Owned
• Consumers maintain multiple contact profiles and share these with marketers based on the trust equation: – Free web email accounts
– Social media profiles
– Postal address
– Cable/ISP/Work email accounts
– Mobile phone numbers
10 PIPEDA Principles
• Control
– Accountability
– Consent
– Accuracy
– Individual Access
• Transparency
– Identifying Purpose
– Limiting Collection
– Limiting Use,
Disclosure and
Retention
– Safeguards
– Openness
– Challenging
Compliance
TRUST = CONTROL + TRANSPARENCY + VALUE
Control Principle – Accountability
• Why is Accountability important?
– First stage of trust – declaring what you will do with any Personal Information that you collect from the recipient
• Potential Conflicts:
– Consumers want to know what you plan on doing with the information you are collecting
– Marketers want to do more with the information being collected
#1 complaint source for the Office of the Privacy Commissioner in 2011
Control Principle – Consent
• Consent must be in such a way that the individual clearly understands what they are agreeing to.
• Think about more granular control of consent - Consumer: – Implied vs. Explicit consent
#3 Complaint Source for OCP investigations in 2011
Control Principle – Accuracy
• Efforts should be made to provide tools that allow for users to self manage their accounts and profiles.
• Pro tip: – Build solutions that
allow for self-service management with controls to notify users of significant changes to their accounts (passwords, email addresses, etc.)
TRUST = CONTROL + TRANSPARENCY + VALUE
Transparency Principle – Identifying Purpose
• Set expectations
• Provide examples of what
you collect:
– Name
– Phone, etc.
• Why you need it and how
you plan on using it:
– Billing and subscription
information
Transparency Principle – Limiting Collection
• Personal information collected should only be limited to that which is necessary for the purposes identified.
• Limit the number of questions. – imagescape.com case
study: a shortened contact form saw • + 160% in the number
of forms submitted
• + 120% in conversion
Transparency Principle – Safeguards
• Physical Security vs. Virtual Security
– Access Levels within organizations
– Security policies and internal audits of these practices
• Examples:
– Public tweets from wrong account: Automotive company recently fired their agency over a misplaced tweet from the social media manager.
– Prevention: Have separate tools/accounts to limit this type of exposure.
Transparency Principle – Openness
• Provide a central point of access to your organization that is trained in dealing with customers and non-customers interacting with your business
• Examples: – Social media (Community
Managers)
– Privacy Officer/Team
– Contact Us/Support
TRUST = CONTROL + TRANSPARENCY + VALUE
What is the Value?
• Consumers give information to companies to improve the relationship/products/service
• Problem: – 74% of North American
Consumers don’t see benefit of exchanging personal information and other info
• How do you fix this? – Better reporting
– Preference centers
– Surveys
– Identify the perceived value of your brand
Source: List of consumer demands, G2 eCulturesEUROPE Report
Value for Consumers
• Inform users what value they can expect as the relationship deepens: – Discounts, coupons, points, free
content, exclusive invitation, etc.
– Targeted and relevant messaging for the recipient
– The more information collected, the better targeted the deals, offers and value returned
Value for Marketers
• Value is where the Win/Win is found: – Better offers to
consumers = loyal consumers • Brand ambassadors
are built on earned trust
– Rich data for the marketer to build trends, projections and analysis • Increased ROI
TRUST = CONTROL + TRANSPARENCY + VALUE
• Give more control to consumers
• Join the discussion with consumers and
listen to their needs/wants
• Use data and feedback to continually
improve your marketing efforts
• Give people a reason to trust you through
your actions and policies
CASL UPDATE
Overview
• Canadian Anti-Spam Legislation – Consent based messaging
• All messaging channels (email, SMS, IM etc.)
– Implied and Express Consent
– Includes Identification requirements
– Installation of Software
– Unsubscribe: Without delay, but not longer than 10 business days
• Regulations finalized by CRTC, OPC – Still waiting on Industry Canada
CRTC Regulations
• CEMs need to include these key identifiers:
– The name by which the person sending the message conducts business
– Third party messages you should use the name by which the third party
carries on business
– A statement indicating which person is sending the message and which
person on whose behalf the message is being sent
Source: EmailKarma.net: http://ekma.co/KBhihp
CRTC Regulations
• All unsubscribe mechanisms must be set out clearly
and prominently and must be able to be readily
performed.
– Find a way around password protected unsubscribes
• A request for express consent has been clarified to
include:
– Oral or written consent
– Must be sought separately for each channel (SMS,
Email, etc.)
• Computer program’s that cause a computer system
to operate contrary to reasonable expectations must
have a separate consent
Source: EmailKarma.net: http://ekma.co/KBhihp
Next Steps
• Industry Canada to release draft regulations
(expected in September/October)
– 30-day comment period on Draft
• Release of Final Draft with coming into force
date (estimated to be) Q2/3 of 2013
Summary
• Trust is earned
• Be upfront with disclosure and consent
• Provide more self-service tools to users
• Answer “What’s in it for me (consumer)?”
• Remember: CASL will be enforced next year.
– Review your processes now for potential
changes
Q&A
Thank You!
Matthew Vernhout
Director, Delivery and ISP Relations
416-361-3522 x238
Twitter: @emailkarma