While Senators John Kerry and John McCain were introducing their Commercial Privacy Bill of Rights to the Senate, Jerry Cerasale, the Direct Marketing Association's (DMA) senior vice president of government affairs, delivered a battle plan for direct marketers to keep their businesses out of the muck and ahead of legislative handcuffs. "I've been with the DMA 16 years," says Cerasale, "and I don't think we've ever been under attack like we are today."
In Cerasale's opinion, delivered at the Direct Marketing Club of New York's legislative update luncheon on April 14, what some groups call violations of privacy are "sometimes just an annoyance. People use privacy as a claim to stop what's annoying to them." And, while it may make a great sound bite to say the government is protecting citizens' privacy, he points out that such legislation could strangle growth in a sector the DMA says contributes 10 million jobs and $2 trillion to the economy.
An Unnecessary Bill of Rights?
The legislation introduced by Senators Kerry and McCain raises a host of issues that Cerasale says could make direct marketing as we know it impossible. According to him, the proposed legislation would have the following effects:
- All companies would have to implement these new standards, including nonprofits that have not been required to meet such standards in the past.
- All data collection would have to allow opt-out.
- Sensitive data would require an opt-in before collecting it. Cerasale points out that the definition of "sensitive" data is being stretched by state court decisions. For example, he describes the recent California Supreme Court decision that classified a basic ZIP Code—the tracking of which is necessary for the security of any credit card transaction—as sensitive information.
- Companies would be required to have written privacy policies.
- Companies that change their written privacy policies would not be able to retain or use data collected under the old privacy policies.
- These standards would also apply to public information. Marketers would not be able to append public information to database entries that included private information without applying the same privacy options afforded to that private data.
- Any federal legislation would eliminate the option for self-regulation.
Not all federal intervention is a bad thing, according to Cerasale. For example, the DMA supports federal regulations for data security breaches because this would allow all U.S. marketers to operate under one standard, not 50 individual state standards.