While Senators John Kerry and John McCain were introducing their Commercial Privacy Bill of Rights to the Senate, Jerry Cerasale, the Direct Marketing Association's (DMA) senior vice president of government affairs, delivered a battle plan for direct marketers to keep their businesses out of the muck and ahead of legislative handcuffs. "I've been with the DMA 16 years," says Cerasale, "and I don't think we've ever been under attack like we are today."
In Cerasale's opinion, delivered at the Direct Marketing Club of New York's legislative update luncheon on April 14, what some groups call violations of privacy are "sometimes just an annoyance. People use privacy as a claim to stop what's annoying to them." And, while it may make a great sound bite to say the government is protecting citizens' privacy, he points out that such legislation could strangle growth in a sector the DMA says contributes 10 million jobs and $2 trillion to the economy.
An Unnecessary Bill of Rights?
The legislation introduced by Senators Kerry and McCain raises a host of issues that Cerasale says could make direct marketing as we know it impossible. According to him, the proposed legislation would have the following effects:
- All companies would have to implement these new standards, including nonprofits that have not been required to meet such standards in the past.
- All data collection would have to allow opt-out.
- Sensitive data would require an opt-in before collecting it. Cerasale points out that the definition of "sensitive" data is being stretched by state court decisions. For example, he describes the recent California Supreme Court decision that classified a basic ZIP Code—the tracking of which is necessary for the security of any credit card transaction—as sensitive information.
- Companies would be required to have written privacy policies.
- Companies that change their written privacy policies would not be able to retain or use data collected under the old privacy policies.
- These standards would also apply to public information. Marketers would not be able to append public information to database entries that included private information without applying the same privacy options afforded to that private data.
- Any federal legislation would eliminate the option for self-regulation.
Not all federal intervention is a bad thing, according to Cerasale. For example, the DMA supports federal regulations for data security breaches because this would allow all U.S. marketers to operate under one standard, not 50 individual state standards.
What Should You Do?
Facing these threats and others like them, Cerasale laid out a series of steps he says direct marketers must take to, frankly, keep the Feds off your back:
- "You have to have a security breach plan—it's impossible to be 100 percent safe—and it has to be in writing!" As far as the Feds are concerned, Cerasale says unwritten data breach plans don't count.
- "If you're marketing to children, Congress is watching." Be careful, protect children or it will lead to government involvement that will make it harder on everyone.
- The DMA backs the Advertising Information Icon of the Digital Advertising Alliance, and would like "to work with [Web browser developers] so there's compatibility" between browser-based do-not-track tools and the Advertising Information Icon. "This is something every one of you should be using," says Cerasale. "We have to have significant buy-in across the Internet ecosystem in order for this to work."
- Don't back off of recycling, says Cerasale. He points out that do-not-mail has largely been beaten back thanks to the impact it would have on the jobs market. But there are still pockets of support, particularly stemming from the medium's perceived waste. Cerasale recommends you include the Recycle Please logo and instructions on all paper-based marketing materials to refute the argument that direct mail is inherently wasteful.