Legal Issues Facing Email Marketers and How to Comply With Them, Part 3
This is the final part of a three-part series on legal issues facing email marketers, including what the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act is and how to comply with it; how to safely manage your behavioral targeting campaigns; and how European data protection laws affect email marketers. This week I'll examine European data protection laws. In part two of this series, which ran in the May 14 edition of All About eMail, I discussed behavioral targeting, and in part one, which ran in the April 30 edition, I looked at how email marketers can set up their operations to comply with CAN-SPAM.
Compliance is important for international email marketers because, like other marketing channels, a specific set of compliance requirements and regulations must be followed to ensure a successful and legal email marketing campaign. In some cases, not being compliant with international law can cost thousands of dollars in legal fees and fines (and possibly even criminal sanctions). Many international countries have their own unique approach to email marketing compliance.
The European Union (EU) has enacted laws that address direct marketing from a privacy perspective. These laws must be followed by all member states. The laws include The Privacy and Electronic Communications (EC Directive) Regulations 2003 and Directive 95/46/EC.
The EC Directive is based on the following eight principles, the purpose of which is to make sure information is handled properly:
- data must be fairly and lawfully processed;
- data must be processed for limited purposes;
- data must be adequate, relevant and not excessive ;
- data must be accurate ;
- data must not be kept for longer than is necessary;
- data must be processed in-line with individual rights ;
- data must be secure ; and
- data must not be transferred to countries without adequate protection.
It's important to understand that to some degree, every EU member state may be slightly different in how it interprets and implements the laws relevant to privacy and email marketing. In the case of the EU, it's important that you don't make the assumption that if you comply with relevant legislation in one member state, you automatically comply with the legislation in another. In some cases, EU member states may be at a different stage of implementation of the law.