This is the second in a three-part series of tips and takeaways from DMA's Institute for Data Governance and Certification. The new, three-day certification course will be held first on July 18-20, 2012, at DMA's NYC seminar center. Check back next week for Part 3 on data privacy policies.
Last week, I explained that we are migrating from a push marketing world to a pull marketing world—a change that will usher in fresh opportunities for marketers, as well as new, more restrictive points-of-view from regulators. This week, let's consider what you might add to your privacy policies and practices—both online and offline—to offset such restrictive viewpoints.
Healthy debate on innovative behaviors will continue to thrive in all quarters—from the blogosphere to the halls of Congress. At the same time, consumer brands and business marketers can find a balance between fair information practices and effective business procedures by adopting best-of-class privacy policies.
Almost all of the leading brands with a global presence have adopted the privacy principles found in the US-Swiss and US-EU Safe Harbor Framework. This effort to improve commerce between nations was forged by the US Department of Commerce to bridge the differences between the way we in the US define and regulate, and the way our friends across the sea do. (For more information on the Safe Harbor Framework, visit the US DOC site)
While not everyone reading this article has a global presence, the following five principals should be considered when updating, upgrading and enhancing your privacy policies as they relate to your data use, sourcing, storage and protection. I should also mention that leading associations—including DMA, DAA and its members—fully embrace transparency, notice and opt-out.
- Notice: Be clear, transparent and easy to understand when providing notice to your customers and prospects about how you collect and use information about them. Disclose with whom you might share their information, and make sure they can easily contact you.
- Choice: Give all of your customers and prospects the opportunity to choose not to have their information disclosed to a third party, and/or used in a manner that it is incompatible with its original intent. This is the opt-out component of great policy and practice.
- Compliance—Voluntary and Regulatory: Make sure your customers know that you comply with all of the laws and regulations that protect consumers and businesses. At the same time, make sure they know that you respect all do-not-solicit requests, and that you have a comprehensive and current suppression policy and practice.
- Data Integrity: This is the part you already know. Your data (information) must be clean. That means it's accurate, complete, current and reliable.
- Security: Make sure you take the necessary steps to protect your data from misuse, unauthorized access, alteration, disclosure or destruction.
Next week, we will have some tips on turbo-charging your data-privacy policies and we'll take a peek at what some leading companies are already doing.