Dr. Steve Lucas, chief compliance officer at Blue Sky Factory and one of the CAN-SPAM Act contributors, discusses permission-based email marketing. Dr. Lucas provides information to marketers based on six core elements of a trust-based approach - permission, privacy, reputation, expectations, and compliance
1. Baltimore, Maryland
Blue Sky Factory
Driving Email Marketing Performance
Permission-Based Email Marketing: Privacy, Preferences & Best Practices
June 30, 2009
3 PM
2. History & Importance of the Act
•Controlling the Assault of Non-Solicited Pornography and Marketing Act
of 2003, more commonly known as “CAN-SPAM” became effective on
January 1, 2004.
•Imposes a series of requirements on the use of commercial e-mail.
•Provides civil and criminal enforcement mechanisms to deter unwanted e-
mail and allows the state attorneys general to enforce its provisions.
•Authorizes the FTC to enforce violations of the Act in the same manner as
an FCC Trade Regulation.
•Lays the foundation for a clear differentiation of "spammers" from
permission-based email marketers.
Copyright 2009 Blue Sky Factory
3. Key Requirements of CAN-SPAM
•No misleading subject headings.
•Valid return email address or Internet-based reply mechanism.
•Physical postal address.
•Conspicuous notice identifying each message as an
advertisement or solicitation.
•Notice explaining how to prevent transmission of future
messages.
•Honor all “opt-out” requests within ten (10) business days.
•Refrain from selling, exchanging or otherwise transferring the e-
mail address of any recipient who has made an “opt-out” request.
•No spoofing of sender email addresses.
Copyright 2009 Blue Sky Factory
4. Changes to the Act Have & Will Occur in the Future
•Definition of the term “recipient”.
•Definition of “sender”.
•Only the designated sender is required to honor opt-out
requests made by commercial e-mail message
recipients.
•Clients that participate in co-marketing programs
involving the sending of commercial e-mail messages
should take care to agree in writing with their co-
marketers as to which will be the designated “Sender”
of such e-mails for purposes of CAN-SPAM compliance.
Copyright 2009 Blue Sky Factory
5. Other Recent Changes
•Physical address includes post office box or private
mail box established in accordance with the U.S.
Postal Service regulations.
•Opt-out: No fees or steps beyond sending a reply e-
mail message or going to a single opt-out Web page.
•No more sales pitch before effectuating their opt out.
•No forcing recipients to provide any information
other than an e-mail address and/or a recipient’s opt-
out preferences is now a violation of the Act.
Copyright 2009 Blue Sky Factory
6. Unsolicited Marketing
Desire to avoid unwanted marketing (spam,
postal mail, telemarketing) causes some people
to avoid giving out personal information
Copyright 2009 Blue Sky Factory
7. Permission-Based Marketing
•Seth Godin’s observation that recipients want to receive marketing
communication that is personal, relevant, and anticipated is a
proven concept.
•Six Core Elements of a Trust-Based Approach:
1.Permission
2.Privacy
3.Reputation
4.Preferences
5.Expectations
6.Compliance
Copyright 2009 Blue Sky Factory
8. What is Permission and Why is it Important?
•Explicit consent from a potential recipient.
•Express Versus Implied - Express permission is a
checked box or a submitted email reply that expresses
permission to send messages to the recipient. Implied
permission rationalizes collecting email from "targeted
sources" which is essentially comparable to harvesting
addresses.
•Permission Scope - When cross promoting to a list, it's
important to outline the scope of the program the
recipient is opting into.
Copyright 2009 Blue Sky Factory
9. Acquiring Permission
•Require user action that ensures you receive
affirmative consent by requiring action on the part of the
potential recipient.
•Send a confirmation email that confirms the
subscription and reinforces their preferences.
•Avoid pre-checked boxes.
•Obtaining permission to send email communication
limits legal liability, creates an audit trail, produces
higher delivery rates, and strengthens customer
relationships while enhancing the sender’s brand image
in the marketplace.
Copyright 2009 Blue Sky Factory
10. Acceptable/Unacceptable List Building Practices
Acceptable
•Append
•Opt-in
•Opt-in List Rental
Unacceptable
•Harvesting
•Opt-out – Unconfirmed appends
•List Purchase
•List Rental: Non Opt-in
•Directories
Copyright 2009 Blue Sky Factory
11. The Verified/ Double Opt-In Argument
•Closed loop confirmation method for adding
subscribers to your mailing list.
•Second step that potential subscribers must take to
become a member of your mailing list.
•Allow you to refute any spam complaints that may arise
and are seen by mail administrators as the most
privacy-conscious way to handle subscriptions.
•Corporate filters are more apt to whitelist your
newsletters if confirmation logs are available, and also
protect your company against anti-spam legislation by
providing evidence of solicitation.
Copyright 2009 Blue Sky Factory
12. Privacy Laws Around the World
•Privacy laws and regulations vary widely throughout the
world
•US has mostly sector-specific laws, with relatively minimal
protections - often referred to as “patchwork quilt”
•Federal Trade Commission
•Federal Communications Commission
•European Data Protection Directive requires all European
Union countries to adopt similar comprehensive privacy laws
that recognize privacy as fundamental human right
•Privacy commissions in each country
•Many European companies non-compliant with privacy
laws
Copyright 2009 Blue Sky Factory
14. Web Privacy Concerns
•Data is often collected silently
•Data from multiple sources may be merged
•Data collected for business purposes may be
used in civil and criminal proceedings
•Users given no meaningful choice
Copyright 2009 Blue Sky Factory
15. My computer can “figure things out about me”
The little people inside my computer might
know it’s me…
… and they might tell their friends
Copyright 2009 Blue Sky Factory
16. Privacy
An email privacy policy describes your email
marketing program practices and should cover:
1. Mailing frequency
2. Scope of marketing programs
3. Subscription management
4. Issue resolution procedures
5. Third party availability
Copyright 2009 Blue Sky Factory
17. Privacy Policies
•Let consumers know about site’s privacy practices.
•Allow consumers to decide whether or not practices are
acceptable, when to opt-in or opt-out, and who to do
business with.
•Increase consumer trust.
•Unfortunately they are usually:
•Difficult to understand
•Hard to find
•Take a long time to read
•Change without notice
Copyright 2009 Blue Sky Factory
18. Privacy Policy Components
• Identification of site,
scope, contact info
• Types of information
collected
• How information is used
• Conditions under which
information might be
shared
• Information about :
- Opt-in/Opt-out
- Access
- Data retention policies
- Seal programs
• Security assurances
• Children’s privacy
There is lots of information
to convey -- but policy
should be brief and
easy-to-read too!
What is opt-in? What is opt-out?
Copyright 2009 Blue Sky Factory
19. Cost to Read Privacy Policies
•Annual time to read online privacy policies
•p* R * n = 9.3 billion hours or 7 minutes/person/day
•10% of time people spend online
•p is the population of Internet users
•R is the average national reading rate for this type of material
•n is the average number of unique sites an Internet user visits
•Annual time to skim online privacy policies
•p * S * n = 5.6 billion hours
•S is the average time to skim a policy.
•Annual cost of reading online privacy policies
•$136.5 Billion or $613/person
•based on assumptions about value of work and leisure time
•Based on the ongoing work by Aleecia McDonald
Copyright 2009 Blue Sky Factory
20. You thought on the Internet nobody knew you were a dog…
…but then you started getting personalized ads for your favorite
brand of dog food
Copyright 2009 Blue Sky Factory
21. Behavioral Targeting
•In 2007/2008, more concerns raised about “behavioral”
targeting as a new round of companies started
deploying systems to target ads based on previous
online behavior
•Several state laws pending to enforce notice and
choice to consumers. FTC is also looking at national
“Do not contact” and “Do not track” regulations.
•Industry groups such as IAB and DMA are looking at
self regulatory solutions including a tracking button.
Copyright 2009 Blue Sky Factory
22. Preferences
•Providing the ability for recipients to self-select preferences and
modify personal profiles.
1.Update email address
2.Choice of format (HTML versus Text)
3.Frequency of messaging
4.Interests and preferences
5.Subscription Option/Unsubscribe Options
•Benefits of Updating
1.Global suppression is “required” by CAN-SPAM. Though not explicit, the
Act implies that global suppression options are required.
2.Easier for subscribers, provides control over messaging
3.Fewer bad addresses
4.More segmentation data so you can target specific interests
5.More satisfied customers
Copyright 2009 Blue Sky Factory
23. Email Reputation
•Helps you participate in whitelisting programs for the ISPs
that have them, and may help resolve any false-positive
blocking issues that may arise.
•Helps recipients communicate about their expectations, and
they'll be more likely to modify their profile or utilize
unsubscribe links instead of clicking on "report spam".
•Current methods of reputation management exist in the
following forms:
•Private Lists
•Public Lists
•Reputation Services
Copyright 2009 Blue Sky Factory
24. Managing Expectations
•An important component in establishing trust, and provides
opportunities for personalization and customer contact, reinforcing
the value received from a client list.
•Types of messaging:
1.Thank you page messaging
2.Confirmed opt-in email messaging
•Initial and ongoing messages should contain:
1.Timely content
2.From name
3.Quality - reinforcement of your brand
4.Content value - Reiterate the objective of your messages
and the value.
5.Reminder of subscription information
Copyright 2009 Blue Sky Factory
25. Ensuring Compliance
•Convene all company staff involved in the email marketing
process.
•Ensure that all affected personnel have a good
understanding of the act and how it might affect their
practices and policies.
•Review your customers email marketing programs to
ensure that they comply with the content and notification
requirements and involve your legal counsel as appropriate.
•Review and test your opt-out/unsubscribe language and
process.
•Ensure that all opt-out requests are honored within ten (10)
business days of receipt.
•Add a profile update page on your site and link to it from
your messages.
Copyright 2009 Blue Sky Factory
26. Conclusion
•Be aware of consumer protection laws at the federal and state
level. CAN SPAM Act does not supersede and override state law
or international law in all cases.
•CAN SPAM Act Compliance is crucial to your business
success.
•Focus on relationships, not transactions.
•The key to consumer confidence is privacy, security, and trust.
•The amount of information consumers will provide is directly
related to their opinion of your company in relation to the above.
•The industry must self regulate privacy, behavioral tracking,
and data integrity or the government will.
•Our laws are different than other countries. Don’t use the
excuse of ignorance of the law if you plan to target these
markets.
Copyright 2009 Blue Sky Factory
27. Thank You!
Thank you!
Q&A
Connect.
410-230-0061 - phone
bsfinfo@blueskyfactory.com – email
www.blueskyfactory.com - web
blog.blueskyfactory.com – blog
www.twitter.com/blueskyfactory - twitter
Copyright 2009 Blue Sky Factory