There is still a lot of debate as to whether open tracking is or should be covered under the revised Privacy and Electronic Communications Regulations. In my last blog post, Open Tracking and the New Cookie Law, I shared the thinking of the Email Marketing Council and put forth an argument as to why open tracking is and should not be covered. This is all well and good but as the amended regulations are vague on this the Information Commissioner’s Office has to leave their options open, which is good for the industry. It is good because it allows us to take the lead in determining the standards for getting and maintaining consent for open tracking. The Email Marketing Councils of both the DMA and IAB are collaborating on a document in which we will detail this framework in more detail but in the meantime here is the general outline.

First let’s start with the easy part – data collected going forward. Very simply we just need to notify new subscribers that we use open tracking, tell them what it is and how we use it and get their consent with the opt-in.

This of course leaves the legacy data which is everybody’s concern. Some are even saying that this change will leave this legacy data useless. This approach is too black and white. We should instead work within the shades of grey.

The fundamental principle behind the changes to the regulations is that consumers do not understand how they can be tracked on the internet and the changes to the regulations are there to force the industry to become more open and transparent with consumers about how they are being tracked, what data is collected, and why. I think to a degree this underestimates the intelligence of the average consumer.

Sure, if you ask the average person on the street if they know what open tracking is or how it works, they will look at you as if you have sprouted horns. If on the other hand you ask the same person if they get marketing emails and if they thought that marketers might monitor who opens and clicks their emails to see how effective they are and make them better, then those response is more likely to be “Well yeah, they would be crazy not to.” On top of this we have been telling consumers that we use open tracking in our privacy statements since PECR was first implemented in 2003.

These recipients have been notified and are aware of open tracking, so keep mailing them. That is not to say we don’t notify our existing recipients of the changes in the law wherever possible but we do not have to throw this data out and start over.

In the interest of transparency, we should do everything we can within reason to notify our loyal recipients of these changes. I will leave it to the DMA IAB collaboration to flesh out how to do this.

There has been a lot of talk in the email industry about whether open tracking falls under the category of “similar technology.” Let’s be clear right from the off: we cannot answer this question – only the Information Commissioner can answer this question definitively.  What I can do is analyse what we know so far.  A simple search of the most recent guidance notes showed that the word open was used four times and email was used once and this wasn’t in respect of email marketing.

Based on the conversations that have gone on with the great and good of the email community both here and in the US, The Email Marketing Council believes that email open tracking is not covered in this legislation. The purpose of the new Privacy in Electronic Communications Regulations was to “protect the privacy of internet users” and was driven by “concerns about the online tracking of individuals and spyware.”

Open tracking uses a one pixel by one pixel clear GIF, which is stored as a temporary file on the user’s computer. This is very different than the cookies used to track individuals online:

• Once images including open tracking GIFs are downloaded by the consumer, there is no way for the marketer to read them back. Cookies on the other hand are files stored on the user’s computer and are designed to be accessible over and over.
• Open tracking GIFs return information in the same way that web pages return information about the user’s computer because that is how the internet was designed as opposed to cookies which are designed specifically to allow websites to track previous behaviour.
• Open tracking is associated with an email address and is therefore device independent versus cookies which have a one to one relationship with a specific device.

If these differences are not enough then I throw out one last thought. Open tracking is most similar to web traffic and activity analysis based on server side processing of web server log files. This is not covered by the regulation changes. Even when it comes to client side cookie based analytics, the ICO has stated that they cannot conceive a scenario where they would prosecute for use of analytics cookies

I think that the motivation behind the new cookie law is a good one.  Consumers do not really understand that everything they do online is being tracked.  They believe that because they are moving around the internet in the privacy of their own home that what they do is private.  This law however is clearly aimed at cookies used to build complete profiles of internet users which could eventually be sold on. These regulations were not aimed at marketers trying to ensure their emails reach the inbox and improve how they communicate with their customers.

As always the law is not the same as best practice. Marketing best practice is to be clear and transparent with customers. To this end, regardless of the law, it is sensible to include in your privacy policy that customers opting-in are giving email permission, open tracking and permission for other data use appropriate to your email communications.  Look out for a whitepaper on the topic to be published in the near future.

I’ve got to admit, I don’t like spam. Not just professionally, it really gets my goat personally as well. It’s not that I’m a particularly sensitive soul when it comes to email communications, but I just don’t like being sent stuff I haven’t asked for. Ok, I acknowledge that most of the downright illegal and virus laden traffic is now being successfully filtered by the great work of the spam filtering businesses and ISP’s, so what’s left to Grinch about?

Email is a powerful marketing channel, and its superb revenue driving potential is now becoming widely acknowledged. Email hasn’t got to this position by itself, it has needed to be understood and strategies carefully put together by some pretty clever people to bring it to where it is today. Some recent DMA reports show that the public now acknowledge email as a marketing channel that provides value. In anyone’s book that’s an achievement, and it isn’t as if everyone is using the same strategies. However the similar thing about all the successful strategies is they are done well, with considerable thought and great execution. So in a channel that is going from strength to strength, why am I throwing my presents out of the sleigh about spammers?

The most fundamental practice and legal obligation regarding sending someone a marketing email, is that you need to have the person’s permission to do so. I’m not going to start splitting hairs about the pros and cons of opt in opt out etc, but it is pretty widely acknowledged that the person should know what they are signing up for. But that’s right isn’t it, you don’t want anyone on your list who doesn’t want to be there, right?

And if they unsubscribe, it means they want you to stop sending them emails; so you stop, because it would be crazy to carry on, wouldn’t it?

So… why have I been sent marketing emails from a company I’ve previously unsubscribed from, with text saying “we’d like you to subscribe to our newsletter”. No thank you. I’ve unsubscribed once – isn’t that enough? Someone even sent me an email Christmas card that automatically signed me up to marketing emails!

Those are two examples from a very limited sample size. It is possible I have been very unlucky, but it does demonstrate this issue exists. It wouldn’t take long for the trust that has been built up with the public over the last few years to be eroded. At a time when we should be encouraging as many subscribers to sign up to our email communications, playing fast and loose with email permission is not the way forward. New European legislation threatens to make permission and data use more of an issue for the online marketer, we need to develop the public’s trust, not damage it.

With the revenue driving potential of the channel, it is easy to see how some could be tempted to go against the express wishes of their customers, in an attempt to drive a few extra sales. But in doing so marketers must consider the cost to their reputation.

The Online Trust Alliance (OTA) has just released a Security by Design Framework which includes a  set of security best practices aimed at organisations that run “interactive messaging ecosystems”.

The eight-page framework document was created in response to recent high profile data breaches. Spearheaded by the OTA, it includes input from  industry organisations, service and technology providers and major brands. It aims to drive the message that security and privacy must be taken seriously – and immediately – and provides guidance for adopting effective security measures .  “As marketers are increasingly collecting sensitive and personal data, ‘security by design’ needs to become part of the industry’s DNA for every new service, feature and process,” said Craig Spiezle, Executive Director and President of the Online Trust Alliance.  “This collaborative effort demonstrates a commitment to online trust and confidence and the vitality of the internet.  The willingness of businesses to make systemic changes while recognizing their role as data stewards, demonstrates leadership and a commitment to self-regulation.  We call on all organizations to embrace these efforts and help put trust back in email.”

Virgin Blue has been fined AUD $100,000 for breaching the Australian Spam Act 2003, by continuing to send to recipients who have opted out.

Over an 18 month investigation, it was found that in a 2 month period alone, they sent emails to 10,000 recipients who had previously opted out. Virgin Blue state the problems were caused by a technical malfunction, but investigators claim that it happened over a long period and that Virgin Blue were not reactive enough.

So, as marketers what can we do to ensure this doesn’t happen to us?

Consider implementing routine audits of your technology; ensure that the unsubscribe link not only works but also is applied so that those who have opted out are unable to receive any more emails.

Audits of simple but essential processes such as this and your subscription process are often overlooked, yet should be done on a regular basis. I do many of these for my clients and am often surprised at how many broken links and faulty processes I find during these audits.

For example when was the last time you went all the way through your subscription process?  Clicked on your Privacy Policy only to find it the IT department has moved it? Updated your Privacy Policy to reflect any new activity on your website? You may well be unpleasantly surprised with what you find.

These audits can of course also be used to gauge the journey involved in this process and whether it can be streamlined to make it more palatable for your subscriber….stay tuned for a future post on this subject

I recently wrote a blog post looking at Russia’s latest attempt to combat illegal spammers. It struck me that I had to couple the word ‘illegal’ with ‘spammer’. Surely this is a bit redundant as spam is by definition illegal? In the minds of the consumer however, spam is “a message that I don’t want”.

This definition is akin to Supreme Court Justice Potter Stewart’s admission that he could not define what constitutes pornography but ‘I know it when I see it.’  The consumer perception or definition of spam is loose enough that it potentially classifies many of us and our clients or customers as spammers (at least in the eye of the recipient), even if our intentions were totally legitimate and above board.

In my mind, ‘spam’ can be classified in five different categories:

Wrong email at the wrong time – the sender is a legitimate brand and the recipient has signed up to receive email messages from them. This is all totally legal but, for whatever reason, the recipient feels this message is not right for them at this point in time.

This is the classic scenario where, just as your customer is opening your well crafted and highly targeted email, their four year old spills Ribena on the white carpet, the phone rings, and the postman knocks on the door.  Suddenly your message goes from being value-added content to being an added stressor and therefore spam in their mind.

Legitimate business that makes a mistake – this is a sender that usually abides by all the rules, but by accident, someone uploaded the wrong data list or sent the email to the wrong segment of customers.  We have all done it – accidents happen.

Legitimate business but don’t know any better – this is a sender that just isn’t aware of the legal requirements of email marketing. They take the attitude that if you send enough email, you’ll eventually get returns. It is frightening how often this happens. I recently had a rather heated debate with a client who is a very well respected and successful businessman who really struggled to get his head around why you couldn’t just trawl the web for email addresses for prospects.

Illegitimate business selling fraudulent products – this is where we start to get into the more illegal territory. These senders might be actually selling you something, but the product will be substandard or fraudulent and the data won’t have been collected in a legal way.

These are your classic snake oil salesmen selling a product that may or may not live up to the dubious claims of the pitch but a product nonetheless. I saw one recently where the email and landing page promised to sell me an Adobe Acrobat Reader License with one year’s maintenance for $1.50. Not a bad gig that; selling a ‘license’ for something that is free with maintenance on something that doesn’t break. Now this could (and in fact very likely will) be a way to collect credit card details for the last flavour of spam…

Illegal operation trying to get your personal details – this sender is a phisher and is trying to get you to click on a link that takes you to a phishing site or worse.

The recipient who sees a spam message in their inbox is unlikely to make these distinctions, however, as they simply click the junk box.

So what does this mean for us in the industry?

Well, for starters, I think we need to be very careful about how we use the word ‘spam’ because, as I’ve just shown, it covers a wide array of bases.

And it’s exactly for this reason that I was concerned about some recently released research that apparently found that the UK is one of the “most dangerous places to surf the internet in the world”, with one in every ten UK websites responsible for spamming recipients.  The specifics of this research have been thoroughly covered, but you can read both the research and the rebuttal and decide for yourself.

I think we all need to be careful and considered when using the word ‘spam’ and clarify which of the five categories we are talking about. Not only do we need to keep raising the standards in our industry by promoting best practice through industry guides and individual research like dotMailer’s Hitting the Mark report. We also need to start changing consumer perceptions too and move them away from categorising all unwanted email as spam through direct outreach and indirectly through the mainstream press.

We all have a role to play, but it’s not something that is going to be solved overnight, if ever.

Here’s a question to pose to anyone who still thinks social media will bring about the death of email. If that statement were true, then why are social media companies increasingly focused on improving their email deliverability?

The answer of course is that email is essential for the growth and profitability of social networks. In fact, social media companies are becoming some of the largest volume senders in the email universe, with hundreds of millions of messages being sent to their members each day. These emails include everything from status updates, friend/follower requests, wall postings, updates on tagged photos and invitations to join the network. It’s no wonder that ensuring those messages reach their members’ inboxes is crucial to the success of a social media company’s business.

However, social networks often have a higher mountain to climb when it comes to improving their inbox placement rates. Why? Because some of their practices—especially involving growing their member bases—drive a higher than average number of complaints when compared to other email marketers. Complaints negatively impact on sending reputation (the primary metric used by ISPs when determining how to route commercial email), and as a result, deliverability suffers.

What practices am I referring to? One in particular: allowing users/members to import their entire address books and then sending email invitations to those addresses to join the social network. These invitation emails often result in high volumes of complaints and can also increase the number of unknown users and spam trap addresses the social networking company is mailing to. This in turn damages their sending reputation, which lowers their chances of reaching the inbox.  Complaints and list quality in particular have a huge impact on whether a sender’s email gets routed to the junk/bulk/spam folder or goes missing all together.

So what’s a social networker to do? First, it’s important to regularly monitor inbox placement across the various ISPs and track complaints using feedback loops. Second, social networkers need to stop the risky practice of allowing users to import their address books. Finally, they need to undertake a renewed focus on the subscriber/member experience. How? Here are few ideas:

1. Create a user-friendly preference centre. Allow members to easily access it. Let them choose the types of email communications they want to receive, such as only friend updates, notifications, or wall postings. Promote the preference centre everywhere, including in the footer of every email, the welcome message, the website, the unsubscribe landing page and the member’s profile/account page. Encourage members to use it to customise the types of messages they are receiving and the frequency they are being sent.
2. Clearly communicate the privacy policy. Rather than using a lot of legal terminology, explain in simple and easy to understand terms how the member’s personal information will and won’t be used. Explain how this information can be made public or kept private and how it will be shared with other members. Learn a lesson from Facebook’s recent privacy issues, now being aggressively addressed in Germany.
3. Set the proper expectations. During the account creation/joining stage, explain what members can expect from the email program. Outline its benefits and clearly describe the program’s content and frequency. Provide links to examples of the emails being sent. The more information that is provided at this early stage, the better informed and prepared members will be for the emails to come.

Want more information? Learn how Return Path helped Friends Reunited improve their inbox delivery by over 25%. Read the case study here.

March 2010: Legal firm Osborne Clarke reports on a verdict in Germany in which the CEO of a travel company was personally responsible to ensure that each individual on a database of email addresses had explicitly given his prior consent to receiving marketing emails. Osborne Clarke reports that this new legal assessment will lead to changes in the scope of personal liability. The case coincides with the EU Commission’s plans to strengthen enforcement of EU email laws. (read more – requires free registration)

Yesterday I attended the Privacy session at the Email Insider Summit in Florida.

One of the key points that I took away from this presentation was an offshoot of a point raised by Return Path’s Tom Bartel. Now we all know that in order to comply with legislation we need to publish our Privacy Policy and state within this policy what we will be doing with the data we collect and Best Practise advocates that that we link to the policy at the point of subscription. All well and good. But who actually reads the Privacy Policy?

The answer…very few. So, on one hand this is good right? Because it allows us to put the typical 3rd party rental disclaimer in easily and no one’s the wiser right? Well…I guess so…but what kind of list are you growing? Is it a good quality list full of addresses which want to receive offers from 3rd parties?..or is it a list which is full of addresses who are not aware that they will be receiving 3rd party offers and are very likely to hit the ‘this is spam’ button as soon as they recieve an offer? If it is the latter, what value is this?

If your aim is to grow a good quality list then you need to be transparent and let your subscriber know what they’re signing up for at the point of subcription..easily and obviously. So, if your aim is to share the data with 3rd parties, then ask them to opt-in to receive them, which means offering an empty checkbox with a clear and obvious option for them to select rather than a pre-ticked checkbox with some confusing text. This then will give you a better quality, more valuable database.

And if you’re not going to share the data with 3rd parties -then proclaim it! Again- be transparent!! Have a disclaimer alongside of the form which states clearly that you will not be sharing the data with 3rd parties…This in turn will reassure the subscriber and very likely increase your subscriptions.

I was asked an interesting question this week in an interview for an Australian Publication, Marketing Magazine. They asked: "In your opinion, has the tightening of laws and regulations around email marketing been beneficial or detrimental to the industry? Why?"

Hmmm…where to begin? I believe it has been totally beneficial – but not for the reasons you may suspect. The actual problem of spam isn’t caused by legitimate marketers and as such the real spam issue can’t be resolved by tightening legislation. A recent consumer survey was conducted by Q Interactive, which revealed that consumers’ definition of spam varies greatly with that of legislation…it seems to have evolved from being ‘unsolicited’ to ‘unwanted’ emails. That said however, I believe legislation serves another purpose – which is to force marketers to continually look at their email marketing practices and find ways to improve so that their efforts are not only not unsolicited but are actually wanted.

Consumers are becoming less tolerant of irrelevant offers – not just in email marketing but in all areas of direct marketing. As a marketing medium, email is brilliant and allows you to segment and target so that you are able to send relevant emails. Without legislation, marketers could very well still be sending untargeted, irrelevant offers and therefore not be achieving the excellent ROI that email campaigns achieve today. The e-consultancy/Adestra’s Email Marketing Census 2008 reveals that email is rated as the second best channel for ROI after SEO. Therefore I believe the introduction of legislation has refined email marketing and helped to make it the successful marketing channel it is today.

Kath Pay, Managing Director, Ezemail