Category Archives: Permission

The Draft EU Data Protection Regulations and the Other Compliance Obligations

1 Reply

As our series of blogs on the proposed EU Data Protection Regulation is almost at an end, I think it’s fair to say that they made for very informative reading. I hope you would agree with me that many marketers can learn something from them. A lot of the main topics within the proposal have been covered. But what are the changes to the compliance obligations which organisations need to consider in their day to day activities if the proposal was to be passed in its current version?

Data processing is featured heavily in the proposed Regulation. One of the changes is around notifying the relevant national data protection authority, in the case of the UK the Information Commissioner’s Office (ICO), of your organisation’s data processing activities. Currently, providing such notification to the ICO has been a matter of course, whereas the proposal states that full records of data processing activities must be kept by the organisation and only supplied to the relevant national data protection authority on request.

The use of data in many organisations is crucial for marketing purposes, as well as general interaction with customers. If you work client-side, just think of the number of email campaigns your organisation sends out to your customers, whether the customers are active, prospective, lapsed or otherwise. Your data would have had to be processed in some way before emailing, whether it’s cleaning or segmenting for a targeted campaign; therefore keeping a record each time the data is processed with specific information would add another compliance burden to the activity. The obligation to keep records of processing activities is also extended to agencies where dealing with data is an integral part of running of the organisation, such as list rental and lead generation activities. With this in mind, if you think of your own organisation’s activities as well as the number of organisations involved in a typical data processing chain, then the number of data processing activities that will need to be recorded is overwhelming. The ICO is concerned that there is a danger that organisations will focus on the ‘paperwork’ rather than on actual data protection compliance. The removal of the notification fee, which organisations currently pay to the ICO when they complete the notification form, does raise questions as to how the ICO will be adequately funded to carry out its data protection work effectively.

Another change in the proposal which will have a big impact is the requirement for organisations with 250 or more staff to have a designated independent data protection officer. Even though data is crucial to a lot of organisations, the size, reasons for its use and frequency the data is handled and processed amongst organisations varies. The ICO believes that “a simple head-count criterion for the designation of a data protection officer is not the best approach.” Some low head count organisations may process a large amount of information about a lot of people and are therefore high risk. On the other hand, large head count organisations may carry out relatively small –scale and low risk processing. Read the ICO’s report on the draft regulations here

The additional bureaucratic requirements relating to these proposed new compliance obligations will certainly create extra administrative costs, particularly for smaller organisations. As well as the increased documentation of all data processing activities, consider the revision and issue of new terms and conditions, and the amount of employee guidance and training around these changes.

These new compliance obligations , as well as implementing the right to be forgotten, and explicit consent for data processing will mean that all organisations will have to review their day to day activities.

Opt-In & Opt-Out – Definitions of Consent according to the draft EU Data Protection Regulations

Leave a reply

As a consumer, I am always in favour of legislation which seeks to protect individual freedoms, and reduce ambiguity in what organisations can and cannot do with my personal information. As a marketer too, it is important that the availability and use of a consumer’s personal information be governed by clear guidelines, and ends in a mutually beneficial result – at the bare bones of it; providing a customer with timely, relevant communications based on the data they have provided, at the same time as (hopefully) making a profit for the organisation I am working for.

The real worry is that the current draft of the European Union Data Protection Regulation, does the opposite by introducing more complexity and ambiguity than already exists, and potentially creates further issues which would not have surfaced if the status quo were maintained.

The verbatim definition of consent within the Regulation is as follows:

“…’the data subject’s consent’ means any freely given specific, informed and explicit indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed…”
[http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0011:FIN:EN:PDF Article 4 (8)]

Furthermore, the “Conditions for Consent” are laid out as follows:
1. “The controller shall bear the burden of proof for the data subject’s consent to the processing of their personal data for specified purposes.

2. If the data subject’s consent is to be given in the context of a written declaration which also concerns another matter, the requirement to give consent must be presented distinguishable in its appearance from this other matter.

3. The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

4. Consent shall not provide a legal basis for the processing, where there is a significant imbalance between the position of the data subject and the controller.”

[http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0011:FIN:EN:PDF Article 7]

In the above, I have highlighted the key elements here – the Regulation is essentially saying that organisations need to obtain a clear and explicit statement/action by which a data subject provides consent. From an email permission-marketing best practice perspective, this is fine – however the Regulation does not address whether or not this would need to be retrospective for existing databases, and whether or not organisations would be able to contact customers with whom they have had previous interactions (as is currently permissible under the existing Privacy and Electronic Communications Directive – and, the majority of the time, expected by consumers).

This is completely disregarding whether or not those consumers actually want to be contacted, and if the “burden of proof” detailed above is an enforceable requirement (in a worse-case scenario) – then the Regulation is effectively saying organisations must delete said data if they cannot prove consent has been given explicitly! Then there’s the possibility of dispute over the meaning of “informed & explicit”… well, you can see where this is heading to – more ambiguity and less clarity.

Furthermore, there is an argument out there that this Regulation does not take into consideration the low risk use of Business-To-Business (B2B) data for marketing purposes – where, more often than not, a organisation would hold and process information on another organisation or group of members of staff, with perhaps multiple key decision makers – not an individual.

In summary, the intention is good but the detail is lacking – I strongly urge the legislators in Brussels to revise and alter the Regulation so that it can sit with the existing Privacy and Electronic Communications Directive They also need to focus on what the effect of the changes in the draft Regulation will be for both consumers and organisations.
To find out more about the consequences of this legislation passing unaltered, and the potential impact on your own business, take a look at http://dma.org.uk/eu-data-protection This site also provides information on how to take immediate action, by lobbying your regional MEPs.

LinkedIn: No greater email marketing #fail than over-writing your customers preferences

Leave a reply

LinkedInWTF2
I just got this  email from LinkedIn  Subject Line “A change to your DMA: Direct Marketing Association (UK) Limited digests” – the 3rd such email I have had this week about a group I belong to.
In it they tell me that they are going to ignore my mailing preferences and unsubscribe me from the group digests of which I get 1 a week a frequency selected by ME! I have now been forced to go and re-subscribe to the weekly digests of groups that I want to hear from 3 times this week. Do LinkedIn really think that is a good use of my time?

Just in case anyone was wondering, while I am not really a FB kind of person I definitely am an UBER LinkedIn user.

- I am a paid subscriber and highly active – I post, place jobs, recommend stay in touch connect etc.
- I have several thousand connections
- I check my page multiple times a day and use it as my primary vehicle for maintaining my business network. I have my preferences set exactly the way I want them for some groups – no email, others weekly and some daily
- I get 10 or more emails a day from linked in and open about 1 in 3 on my desktop and 80% of them on my mobile
- I click on at least one a day and some days 3 or more
- I save all my emails I currently have 2900 in my Linked in folder of which less than half 1427 are “unread”
- I regularly search for old messages or invites and click on them

So how on earth can a bunch of engineers and/or too clever by half marketers come to the conclusion that they know what I want better than me?
The irony is by stopping the DMA group weekly digest, they are going to reduce the chances of me ever visiting again! I wonder how the DMA and other group managers feel about that.

I can’t understand why having gone to the trouble of asking me to set my preferences LinkedIn should choose to expressly ignore the stated preference from a highly engaged – dare I say knowledgeable – paying subscriber. Surely that is as bad as spamming after all what is so different about these 2 scenarios?

1) I use LI preference centre choose to receive 1 email a week – after 3 months LI decide to unsubscribe me for not visiting the group.
2) I use LI preference centre and choose to receive 1 email a week – after 3 months LI decide to send me daily digests or 3rd party emails from partners they think I should hear from

LinkedIn are insulting their members’ intelligence one would think that someone like me would know how to both unsubscribe or hit the spam button. So if I haven’t done either of those things, it’s probably because…I DON’T WANT TO!

Related articles

EU Data Protection Regulation – The Right to be Forgotten

1 Reply

Continuing with our series of posts reviewing the potential effects of the proposed EU Data Protection Regulation, one of the areas it addresses is an individual’s “right to be forgotten” by a business.  The specific wording is as follows:

“The data subject shall have the right to obtain from the controller the erasure of personal data relating to them and the abstention from further dissemination of such data”

This has clearly been written with Social Media in mind, for example, ensuring that Facebook users are able to completely delete their profiles if they so wish.  However, the effect on email marketers and direct marketers in general could be disastrous.  If somebody unsubscribes, or asks to no longer receive an advertiser’s communications, then clearly that individual’s details need to be held by the organisation in order to suppress them from future comms.  Forgetting them completely, i.e. erasing all their data could have the polar opposite effect from that which the consumer is expecting!  A individuals details need to be held in order for the organisation to “remember to forget”.  Also, industry suppression files, which are there to benefit consumers, could be put at risk by the Regulation.

The problems do not end there.  There would also be an issue with information that has already been passed on to third parties, e.g. via list brokers or through partnerships.  Also, consumers risk being mis-led.  For example, some data in financial services has to be kept for a specific period of time in order to meet with legal and FSA regulations.

In summary, not only does this section of the Regulation risk failing to achieve what it sets out to do, it could also damage consumer trust and increase the complexity and volume of data processing which needlessly increases the financial burden on companies.

Related articles

A further chance for your input on the proposed EU Data Protection Regulation

Leave a reply

For some marketers the very mention of future legislative framework changes and the mind immediately begins to wander. Add to that the words ‘Data’ and ‘Protection’ and it could instil fear, uncertainty and possibly a fair amount of doubt. The fact that the EU is involved is likely to add further concern. Such themes or topics as data portability, the right to be forgotten and how personal data is defined impact directly on many of us in marketing and these proposals are just too big to be ignored.

The DMA has put itself at the very forefront of the debate and led a cross industry working group bringing together many other industry bodies including; IAB, IMRG, Federation of Small Businesses, COADEC and other bodies. This initiative has been led by the team at the DMA along with lobbying efforts on multiple fronts headed by the Director of Public Affairs, Caroline Roberts. All DMA members have been both asked for input into the information that went to the Ministry of Justice at the start of this year which was submitted in September, the DMA’s Chair Scott Logie chaired a meeting with government late in October.

This is possibly the single biggest issue facing all DMA members, irrespective of channels used to communicate to customers, which is why at the Email Marketing Council level there have been discussions on the impact and we plan to use this blog to collect some of our thinking on the various elements of the proposed legislation.

This is where you, the readers of this blog as email marketing constituents come in – as elected representatives we want your input. As with any elected group, we have our thoughts and ideas which we’ve debated and discussed at council level. The proposed legislation presents some very evident challenges for email marketers. What we, as a council agreed to do is post a series on the key themes over the coming months which debate some of the key points – each written by one of our council members. Specifically debating a subsection of the proposed regulation along the lines of; here is what the EU’s proposal says and here is what it could mean for email marketers.

I am proud to serve a very active council and such a vibrant interest group as email marketing. The council has been active on a number of fronts and this blog is itself very well-read. The discussion and debate from within the email industry (which is you!) is what makes this an exciting and dynamic industry to be part of. I’d therefore urge and encourage all stakeholders to provide feedback on the forthcoming blog posts – I’d love to hear your thoughts and feelings on these themes. You are of course also welcome to contact either me directly or any member of the DMA team.

Richard Gibson, Chair Email Marketing Council and Director Client Services, Return Path.

Become a “permission purist” for maximum deliverability

1 Reply

The delivery rate you see in your email service provider’s UI only tells half the story. You may be sending with a 99% delivered rate but what that means is that your email messages were handed off to a receiver without a bounce response – what that receiver, usually an Internet service provider (ISP) actually does with the email when they receive it is perhaps the most important aspect which most marketers tend to take for granted.

When I talk about the topic of deliverability, I am always keen to stress that true deliverability is about making sure you as a marketer follow best practices as a sender in order to maximise the chance of your email marketing campaign reaching a subscriber’s inbox. If you’re not doing this, you are very unlikely to be achieving the end goals of whatever you set out to do – be it boosting your click rate, conversion rate or even just a simple brand awareness campaign whIch doesn’t even have a call to action. Bottom line is, if you aren’t getting to the inbox, your results are not going to be optimal – your beautifully crafted email creative could be languishing in the junk folder or, worse still, could have been deleted silently by the ISP.

Personally I am a purist for permission, in the Seth Godin sense of the word. If you want to send truly effective email marketing campaigns (not just deliverability, but overall ROI), and maximise your chances of reaching the inbox, then make sure you have permission to do so from the person you are sending to. Not only is this sensible commercially, but also legally – by ensuring your recipients have actually consented, or opted-in to receive communications from your company or brand, you are highly likely to be in compliance with most Anti-SPAM legislation that exists around the globe.

The consideration from a deliverability perspective is that permission best practices usually go hand in hand with data management best practice- making sure your list is clean of bad data which may hard bounce, making sure the data you have has an associated date stamp (be it acquisition source date, or last click/open), and making sure all those people who have unsubscribed, or opted out, of receiving your communications have been removed before send.

This in turn means that the metrics which receivers will judge you on should be relatively good, or at the very least, better than the worst offenders (spammers) – I.e. they won’t see you having loads of bounces, generating lots of complaints or unsubscribes and people will actually open and click within your emails.

If you are not sure what happens to the email once it has reached an ISP, then there are some key things to look at which may give you some insight. They will also help better protect yourself as a sender:

  • Monitor key metrics such as open & click rates – particularly by domain. If you are seeing noticeably lower rates at a particular domain that can be a good indicator that you are having some issues reaching inboxes at that ISP.
  • Also look at complaint rates and unsubscribe rates – make sure you are signed up to feedback loops and are able to process those complaints (your ESP should be able to handle this for you). If complaints are high this is potentially because subscribers are seeing your message as junk, or perhaps not expecting to receive it. If unsubscribe rates are particularly high then something is potentially very wrong as your subscribers have asked to receive these emails.
  • Track and Monitor your Sender Score – this will give you good insight into how receivers (ISPs) are viewing you as a sender. They will look at similar metrics – this can be done for free at www.senderscore.org
  • Regularly check your Inbox Placement – this will give you an indication of how ISPs are classifying the messages you are sending, either sending them direct to Inbox, placing them into the JUNK folder, or perhaps deleting them without a second look – this can be done by seeding your list with your own accounts at key ISPs, or by using a third-party such as Return Path’s Mailbox Monitor or IBM Unica’s Email Optimization tool
  • Sign up for SNDS – this is operated by Hotmail, but if you have a good proportion of Hotmail addresses on your list then this will provide useful insight into whether you are hitting any spam traps

Note that many of these depend on you being able to send from your own dedicated IP address – by doing this you typically need to maintain a good level of volume in order for receivers to have a consistent view of you as a sender, but even if you don’t have masses of volume at least you are in complete control of what is sent from your IP address. This way you are not held accountable to senders who may be using the same shared IP range as you, but who may have completely different business models or data management practices, which may not be as good as yours…

By constantly monitoring these aspects of your campaigns, you can tweak and adapt your email marketing programmes when issues arise, and are much better placed to maximise your chances of those emails reaching the inbox, in turn helping you to achieve your marketing goals.

No Hang-Ups Here: How to Avoid Landing Page Disconnection

Leave a reply

If your digital marketing campaigns aren’t giving you the results you want, don’t be too quick to blame your banner, retargeted display ad, paid search ad or email message.

Look one step down the line instead, to the landing page you set up for everyone who clicks on your link. Does it pay off what you promised or match the criteria you used to design your campaign? If it doesn’t, a lot of potential customers will get lost along the way.

I’m not just talking about ads that strand prospects on your homepage and force them to root around for what they wanted, although that’s certainly a common problem.

Here are three scenarios I’ve encountered recently:

“One Size Fits All”:  Here, the offer on the page doesn’t reflect the unique value proposition promised in the ad or email. This can happen if you use a common landing page for a series of email messages or display ads with different calls to action or PPC banners optimized for different sets of search terms.

You’ll likely attract a large population of visitors whose interests don’t match up with the content on the landing page, which results in a large bounce rate off the page

“These Are Not the Droids You Seek”: The content on the page doesn’t reflect your search keywords, whether they’re paid or organic.

If you optimize a paid search ad to rank high when customers type in “Cuisinart replacement work bowl,” Then send them directly to a page which features this product – don’t be tempted to send them to a general landing page where they then have to search for the product.

“Take It or Leave It”: The page doesn’t give your prospects anything else to do if they don’t want to act on your offer.

Not everyone who searches for something is ready to act. Many are just researching prices, models and features, or they’re just curious to see what’s out there. This is particularly so with email – where you’re pushing a promotion to them rather than them searching. So understand that they may not be in a position to act as they weren’t actively searching for this solution/product.

A “buy now” landing page doesn’t give them the information they want, so they’ll be more likely to bounce away fast. If you’re wondering why you have a high page bounce rate, maybe that’s the reason why.

Alignment: It Isn’t Just for Cars

How can an otherwise well-designed landing page end up being a dead end? Maybe one member of your creative team worked on your ads or emails, and someone else did the landing page, but nobody lined up the two side by side to see whether the ad and the landing page are aligned.

Aligning your landing pages with your ads is one of the most crucial steps in your creative workflow.

If you use Pay-Per-Click ads to drive customer acquisition and you have a landing page disconnect, you risk  wasting a big chunk of your ad budget on leads that go nowhere, not to mention the lost customers and then  you may possibly have to pay again for that same lead at a later time.

Plus, misleading or confusing landing pages make landing pages make you look untrustworthy – not the best impression you want to make, especially on first-time visitors!

How to Make Better Connections

Luckily, it’s not hard to make sure your offers align with your landing page. Here are three suggestions:

1. Use keywords and other written copy on your landing page that repeat or echo the terms in your banner, display ad, text message, email newsletter or banner ad.

Let’s say you use a Pay-Per-Click ad to drive email subscriptions (separate from links you add to your email messages or to trans-promo messages for customers who aren’t in your email database yet.

Your ad should not map to your standard opt-in page, because you probably will be talking to people who are not already familiar with your company or website.

Instead, create a landing page that provides more about your email program, such as topics, your privacy policy and sample issues. Go ahead and provide your opt-in data fields; you just have to sell a little more than you might to people who find you from your homepage or a product page.

2. Create a unique landing page for each ad instead of repurposing one landing page for all of your test ads or all the ads in a particular campaign.

You probably use different copy, keywords or images from one ad to the next; so, you’ll probably attract prospects with different needs and interests. Aligning each ad with its own landing page reduces your disconnection potential.

3. Offer multiple opportunities to connect on each landing page to appeal to people who don’t find what they want in your main offer.

No matter how well you structure your ad and landing page, not everyone who comes to your page from your text ad, paid link or email is going to snap on your offer. But they don’t have to leave empty-handed.

Add value-driven content, such as links to more product information, related or similar products, articles, contact information or a benefit-drive invitation to join your email program. Not only does this help you connect and increases the chance that they’ll convert the next time they come to your website, but you are also making the most of your budget, so you aren’t paying yet again for them to find you You now can be there in their inbox ready and waiting for when they’re ready!

One last tip: Add a quality-assurance step to your workflow process to double-check the language in the ad against the copy on your landing page, along with proofreading copy, making sure you have the correct images and – the final, absolutely most critical step – making sure the link actually works.