David Kirkpatrick

Online Privacy: Information from the EU and Capitol Hill

Dennis Dayman, Chief Privacy and Security Officer, Eloqua, has been a hands-on participant in the ongoing online privacy debate in Washington, D.C.

After his recent trip to the Capitol, I interviewed him to give MarketingSherpa blog readers an inside look at the current political process involving proposed privacy regulations here in America as well as find out about some conversations he had with officials from the European Union.

Frankly, I was surprised how much behind-the-scenes information he revealed.

 

The White House and the Federal Trade Commission have publicly supported the self-compliance efforts promoted by the Direct Marketing Association, the Council of the Better Business Bureaus, the Digital Advertising Alliance and other groups.

And, for marketers either based in Europe or conducting business on the continent, the EU directive should become much simpler very soon, according to Dennis.

In the U.S., a number of legislative actions will probably reach the floor for a vote, but are not likely to pass.

Dennis has been lobbying the lawmakers on Capitol Hill. His position is that security is an issue worth addressing, but that privacy — right now — is better handled at the enterprise level. The playing field just simply changes far too fast for any effective legislation, Dennis says.

 

Is the EU Directive about to be simplified?

The original European Union Privacy Directive dates back to 1995, and required that all member nations create a privacy policy that fits the outlined model. Not only did this process not work for the 27 EU members because each had to craft an individual policy that met the directive, but social media and mobile platforms have significantly changed the playing field.

Right now, the EU is looking at altering the entire model by authorizing a single regulation that every member state will have to abide by.

“The EU is willing to share what they hope to accomplish over the next two years and take that 1995 Directive and move it into the future,” Dennis says. “Right now, e-commerce is difficult between the European Union and the United States, and the reason is you are not allowed to transfer, without permission, personal identifiable information from the European Union to the United States.”

This meeting involved participants in Washington and in Europe via video, and the goal was to provide a transparent policy that marketers around the globe can adhere to and remain in compliance with EU regulations.

Dennis says this meeting involved Cameron Kerry, general counsel of the Department of Commerce and Viviane Reding, the European Data Protection supervisor.

One of the key changes that might be coming soon for the EU is offering a single button for a user to be removed from a database.

 

Privacy regulation in D.C.

On the domestic front, Dennis met with Mary Bono Mack, a representative from California who is a member of the House Energy and Commerce Subcommittee, and has been taking the lead on privacy in the House of Representatives.

Representative Mack believes that self-regulation is working and that the real issue is data security more so than privacy.

Dennis says, “A lot of the attention has been spent on privacy, but it isn’t because of anybody doing anything wrong with information. But, we all have heard about the data breaches in the last year, especially in the SaaS (software-as-a-service) provider industry.”

He continues, “This has caught the attention of a lot of regulators, and again they are concerned about consumer information.”

The focus on legislation, for now, is based more around specific industries such as medical, finance and other businesses that handle very sensitive data.

 

Simplified privacy policies

One area where many marketers and Congressional regulators are in agreement is simplifying privacy policies.  Dennis says the concept of “privacy by design” is where marketers should be now, and that instead of a 7,000-word privacy policy hidden behind a link, a registration page should offer a few simple bullet points that explain the policy.

He suggested offering three points:

  • I am giving my email address because I want to receive marketing emails from you.
  • I understand you might share my address with “x company” because they offer relevant information.
  • We will collect “x” data when you interact with us online, and these people will have access to that information.

One advocate of “privacy by design” is Ann Cavoukian, Information and Privacy Commissioner of Ontario, and she was influential in promoting the self-regulatory model to lawmakers in Washington.

Dennis also met with a number of Senators and their staffs, and he singled out Al Franken as a legislator who really understands the issues of online privacy and security.

Dennis says, “Did we completely agree? No, but that’s completely fine. That’s what we are allowed to do. It was a great time being able to understand what lawmakers are hearing from their constituents — what their concerns are.”

He did say that John Kerry will be introducing a bill addressing online privacy, but that bill is not expected to pass. For the foreseeable future, self-regulation should rule the U.S. marketers’ world.

 

Related Resources

Mr. Dayman Goes to Washington (via Delivarability.com)

B2B Marketing: 5 privacy factors to consider when using marketing automation

Online Behavioral Advertising: How to benefit from targeted ads in a world concerned with privacy

Privacy Update: Experts Offer 6 Strategies to Build Consumer Trust | MarketingSherpa

List Building: The four questions every email capture page must answer

Email Marketing: How to sprinkle subscribers with a well-timed welcome in 5 steps

Anxiety: Use privacy as a competitive advantage

Share and Enjoy:
  • LinkedIn
  • StumbleUpon
  • Facebook
  • del.icio.us
  • Digg

Online Marketing