Four Things You Can Do Now About Privacy

The specter of privacy legislation looms over our industry (and others). For a while now, we've anticipated it with a sense of dread otherwise reserved for the four horsemen of the apocalypse, under the assumption that any regulation attempted by Congress will likely be more harmful than helpful.

That may be inaccurate. Industry groups are bringing together insights into customer behavior alongside the latest in data protection protocols to help guide any legislation down a path that should help rather than harm. In the meantime, here are four things that we can do now:

1.     Nail down the basics. It's a boring and thankless task, but you should be paying more attention to basic security. Make sure you change your passwords regularly. Make sure every individual has his or her own access; stop sharing passwords and logins. More importantly, when people move on and no longer need access, remove it. Ask your ESP if they have a CSO. Find out if your company does, and enlist their support. Yup, boring. But it could save you from a lot of trouble.

2.     Test "relevant" marketing programs. Triggered or automated programs offer quantifiable wins -- which means you should be able to put together a business case to get these built. Start with these, and then use the results to build the case for testing propensity models with your larger program. Your goal is to give reasons for your email subscribers not only to share their information, but to also suggest to their friends that you are trustworthy and worth sharing with.

3.     Build disaster recovery plans. One thing we can say about the recent ESP break-ins, is that they showed how ill-prepared some companies are to dealing with this kind of news. Consumers were still receiving emails about the break five days later. The goal should be to inform people as quickly as possible -- preferably within 24 hours. Building a plan in advance, even one as simple as a flow chart to show which decisions get made and when, can speed the process and help those involved understand the level of urgency for communications.

4.     Create a privacy task force. No, you don't expect to get much done now with this group. But by assembling the stakeholders in your organization, you set yourself up as an owner of this issue, and therefore of the eventual solutions. You can also start pulling together a game plan, so that it will be more easily executed later -- again, with all stakeholders on board.

And here are two things to put on the priority list for later. Unless you're in a highly regulated industry, it's likely you won't get your company motivated to think about these now. But planning ahead could help bring a level of control over the eventual changes that privacy legislation will bring.

1.     Create (or revise) your preference & privacy center. These should merge eventually --and will cover more channels than email. Start writing down some ideas for what information you'll need to give customers control over, and how you will want to present those choices.

2.     Simplify your privacy language. Making privacy policies more easily understood will help with trust later. If you can't cut the legalese, see if you can add a sidebar with colloquial English summaries of each paragraph or section.

These aren't the most exciting things happening in email marketing, but they are the basic requirements for managing an email program today. Dedicate some time for management so that you keep control. Otherwise, as privacy legislation gets closer, you may find your programs being managed by others.

Tags: email
Recommend (5)
2 comments about "Four Things You Can Do Now About Privacy".
  1. Bill Kaplan from FreshAddress, Inc. , April 18, 2011 at 11:53 a.m.

    Thanks for your helpful thoughts on staying ahead of the privacy issue, Gretchen.

    Of course, what is on the minds of most marketers these days is "What can we do to help avoid future security breaches like the recent ones at Epsilon, Silverpop, and others?"

    Remember - your security systems are only as strong as your weakest link and, in most cases, your weakest link is one of your employees who is clicking on emails from their "friends" as the term is now loosely used these days. It's no coincidence that the recent security breaches were triggered by an employee error (or lapse of judgement) at a leading email services firm that snowballed into further employee errors at the ESPs noted.

    So be sure to put processes and training programs in place for all of your employees, not just your tech teams, to resist the urge to check out that cute animal video or pictures of someone's wedding your "friend" says you just missed.

    And equally as important, take care to vet and choose your service providers wisely. You don't want to lose the forest through the trees by trying to save pennies per email updated or messaged when you could be putting your company's entire customer database on the line.

    There are hundreds of companies that will perform messaging and other services for you at well below cost in order to get hold of your customer database. If the pricing is too good to be true, if real names and office locations are not what they seem to be, if site testimonials don't ring true, if you haven't heard their principals presenting at major events, etc., etc., you're risking your job and your company by handing over your most valuable asset, your customer database.

    Remember: “Life, business, everything you do, every decision you make – it’s all about risk and reward!”

  2. Gretchen Scheiman from L5 Direct Consulting, Inc. , April 20, 2011 at 10:18 a.m.

    Good points Bill. Thanks!