• by Loren McDonald , Op-Ed Contributor, March 10, 2016

Marketers have to comply with email and data regulations that vary widely from one country to the next. What's legal in the United States, for example, won't pass muster with Canada and many nations in the European Union.

The DMA's Email Experience Council recently published "The Global Email Marketing Compliance Guide" to document global email and data regulations in a single source. Among the guide's 32 categories are answers to many questions that marketers ask most often. I've excerpted and simplified some below and will discuss others in a future Email Insider column.

1. Opt-in rules: Most countries require permission or "informed"/implied" consent" as a consent standard. The United States and India are the two major holdouts, along with smaller entities like the Bahamas, Bermuda and Singapore.

2. No double opt-in (DOI) imperative: Although marketers debate the value of two-step consent (double or confirmed opt-in), no country requires it. However, some countries, such as Germany, have quirks that make DOI the default standard because it's the best defense in court.

Further, 70 of the 77 countries analyzed require companies to keep consent records. So, although they don't mandate DOI, it becomes an extra level of proof in a legal defense.

3. Cookies requirements vary: Some countries' privacy laws govern using cookies to tie email addresses to website behavior, including the U.K. and other European Union countries.

Others either don't regulate cookie use (United States, China, India), limit regulation to specific uses (Canada) or are unclear whether the laws apply (Pakistan, Thailand, Venezuela).

Marketers who use cookies for retargeting campaigns such as cart and browse abandonment should check each country they serve to see whether they comply.

4. Opt-out mechanism is a must: All countries either require an opt-out mechanism, such as a link to a preference center/unsubscribe page, or aren't clear about what's required. However, figuring out how long the marketer has to process the unsubscribe varies from "ASAP"/immediately to 30 days to the nebulous "as reasonable."

Reminder: Even though the laws in most countries give at least a few days' leeway to process an opt-out, your subscribers expect it to be immediate.

5. Pre-checked opt-in boxes? "Unclear:" A few countries consider a pre-checked opt-in box as not obtaining permission from the user (Canada, China, Finland, Germany, the Netherlands). Others permit it as is or as implied consent (the U.K., the United States). The rest are unclear.

6. Transactional email regulation varies: Although nearly all countries regulate promotional and retargeting email, several exempt transactional or "factual" email, including Australia, China, New Zealand and Taiwan. Others regulate emails that combine promotional, transactional and retargeting content case by case (Canada, United States).

How Should Marketers Comply?

Marketers have two basic paths they can take to comply with this welter of email and data regulations around the world:

• Track consent in every country where you do business and create different versions of your email program to comply with each set of regulations. If you have offices in these countries, you can delegate compliance to those staff members. That relieves a central “email czar” the burden of managing global compliance, but can raise your organization’s risk because you have to trust your staff to know the law and how to comply.

• Adopt a single standard that complies with the highest standards around the world so that no matter where you send email, you'll comply with local regulations. Your risk is lower than if you delegate compliance. However you will likely have to change some longstanding practices in individual countries, such as moving from opt-out to opt-in or changing your cookie policy.

In my next Email Insider column, I'll review more email regulations and share elements of an email footer template that will comply with every country’s emails regulations.

Just a reminder: Always check with your own legal staff to verify whether your practices comply with a country’s specific set of regulations.

Until next time, take it up a notch!