An Email Marketer's Guide To Changing Federal Security Regulations

The steady clip of innovation means government regulations lag behind how technology is deployed by consumers and businesses.

The United States government recently repealed Internet privacy regulations in early April, following the passing of Senate Joint Resolution 34 (S.J.Res.34) by the United States Congress.

The decision caused outrage among consumers and progressive organizations, with the Electronic Frontier Foundation urging lawmakers and tech providers to shore up individual privacy. Some consumers are using Internet privacy tools employed in autocratic regimes, such as a virtual private network or Tor privacy software.

The law rolls back Obama administration guidelines protecting consumers from their data being collected and sold by Internet Service Providers (ISPs), like AT&T and Comcast, and nullifies the FCC’s "Protecting the Privacy of Customers of Broadband and Other Telecommunications Services."

That rule, however, never went into effect. In actuality, nothing has changed.

Dennis Daymon, chief privacy and security officer at Return Path, talked with Email Marketing Daily about changing ISP, data and email regulations on a federal level. He argues it's not about how marketers should use the data, but regulating how the data is utilized and protected.

ISPs have already been using customer data for marketing research and to better target subscriptions and services. Consumers have agreed to this by signing terms and conditions.

A key difference, however, is the type of data. Dayman says marketers view data insights, such as shifts in market trends, as opposed to knowing what the end-user is doing at any given moment.

Advertisers consume ample data. 2016 marked a significant year of growth for data-driven digital ad campaigns, according to Eyeota’s 2016 Annual Index Report, an analysis of global data spending by 2,400 brands. Use of audience data increase 66% year-over-year, led by the finance, electronics and computers, retail, automotive and travel industries.

Demographic data, like age or gender, represented a quarter of data purchased in 2016, according to Eyeota. Eighteen percent of data spend was for sociodemographic data, such as whether a consumer is more liberal or conservative. Preference data, such as consumers’ favorite activities, accounted for 16% of data purchases last year.

We all agree privacy is a very important thing,” says Dayman. “But you don’t want to strangle the use of security data by ISPs, and how we can share data about spam and malware across platforms.”

He sees a benefit to retrofitting FCC privacy regulations that could strengthen Internet security — opening communication channels between ISPs.

For example, Gmail generates a message to email senders every time a consumer labels their message as spam. “We need to be able to track this behavior, but under the current system, you have to consent to share that message with other companies.”

Dayman says ISPs have sets of information and tools they use to communicate with each other to quickly mitigate the use of nefarious situations spreading.

“A new regulatory body coming in could cause industry confusion,” he says. “What we need is consistent federal legislation, so we don’t just have one group regulating a certain set of companies.”

Dayman is also a supporter of the Email Privacy Act, a bill that updates a loophole in the 1986 Electronic Communications Privacy Act. Passed before the invention of the modern Internet and cloud-based storage, the ECPA labels any email abandoned after 180 days. It requires email service providers to hand over email records with a subpoena.

The Email Privacy Act would require a judge-issued warrant and proof of wrongdoing before email service providers are required to pass along this information to federal officials.

The Email Privacy Act passed the House in February for the second consecutive year, but as yet to be introduced to the Senate. 

Next story loading loading..