• by Loren McDonald , Op-Ed Contributor, December 20, 2007

Now that Facebook has done an about-face on Beacon, its shopping application that let users broadcast purchases they made from site advertisers to anyone on their friends' lists, I really have to resist the urge to say "Coulda told ya!"

Maybe Facebook thought someone who posts pictures in his online photo album of himself playing naked beer pong didn't have a problem with privacy and wouldn't mind broadcasting anything he bought from site advertisers to everybody on his friends list.

If so, it misjudged its audience and missed the point that even though users are putting their entire lives up for public viewing, they still want to be the ones controlling what gets posted. The Beacon application took that control away from them.

That's the lesson many of us in the email industry have learned over the last 10 years, and the one Facebook, other social networks and all online marketers must take to heart if they don't want to incur similar user revolts.

I've also noticed a lot of snickering coming from within the email industry. That tells me they're missing the point behind what caused the whole Facebook-privacy dust-up: Not everyone in the email industry has yet hopped on the permission and customer control train, either.

At the recent Email Insider Summit, we heard from marketers complaining about deliverability challenges and that opt-in, double opt-in and unchecked boxes made their business models difficult. I'm not going to tell people how to run their businesses -- except to say, that in the online world, customers and the digital ecosystem do a pretty good job of telling you when your model or practices are acceptable or not.

Think about this the next time you tell me it's okay to run opt-out campaigns rather than opt-in, or rent a mailing list with dicey permission, or share your list with third parties even though your privacy policy says you'll never do that, or ramp up your frequency or send any kind of email other than what your subscribers requested when they signed up.

After all, marketers who ran roughshod over their customers in the early days of email marketing, not understanding that customers view their email addresses much differently from their postal addresses, bequeathed a nightmare of spam filters and the dreaded "report as spam" button, now found in almost every email client, desktop to Web.

We learned tough lessons about privacy, permission and tolerance from those years and used that knowledge to move email marketing from a channel looking to find itself, to the forefront of direct marketing channels.

No matter which channel we as online marketers are operating in, whether it's on the Web, in email, in a virtual world or in a social network, we have to remember that our users are the ones who are in charge now. Privacy is an animal that has grown big teeth, and it will bite, hard and in public, when we trample on it.

One final thought: Facebook not only changed its policy on Beacon, it also announced the decision in public recently. Are you that upfront about your own policy changes? Privacy -- and transparency -- do matter.