Managing Privacy Maximizing Data In Affiliate Marketing Gary Kibel
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Managing Privacy Maximizing Data In Affiliate Marketing Gary Kibel

on

  • 1,477 views

Affiliate marketing thrives on valuable data, such as lead gen, email marketing and campaign results/statistics. Privacy, data and security issues are critical today, especially in an industry where ...

Affiliate marketing thrives on valuable data, such as lead gen, email marketing and campaign results/statistics. Privacy, data and security issues are critical today, especially in an industry where valuable data is a competitive advantage.

Gary Kibel, Partner, Davis & Gilbert LLP (Twitter @GaryKibel_law)

Statistics

Views

Total Views
1,477
Views on SlideShare
1,477
Embed Views
0

Actions

Likes
0
Downloads
15
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Kevin Colvin, an intern at Anglo Irish Bank's North American arm, emailed his manager that he would be unable to come in to work pending a family emergency. His manager found a photo posted on Facebook which showed Kevin at a Halloween party he apparently missed work to attend. His manager sent him the following email, in response to Kevin’s, copying the rest of the office to the email.

Managing Privacy Maximizing Data In Affiliate Marketing Gary Kibel Presentation Transcript

  • 1. MANAGING PRIVACY & MAXIMIZING DATA IN AFFILIATE MARKETING Gary Kibel Partner Davis & Gilbert LLP 212.468.4918 [email_address]
  • 2. PRIVACY & SECURITY IN AMERICA
    • “ Any society that would give up a little liberty to gain a little security will deserve neither and lose both.”
    • Benjamin Franklin, Founding Father
    • “ You have zero privacy anyway. Get over it!”
    • Scott McNealy, CEO Sun Microsystems
  • 3.
    • Understand where the data is coming from
    • Understand who owns the data
    • Understand how to legally use the data
    • Know when to ask questions
    • Don’t be deceptive!
    KEY PRESENTATION TAKEAWAYS
  • 4. CONSUMER EXPECTATIONS
  • 5.
    • http://www.ftc.gov/reports/privacy3/fairinfo.shtm
      • Notice
      • Choice
      • Access
      • Security
      • Enforcement
    • It’s all about transparency & consumer expectations
    FTC Fair Information Practice Principles
  • 6. CONSUMER-FACING PRIVACY POLICIES
  • 7.  
  • 8. PRIVACY POLICIES ENFORCEABILE
    • Greer v. 1-800 Flowers.Com Inc. (Texas – 2007)
      • Facts
      • Privacy Policy violation
      • Internal Controls
  • 9. INDUSTRY – SPECIFIC PRIVACY LAWS
  • 10.  
  • 11. CHILDRENS ONLINE PRIVACY PROTECTION ACT “COPPA”
    • All website operators who intend to reach children under the age of 13 or have actual knowledge (regardless of the age group targeted by their website) that children under the age of 13 visit their website must:
      • Post a privacy policy
      • Obtain “verifiable parental consent”
      • Advise parent/legal guardian that they can review the child's personal information
      • Establish and maintain reasonable security procedures
  • 12.  
  • 13. SOCIAL NETWORKING SITES – COPPA VIOLATIONS
    • Maintained a blogging and social networking service
      • Collected, used, and disclosed personal information from children under the age of 13 without first notifying parents and obtaining their consent
      • Age verification system was:
      • (1) suggestive and
      • (2) faulty
      • 1.7 million accounts created by children under the age of 13
      • Result = $1,000,000 fine
  • 14. DATA SECURITY & STATE SECURITY BREACH NOTIFICATION LAWS
  • 15. SECURITY BREACHES
    • ChoicePoint
    • Bank of America
    • CardSystems
    • Department of Veteran Affairs
    • TJ Maxx
    • BJs
  • 16. STATE SECURITY BREACH STATE NOTIFICATION LAWS
    • California SB 1386 (2003)
    • Now 44 states have security breach notification laws
    • Most generally apply to unencrypted personal information of consumers
  • 17. STATE OF NEVADA
    • Effective October 1, 2008
      • “ A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of the electronic transmission .”
  • 18. COMMONWEALTH OF MASSACHUSETTS
    • Effective January 1, 2010
      • “ Every person that owns, licenses, stores or maintains personal information about a resident of the Commonwealth shall develop, implement, maintain and monitor a comprehensive, written information security program …”
  • 19. FEDERAL TRADE COMMISSION GUIDANCE
    • A sound data security plan is built on 5 key principles:
      • Take stock . Know what personal information you have in your files and on your computers.
      • Scale down . Keep only what you need for your business.
      • Lock it . Protect the information that you keep.
      • Pitch it . Properly dispose of what you no longer need.
      • Plan ahead . Create a plan to respond to security incidents.
  • 20. EMERGING TECHNOLOGIES
  • 21.  
  • 22.  
  • 23. BEHAVIORAL ADVERTISING
    • Federal Trade Commission – December 20, 2007
    • Online Behavioral Advertising – Moving the Discussion Forward to Possible Self-Regulatory Principles
      • Transparency and consumer control
      • Reasonable security , and limited data retention , for consumer data
      • Affirmative express consent for material changes to existing privacy promises
      • Affirmative express consent to (or prohibition against) using sensitive data for behavioral advertising
  • 24.
    • Federal Trade Commission (Staff Report) – February 2009 Generally maintained the 4 principles
      • Excluded “first party” behavioral advertising and contextual advertising from the principles
      • Distinction between PII and non-PII is no longer determinative
      • Data retention = only as long as necessary
      • Be creative for non-web site disclosures
      • Did not resolve the opt-in v. opt-out debate
      • Did not further define “sensitive data”
    BEHAVIORAL ADVERTISING
  • 25. BEHAVIORAL ADVERTISING
    • AAAA/ANA/DMA/IAB – July 2009
    • 7 principles: Education; Transparency; Consumer Control; Data Security; Material Changes; Sensitive Data; Accountability
    • Basically, FTC + tagging ads + industry enforcement
  • 26. PARTIES IN THE BEHAVIORAL MARKETING ECOSYSTEM Advertisers Ad Agencies Publishers ISPs End Users Content Delivery Networks Ad Networks Ad Servers
  • 27.  
  • 28. DON’T BE DECEPTIVE IN CREATING DATA
    • New York AG v. Lifestyle Lift (July 2009)
      • Employees published positive reviews on message boards
      • Employees did not identify themselves as Lifestyle Lift employees
      • $300,000 fine
  • 29. DON’T BE DECEPTIVE IN CREATING DATA
    • Twitter Hashtag Spam
    • European furniture maker
    • “ #MOUSAVI Join the database for free to win a £1,000 gift card”
    • Bad PR
  • 30. SOCIAL NETWORKING DATA
  • 31.
    • Understand where the data is coming from
    • Understand who owns the data
    • Understand how to legally use the data
    • Know when to ask questions
    • Don’t be deceptive!
    KEY PRESENTATION TAKEAWAYS
  • 32. MANAGING PRIVACY & MAXIMIZING DATA IN AFFILIATE MARKETING Gary Kibel Partner Davis & Gilbert LLP 212.468.4918 [email_address] Alan Chapell JD, CIPP Chapell & Associates [email_address]