The Digital Privacy Equation

413 views

Published on

TC Media's own Privacy Guru, Matthew Vernhout, shares the key components of the Digital Privacy Equation. Trust = Control, Transparency, and most importantly for consumers, Value. In addition, he provided important updates on the upcoming CASL legislation changes, and what companies can do starting today to ensure compliance.

Published in: Business
  • Be the first to comment

  • Be the first to like this

The Digital Privacy Equation

  1. 1. The Digital Privacy EquationMatthew Vernhout, CIPP/CDirector, Delivery and ISP Relations
  2. 2. Agenda• Privacy Equation – Trust = Control + Transparency + Value• CASL Update• Q&A
  3. 3. TRUST = CONTROL + TRANSPARENCY + VALUE
  4. 4. What is Trust?• Trust is built through your products, reputation, actions, and marketing – Paid, Earned and Owned• Consumers maintain multiple contact profiles and share these with marketers based on the trust equation: – Free web email accounts – Social media profiles – Postal address – Cable/ISP/Work email accounts – Mobile phone numbers
  5. 5. 10 PIPEDA Principles• Control • Transparency – Accountability – Identifying Purpose – Consent – Limiting Collection – Accuracy – Limiting Use, – Individual Access Disclosure and Retention – Safeguards – Openness – Challenging Compliance
  6. 6. TRUST = CONTROL + TRANSPARENCY + VALUE
  7. 7. Control Principle – Accountability• Why is Accountability important? – First stage of trust – declaring what you will do with any Personal Information that you collect from the recipient• Potential Conflicts: – Consumers want to know what you plan on doing with the information you are collecting – Marketers want to do more with the information being collected #1 complaint source for the Office of the Privacy Commissioner in 2011
  8. 8. Control Principle – Consent• Consent must be in such a way that the individual clearly understands what they are agreeing to.• Think about more granular control of consent - Consumer: – Implied vs. Explicit consent #3 Complaint Source for OCP investigations in 2011
  9. 9. Control Principle – Accuracy• Efforts should be made to provide tools that allow for users to self manage their accounts and profiles.• Pro tip: – Build solutions that allow for self-service management with controls to notify users of significant changes to their accounts (passwords, email addresses, etc.)
  10. 10. TRUST = CONTROL + TRANSPARENCY + VALUE
  11. 11. Transparency Principle – Identifying Purpose• Set expectations• Provide examples of what you collect: – Name – Email – Phone, etc.• Why you need it and how you plan on using it: – Billing and subscription information
  12. 12. Transparency Principle – Limiting Collection• Personal information collected should only be limited to that which is necessary for the purposes identified.• Limit the number of questions. – imagescape.com case study: a shortened contact form saw • + 160% in the number of forms submitted • + 120% in conversion
  13. 13. Transparency Principle – Safeguards• Physical Security vs. Virtual Security – Access Levels within organizations – Security policies and internal audits of these practices• Examples: – Public tweets from wrong account: Automotive company recently fired their agency over a misplaced tweet from the social media manager. – Prevention: Have separate tools/accounts to limit this type of exposure.
  14. 14. Transparency Principle – Openness• Provide a central point of access to your organization that is trained in dealing with customers and non-customers interacting with your business• Examples: – Social media (Community Managers) – Privacy Officer/Team – Contact Us/Support
  15. 15. TRUST = CONTROL + TRANSPARENCY + VALUE
  16. 16. What is the Value?• Consumers give information to companies to improve the relationship/products/service• Problem: – 74% of North American Consumers don’t see benefit of exchanging personal information and other info• How do you fix this? – Better reporting – Preference centers – Surveys – Identify the perceived value of your brand Source: List of consumer demands, G2 eCulturesEUROPE Report
  17. 17. Value for Consumers• Inform users what value they can expect as the relationship deepens: – Discounts, coupons, points, free content, exclusive invitation, etc. – Targeted and relevant messaging for the recipient – The more information collected, the better targeted the deals, offers and value returned
  18. 18. Value for Marketers• Value is where the Win/Win is found: – Better offers to consumers = loyal consumers • Brand ambassadors are built on earned trust – Rich data for the marketer to build trends, projections and analysis • Increased ROI
  19. 19. TRUST = CONTROL + TRANSPARENCY + VALUE• Give more control to consumers• Join the discussion with consumers and listen to their needs/wants• Use data and feedback to continually improve your marketing efforts• Give people a reason to trust you through your actions and policies
  20. 20. CASL UPDATE
  21. 21. Overview• Canadian Anti-Spam Legislation – Consent based messaging • All messaging channels (email, SMS, IM etc.) – Implied and Express Consent – Includes Identification requirements – Installation of Software – Unsubscribe: Without delay, but not longer than 10 business days• Regulations finalized by CRTC, OPC – Still waiting on Industry Canada
  22. 22. CRTC Regulations• CEMs need to include these key identifiers: – The name by which the person sending the message conducts business – Third party messages you should use the name by which the third party carries on business – A statement indicating which person is sending the message and which person on whose behalf the message is being sent Source: EmailKarma.net: http://ekma.co/KBhihp
  23. 23. CRTC Regulations• All unsubscribe mechanisms must be set out clearly and prominently and must be able to be readily performed. – Find a way around password protected unsubscribes• A request for express consent has been clarified to include: – Oral or written consent – Must be sought separately for each channel (SMS, Email, etc.)• Computer program’s that cause a computer system to operate contrary to reasonable expectations must have a separate consent Source: EmailKarma.net: http://ekma.co/KBhihp
  24. 24. Next Steps• Industry Canada to release draft regulations (expected in September/October) – 30-day comment period on Draft• Release of Final Draft with coming into force date (estimated to be) Q2/3 of 2013
  25. 25. Summary• Trust is earned• Be upfront with disclosure and consent• Provide more self-service tools to users• Answer “What’s in it for me (consumer)?”• Remember: CASL will be enforced next year. – Review your processes now for potential changes
  26. 26. Q&A
  27. 27. Thank You! Matthew Vernhout Director, Delivery and ISP Relations 416-361-3522 x238 matthew.vernhout@tc.tc Twitter: @emailkarma

×