 |
 |
|
|
| |
|
TOP
5 STORIES OF THE MONTH
|
|
|
Public Policy Update
What does the new CAN-SPAM Act mean for your company?
»Learn
More
Knowledge You Need
Lynda Partner gives tips for inspiring trust -- and building subscription rates -- in your email newsletters or marketing communications. »Learn
More
New
Benefits
Display TRUSTe ads on your site to increase the value of your seal. »Learn
More
Privacy Resources
Results from the TRUSTe Holiday Privacy Survey.
»Learn
More
Stay
Current!
Upcoming privacy and security events around the nation.
»Learn
More
TRUSTe
Tech Tip
If you have a data spill or security breach, contact TRUSTe for assistance. »Learn
More
Welcome
New Licensees
The newest Web sites to display the TRUSTe seal. »Learn
More
|
|
 |
 |
| |
Changing Your Email Marketing Practices to Comply
with the CAN-SPAM Act
On
December 8, 2003, Congress passed the "Controlling
the Assault of Non-Solicited Pornography and Marketing
Act" -- otherwise known as the "CAN-SPAM Act
of 2003" -- and eight later, President Bush signed it into law. CAN-SPAM will go into effect January 1, 2004,
largely preempting the 37 existing state laws regulating
spam.
CAN-SPAM
will be enforced by the Federal Trade Commission (FTC)
and other federal regulatory agencies, state attorneys
general, and Internet access providers. Below is an
overview of the provision of this new, wide-sweeping
act.
Who
does CAN-SPAM affect?
CAN-SPAM
applies to any commercial entity sending commercial
email, which is defined as an email message whose primary
purpose is the commercial advertisement or promotion
of a commercial product or service. Exempted from this
definition are transactional or relationship messages,
such as email messages facilitating, completing, or
confirming a transaction; messages providing specified
types of information (such as account status) with respect
to a product or service used or purchased by the recipient;
messages providing information directly related to a
current employment relationship or benefit plan; or
messages delivering goods or services that are included
in the terms of a previous transaction.
What
do you have to do to comply with the act?
CAN-SPAM
requires companies sending commercial emails to take
the following steps:
Collection
and use of email addresses:
- If
a company is planning to share an individual's email
address with third parties, it must give recipients
clear and conspicuous notice.
For
email being sent:
- A
commercial email may not have a false or misleading
subject header.
- It
must have a means of opting out of future communications.
- It
must include the sender's postal address.
- If
the recipient did not provide prior consent to receive
commercial emails from the sender, the message must
include an indication in the email that the message
is an advertisement.
Once
email has been sent:
- If
a recipient opts out of future communication, his
or her request must be honored within 10 business
days.
- The
return email address or other Internet-based mechanism
for opting out must function for 30 days after the
email has been sent.
- If
a sender uses a menu listing which types of email
messages recipients may choose to unsubscribe from,
the recipient must be given the option to receive
no commercial email messages whatsoever.
- Once
a recipient has opted out of receiving future commercial
emails from the sender, his or her email address may
not be sold, shared, or rented. The sender may not
email the recipient again until the recipient consents
to receive emails from the sender.
What
constitutes a violation of CAN-SPAM?
Violations
include the following:
- Including
materially false or misleading information in the
header of the email address or in the subject line
- Not
following the requirements for notice and opt out
- Emailing
or sharing an email address 10 business days after
a user has opted out
In
addition, certain actions are considered "aggravated
violations" that could lead to additional fines:
- Dictionary
attacks and harvesting of email addresses
- Automated
creation of multiple email accounts
- Relay
or retransmission of email messages through unauthorized
access
Those
found in violation can receive fines and imprisonment
for between one and five years. Fines can be tripled
for multiple aggravated violations.
How
does my company decrease our exposure to violations?
Companies
that have implemented reasonable practices and procedures
designed to effectively prevent violations with due
care may have their fines reduced. Companies will need
to draft implementation programs and train employees if they wish to take advantage of this provision.
Other
provisions of CAN-SPAM
The FTC, in conjunction
with state attorneys general, will be working to draft
specific provisions for adult content. In the coming months, the FTC will
also be promulgating regulations on several provisions
of the bill and implementing the act. In addition, the
FTC will be doing a study on the concept of creating
a nationwide "Do Not Email" list, and has
plans to promulgate rules for wireless email.
TRUSTe
encourages anyone affected by CAN-SPAM to obtain the
advice of their legal counsel. You can read the full
text of the act here.
Rebecca
Richards is director of policy and compliance at TRUSTe.
She can be reached at rrichards@truste.org.
|
|
|
 |
|
| |
Making Your Emails Look Trustworthy
by Lynda Partner
Inspiring
trust in visitors to our Web sites and readers of our
emails is critical. Without trust, you can say goodbye
to that new subscriber, that new future customer. Trust
is created most easily over time, by proving yourself
in an ongoing relationship. Sadly, those of us who crave
new subscribers need to create trust instantly -- to
get the reader to sign up so that we can get a chance
to grow a relationship. How do you create trust? Here
are a few suggestions:
Look
professional. Use proper spelling, make sure all your
links are working, ensure a working reply address, keep
your layout clean and readable, and don't use all uppercase
letters in your text. If you have one, make sure you
include your "real-world" contact info in
every email so people can see that you exist outside
the Internet.
Be
clear on what new subscribers are signing up for. On
your signup form, tell your readers how frequently your
email newsletter comes out so they can decide if that
is the frequency they want. Link to some samples of
your newsletter so potential readers can decide if its
something they are interested in.
Have
a privacy statement and use it. Having a valid privacy
statement is so important these days. I for one never
sign up for anything without reading the publisher's
privacy statement. Make sure you put a link to your
privacy statement in these locations:
- On
every page of your Web site
- On
your signup form (you'd be amazed at how many people
don't do this!)
- On
your email forwarding function
- On
the confirmation email you send out when people sign
up for your newsletter
- At
the bottom of every email you send out to your list
Address
spam concerns head on. We all know that sometimes people
forget they signed up to receive your email, but when
they do, they associate your company with unwanted email.
Best to realize it's going to happen at some point and
tell people what they should do if they think they've
received your email by mistake.
Consider
applying for an Internet privacy seal. Privacy seal
programs such as TRUSTe ensure that Web sites do what
they say and say what they do. As a result, they represent
a powerful road sign that consumers can look for when
deciding whether or not to trust the Web sites they
are visiting.
While
creating trust on a first impression is never easy,
following these guidelines may help you increase your
signup rate to your email newsletter or Web site in
these challenging times.
Lynda
Partner is the founder of GotMarketing, where she consults
with many companies on email marketing best practices.
|
|
|
 |
|
| |
"Make Privacy Your Choice" Advertising Campaign
One
critical component of the TRUSTe program is maintaining
and growing consumer awareness of the TRUSTe seal and
what it stands for. With the help of our advertising
agency, Godfrey Q Partners, TRUSTe has completed a series
of banner ads to increase awareness of the value of
the seal program. You can view a sample ad below. Some
versions are suitable for general-purpose advertising
and will be featured in public-service announcement
rotation on our licensee ad network, BURST! Media. Some
of the banners are reserved exclusively for TRUSTe sites.
If you would like to display these ads on your site
or in remnant inventory, please contact Carolyn
Hodge, director of marketing.
|
|
|
 |
|
| |
TRUSTe Holiday Shopping Privacy Survey
A
survey sponsored by TRUSTe and conducted by market research
firm NFO WorldGroup reveals that fears related to consumer
privacy will have a significant negative impact on online
shopping during the 2003 holiday season. The survey,
which polled 1,212 consumers, also indicates that smaller
e-tailers that do not post a privacy policy will lose
sales.
Forty-nine
percent of survey respondents indicated that fears related
to the misuse of personal information will limit their
holiday online shopping to some extent, including 5.6
percent who indicated that they will not shop online
at all this year due to their concerns. Of this 49 percent,
the three leading reasons the respondents cited for
reducing or halting their online shopping included concerns
about receiving unwanted spam after purchasing a product,
fears of identity theft, and concerns over the potential
for credit card information to be stolen when making
a purchase from a Web site.
For
the full press release visit our press
page. For the full survey results please contact
Carolyn
Hodge,director of marketing.
|
|
|
 |
|
| |
Compliance
with European Union Data Protection Requirements:
The Safe Harbor and Other Options
Date:
Tuesday, January 27, 2004, 9:00 a.m. - 12:30
p.m.
Location:
Beasley School of Law, Temple University, Philadelphia
Overview:
Temple University's Institute for International
Law & Public Policy, in conjunction with
IMS Health, the U.S. Department of Commerce
(DOC), and Wilmer, Cutler, and Pickering, are
presenting a half-day seminar on the DOC's Safe
Harbor framework for complying with the EU Directive
on Data Protection. The seminar will include
background materials on the EU directive; Safe
Harbor self-certification information and forms;
and information on verification and dispute-resolution
resources available to U.S. firms. Presenters
will also discuss the status of the EU's review
of Safe Harbor implementation and recent related
DOC activities, and will survey additional global
privacy developments affecting U.S. businesses
at home and abroad.
There
is no cost to attend, unless CLE credit is requested.
However, participants must register beforehand.
To obtain more information about the seminar or
to register, contact Jeff Rohlmeier, U.S. Department
of Commerce, at (202) 482-0343.
Reconciling Privacy -- How to Manage Marketing
Practices Across Channels: An IAPP Summit preconference
session sponsored by TRUSTe
Date:
Wednesday, February 9, 2004, 1:00 - 5:00 p.m.
Location:
Washington, DC
Overview:
This preconference session will focus on the
best approaches to gaining new customers through
the primary interactive direct-marketing channels:
direct mail, telemarketing, email, and wireless.
Experts from the industry, law firms, and the
government will discuss new trends and challenges
within these channels and the impact of permission
marketing, privacy best practices, and regulation.
The preconference session will conclude with
a roundtable discussion on how to reconcile
conflicting standards across channels.
|
|
|
|
 |
|
| |
Tip:
If your organization experiences a data spill or security
breach, you should contact TRUSTe immediately for assistance
in assessing the situation.
A
data spill occurs when a licensee intentionally or unintentionally
reveals personally identifiable information (PII) collected
through its Web site to the public without the consent
of the individual.
A
security breach happens when a licensee's protective
measures have been compromised or exposed by site operator
error or a third party, and PII collected through the
site has been made available to the public.
In
the event that either of these two errors occur, contact
your TRUSTe account manager immediately. Important information
to provide us:
- Date(s)
of occurrence
- Number
of users potentially affected
- What
type of information was affected (sensitive information,
PII, or both)
- Other
kinds of data affected, and how much
- Who
had access to the data
- How
the breach or spill was discovered
- What
procedures were in place when the breach occurred
- Whether
these procedures were breached
- If
this incident occurred with an agent or third-party
affiliate, what contracts you may have with these
entities, and which contracts may have been violated
Given
this information, TRUSTe will track all Watchdog complaints
regarding the issue and assist you in responding quickly
to complainants.
--
Carlos Gil Jr., compliance analyst
|
|
|
 |
|
| |
TRUSTe would like to congratulate
the following new licensees on successfully completing
our certification process:
21st Century Toys, Agio Solutions, ASItransact.com, Bits & Bytes Computer Resources, BrassRing, ConnexionbyBoeing, eHits, Friendzy, Instadebit Services, Map Roi Systems, Monarch International, nCommon Partners, RadioShack, Tower Direct, Trondent, TVProducts2000, Worldwide Gourmet Foods.
|
|
|
 |
|
| |
Got Feedback?
We would like to hear what you
think of the TRUSTe Advocate. Send an email with your
comments and suggestions to newsletter@truste.org.
TRUSTe
is an independent, nonprofit organization that administers
the Internet's first and largest privacy seal program.
685
Market Street, Suite 560
San Francisco, CA 94105
(415) 618-3400
Email: privacyseals@truste.org
Web: www.truste.org
|
|
|
 |
|
 |
|
