1

Dennis Dayman Chief Privacy and Security Officer, Return Path Len Shneyder Director of Industry Relations, Message Systems

Privacy & Big Data Overload!

November 4, 2014

2

A link to the webinar replay will be provided via email following the presentation

2

Participate in Today’s Discussion… Tweet #dataprivacy

Follow us on Twitter @messagesystems @LenShneyder @ddayman @returnpath

Follow us on Linkedin Message Systems Return Path

How Much Data is too Much Data?

Dennis Dayman, CIPP-US, CIPP-IT Chief Privacy and Security Officer Tuesday, November 4

• What are the issues today? • What responsibilities marketers have in today’s expanding ‘big data universe’

• How to apply your data within the confines of compliance law

• Tips for integrating data across channels and platforms • The principles of ‘Privacy by Design’

Agenda

They say you can never have too much of a good thing. In my view data is a good thing – but can you have too much of it?  

IBM found that more than 70% of CMOs are put off from doing anything with their data due to data overload

Is there such thing as too much data?

2.5 quintillion bytes of data

How deep down the rabbit hole do we go?

How deep down the rabbit hole do we go?

Privacy in Advertising and Marketing

• According to a report from Advertising Standards Canada: –  89% agreed with the statement, “people share far too much

personal information online these days;;” –  72% responded that they were worried about the erosion of

personal privacy; –  73% said they were aware that businesses were tracking people's

activities on the Web in order to understand their interests.

• Give consumers choice, control on personal data, advertisers

http://www.theglobeandmail.com/report-on-business/give-consumers-choice-control-on-personal-data-advertisers-urged/article5461959/

Email marketers hold the keys to marketing’s future...

The wrong ways to find customers

●  Rent lists ●  Trades ●  Auto-enrollment ●  Negative option/pre-checked boxes ●  Data appends

These tactics are all still in use today, and not one of them a consumer-friendly way to begin a relationship

Adap%ng  to  one  big  issue  define  marke%ng’s  winners    and  losers:    

1 Consumer control

Consumers are controlling the conversation  

Consumers drive the legislative agenda  

The CASL Panic

of 2014

• Canada’s Anti-Spam Legislation –  Establishes rules for sending commercial electronic messages

(CEMs) –  Passed in 2010 –  Takes Effect July 1, 2014

What is CASL?

Worldly comparisons

Differences in Privacy

21

•  Not a fundamental human right

•  Patchwork of industry, local, state and federal laws.

•  Typically an opt-out scheme with a dash of opt-in and notice.

•  Privacy is a process of need by sector

•  Fundamental human right •  Privacy law, not an email

law •  Opt-in in model •  E.U. Data Protection

Directive •  Member nations are

compelled to enact data protection laws and create supervisory bodies.

Regulatory Landscape

© 2011. All rights reserved. Online Trust Alliance (OTA) Slide 22

Regulatory Landscape

© 2011. All rights reserved. Online Trust Alliance (OTA) Slide 23

Consumers drive technological gatekeeping  

1 Conversations in 7 terminated...and not by ISPs

Source:  Return  Path,  2014  Inbox  Placement  Benchmark  Report  

86%  

9%  5%  

Inbox  

Missing  

Spam  

Start small and think about the customer point and needs  

Look for nuggets of gold in your data and delete the rest.

Content and data can still be king, but its relevancy and targeting that matters

What is Privacy?

• Freedom of choice • Personal control •  Informational self-determination

These can be part of a customers personae.

1.   Names 2.   Postal Addresses 3.   Telephone numbers 4.   Social Security Numbers 5.   Account Numbers 6.   Driver Licenses Numbers 7.   Financial Account Numbers – Credit Cards, Checking 8.   Logins and Passwords 9.   Habits of any sort or Personal preferences 10.   Email addresses

Where do you get this information typically?

1.   Webinars. Attendee information 2.   Fishbowls. Business cards 3.   Website forms Email capture 4.   Tracking mechanism. Website cookies 5.   Social media. LIKES! 6.   Mobile device tracking. Geo-location 7.   Buying of data. Email list buying 8.   Email campaigns tracking. Open and clicks 9.   Online surveys 10.   Preference centre’s 11.   Customer accounting 12.   ETC

Privacy issues today

Class Action Lawsuits

Brand Damage

Data Breaches

Loss of Market Share

Privacy by Design (PbD)

What is PbD?

•  Privacy by Design was developed by Ontario’s Information and Privacy Commissioner, Dr. Ann Cavoukian, in the 1990s, as a response to the growing threats to online privacy that were beginning to emerge at that time.

•  It represents a significant shift from traditional approaches to protecting privacy, which focus on setting out minimum standards for information management practices, and providing remedies for privacy breaches, after-the-fact

•  Past privacy approaches are like locking the stable door after the horse has bolted.

•  PbD requires that organizations think about privacy proactively, from the initial development phases of systems and processes

Companies and people are paying attention

1.   Since 1995 1.   Profound shift in privacy management in the world 2.   Many companies are creating Chief Privacy Officer

(CPO) positions 3.   Privacy has evolved over the last several years to

be defined in large part by respect for what consumers expect regarding the treatment of their personal sphere

Breaking with Tradition: The Zero-Sum Paradigm

1.  Win-Lose 2.   False Dichotomies 3.  Unnecessary Trade-Offs

A New Perspective on Privacy: The Positive-Sum Paradigm

1.  Win-Win

What does that look like for you?

Email –  Opt-In forms –  Sending a welcome email –  Allowing for preference centre

•  Opt-out •  Change of information •  Deletion of information or account

–  Collecting only necessary data –  Not selling that data –  Removing data when no longer in use –  Secure databases and systems

Privacy by Design: Overview

Principle One

Embed privacy right from the onset

Principle Two

Privacy as the Default Setting

Principle Three

Privacy Embedded into Design

Principle Four

Positive-Sum NOT Zero-Sum

Principle Five

•  End-to-End Security

•  Full Lifecycle Protection

Principle Six

•  Visibility

•  Transparency

Principle Seven

•  Respect for users privacy

In review

•  Proactive not Reactive: Preventative, not Remedial;

•  Privacy as the Default setting;

•  Privacy Embedded into Design;

•  Full Functionality: Positive-Sum, not Zero-Sum;

•  End-to-End Security: Full Lifecycle Protection;

•  Visibility and Transparency: Keep it Open;

•  Respect for User Privacy: •  Keep it User-Centric.

http://www.ipc.on.ca/images/Resources/7foundationalprinciples.pdf

Permission based Marketing

• Essential premise: persuade consumers to volunteer their attention;

• Predicated on Consent: make consumers active recipients of marketing information;

• Puts control in the hands of consumers; • Just because you somehow get my email address doesn’t mean you have permission.”

— Seth Godin, Permission-Based Marketing, 2001

Payoff

• The ‘payoff’ to privacy- respecting organizations –  Enduring competitive advantage. In a world of increasingly

savvy and inter- connected customers –  There is a strong competitive advantage for businesses to invest

in good data privacy and security practices

The Bottom Line

• Privacy should be viewed as a business issue, not a compliance issue

• Think strategically and transform privacy into a competitive business advantage

• A significant portion of the population is becoming concerned about identity theft, and it is influencing their purchasing decisions –  Loyal repeat customers –  Consumer confidence and trust

Class Action Lawsuits

Brand Damage

Data Breaches

Loss of Market Share

The keys to marketing’s future...  

Make sure you are monitoring and maintaining...

List  Hygien

e  Complaint

s  

IP  Permanenc

e  Engag

ement  

Message  Qua

lity  

Infrastructu

re  

Thank You! Dennis Dayman Twitter: ddayman returnpath.com

56

CONFIDENTIAL

With Great Data Come Great Needs

57

58

The Law is Only The Beginning

“We are very conservative about compliance with all privacy laws. But even if you’re following the law, you can do things where people get queasy.” -NY Times ‘How companies learn your secrets’

59

Delicate Balancing Act

Consumer Business

ROI

Brand Awareness

Market Differentiation

Value

Privacy

60

Privacy is a constant ongoing process

61

Privacy starts with opt-in and exists at every level

Opt In •  Although the law

(in the US) doesn’t require double opt in, it is something to consider over the long haul

Preferences • Use Customer

Preferences to send based on preferred contact methods and channels

Segmentation •  Put customer

prefs and behaviors into action by sending the right message to the right person

Delivery • Respect ISP

AUPs and TOS, applied Adaptive Email Network that incorporates over 2k rules

Analysis •  Look at ALL the

metrics and keep track of who has access to sensitive data

62

SMTP UTF8

63

Privacy by Instrumentation

64

TLS Encryption to Protect Customer Data

65

Marketing at the speed of light

66

Thank you very much!

Len Shneyder Director of Industry Relations

Message Systems @LenShneyder

Thank you!

Follow us on Twitter: •  @messagesystems

Follow us on Linkedin: •  Message Systems

Visit Us •  www.messagesystems.com

Contact Us •  info@messagesystems.com