Global Business Means Global Legal Requirements
Email marketing is often cited as the best example of how complex it is to tackle compliance with the different legal requirements around the world. We all know that the United States has an “opt out” permission law in the federal 2003 CAN SPAM Act, and that most of Europe and Asia have more stringent “opt-in” laws, with some of them requiring “double opt-in,” the most stringent form. Your database has to be able to record and recognize with legal certainty the citizenry (not just the geo location at sign up) of the email recipient and address owner.
Canada has been preparing for more than two years to implement their “Fighting Internet And Wireless Spam Act” (usually referred to as the Canadian Anti-Spam Law or CASL – say it like “castle”) A new post on the DMA/Email Experience Council blog, “Understanding CASL” highlights what is required.
Fear that U.S.-based marketers will get snagged by CASL is legitimate. The opt-in permission standard for CASL is more stringent than the standard for CAN SPAM. You must know the citizenry of your email subscribers and customers – or ensure you have permission at the higher standard. That means that every U.S. marketer will need to prepare for higher scrutiny on any records with unknown citizenry.
The other day, I was having a conversation with a marketer at a U.S. company who holds customer events in the U.S. with attendees from all over the world. They use kiosks to gather email address and interest information, and have to think about a matrix of global permission laws in order to collect all the right information to comply with laws around the world. That makes the form longer and denser (not good for response!), and forces inclusion of some unusual questions (like, “Start date of your company’s business”) that are required in some Asian countries. This marketer said they get a lot of “what the?!” responses from people standing at the kiosks – and some mocking tweets. He believes most are good natured, but now plans to take a more localized approach to the sign-up process.
If and when CASL gets passed into law, then not all North Americans will have the same permission standard. Some anti-spam folks think this is a good idea – as it may force some American marketers to upgrade to the more stringent permission standard for all subscribers, just to ensure compliance with CASL.
Permission is a good thing, and the more choice and notice you provide to subscribers, the better. This is outlined clearly in the DMA Ethical Guidelines for our industry. However, permission alone is just a starting point, and does not create relevancy or improve response. Only great, well-timed experiences create relevancy. So, more permission-based legislation is not going to guarantee more satisfying commercial email experiences for subscribers.
Following the matrix of global laws for data-driven marketing gets complex. Be sure you are reviewing the DMA Guidelines with your attorneys and privacy people to ensure compliance, and good business practices.
NOTE: The author is not an attorney and DMA does not provide legal advice. Always consult with counsel on any legal or compliance question.