Title: Building Compliance into the Email Profit Center
1- Building Compliance into the Email Profit Center
- Linda Goodman, Esq.
- The Goodman Law Firm
- James OBrien
- LashBack
- Sal Tripi
- Publishers Clearing House
- Dianna Koltz, CIPP
- Memolink CPA Storm
2Compliance Legal Update, Process Overview Case
Studies
- Linda Goodman, Esq. Principal
- The Goodman Law Firm
3Current Legal Climate
- 2008 Increase in State AG activity
- Q4 2008 more FTC activity than ever before
- 2009 Obama Administration
- Increase Consumer Protection
- Increase Regulatory Enforcement
4Legal Process
- Compliance Process Recommendations
- Case Studies and Precedent
5Email Compliance RealityImpacts Email
Reputation, Deliverability and Profit
- James OBrien
- Director of Marketing
- LashBack
- Global Email Compliance
6Email Myths and Reality
- Myth Compliance Takes Too Much Time and Is Too
Costly. - Reality See The Ten Guidelines to CAN-SPAM
Compliance Handout - Myth Compliance Cost Center
- Mission Email Compliance Quality Control and
Email Profit
7Email Myths and Reality
- Myth CAN-SPAM to reduce volume of email
consumers receive - Reality 90 of all email is junk data, not
legitimate commercial email - Myth CAN-SPAM focuses on consumer legal action
- Reality CAN-SPAM is for legitimate ISPs and
Govt regulators - Reality Relevance trumps permission
- Myth CAN-SPAM is Ineffective
- Over 100 Prosecutions Administrative
Settlements - More Than Any Other Email Regulation
- Enforcement of a weak law is better than little
or no enforcement of a strict law.
8What is the 90 of all email is spam myth?
- Email needs a better definition of spam.
- The huge majority of spam is a torrent of junk
data. - Almost 50 comes from a source which should not
send email. - Another 34 is from unknown sources- both hard
to measure because much is blocked.
9What Email Do You Really Compete Against?
- Tons of Bad Email Gets Delivered.
- Very Little Email is Filtered
- Most Compliant Commercial Email Gets Delivered
- Legitimate Commercial Email Is a Smaller
Percentage of Total Data Delivered Than Anyone
Perceives- It is one basis for its high value and
ROI.
10CAN-SPAM Legislative Intent
- Right to Send vs. Right to Receive
- - With rights come responsibility
- - Email Must Self-Regulate (Learn How Today!)
- Consumer Opt-Out is All
- Transparency- Clear Ownership/Accurate Contact
Information or Permission - - Sending IPs, Domains, Physical Address
- Obligation to Monitor and Resolve Issues in a
Timely Manner - - Collaborative Compliance- shared liability
- - Collaborative Commerce- shared reputation
- No Deception- The reasonable consumer test
- Create an email marketplace by creating basic
standards for email and rules for sending behavior
11Advanced Compliance
- Collaborative Compliancy
- Collaborative Reputation Management
- Internal Policy and Best Practice Compliance
- Contract Enforcement
- New Rules of CAN-SPAM
12Collaborative Compliance--The Obligation to
Monitor--The Opportunity to Enforce Quality
Control
- Federal Register
- Vol. 70, No. 91/ Thursday May 12 2005/ Proposed
Rules. Page 25,431 (not a typo) Section (2)
entitled "Sender Liability for Practices of
Affiliates or Other Similar Entities" - the FTC has specifically held sellers liable
for the actions of third party representatives if
those sellers have failed to adequately monitor
the activities of such third parties and have
neglected to take corrective action when those
parties fail to comply with the law.
13- Who is liable?
- US Advertiser (sender) - UK Publisher
- Commercial Email?
- Who profits?
- Is it your offer?
- Who clicks the send button?
- Follow the money.
- Email Compliance and Reputation is a
Collaborative Exercise in the Email Eco-System.
14Three Types of CAN-SPAM Compliance
15Compliance Benefits
- Decrease Liability
- Public and private
- Identify fraud and brand abuse
- Compliance process weighs heavily under legal
scrutiny - Reduce legal costs when problems arise
- Protect Reputation
- Deciding factor for inbox delivery
- Deciding factor in who works with you
- Increase brand equity
- Increase Deliverability
- Compliant email is first hurdle for delivery
- Identify failures or human error quickly
- Actionable feedback data improves future
campaigns - Increase Profit
- Repel Spambulance Chasers with Confidence
- When email gets delivered it impacts not only
gross revenue but profit per campaign
16Beyond Compliance 101
- Enforce Internal Corporate Guidelines and Best
Practices - Guidance Many online marketers implement custom
controls which go beyond - CAN-SPAM requirements to enforce their own
corporate policies, procedures and Contracts with
third parties. - Custom Best Practices
- Use of Specific, Pre-Approved Subject Lines
- Monitor for Vertical Compliance Specific Rules
finance, education, health - Quality Control Link Functionalty/Accuracy,
Positive/Negative Traffic - Frequency and Volume Caps for Sending-
ListMonitor - Email Brand Usage Monitoring- BrandAlert
- Enforcement of Exclusivity- LM/BA/AL
17Compliance Impacts Reputation
- Consumers and receivers Report Key Metrics to
Centralized Data System
- Data Linked to Sending IP
- and Domain
- Marketers Use FeedBack
- to Improve Sending
- Practices
Marketers Consume FeedBack
ISPs and Receivers Consume Reputation Data for
Delivery Decisions
18Compliance Best Practices
- Closely Tied to Email Performance Best Practices
- Unsubscribe Most Impacts Reputation and
Certification (UnsubScore/Sender Score) - Sending/Data Compliance Problems Will Get You
Blocked or Filtered - Content Issues Decrease Response Most and
Increase Legal Problems
19Email ComplianceThe PCH Way
- Sal Tripi
- Director of Operations and Compliance
20Traditional View
Obstacle Sales Prevention Growth Inhibitor
21Using Compliance to
- Increase Sales
- Grow/Foster Profitable Business Relationships
- Protect Brand
- Improve Campaign Level Metrics Increased
Conversions
22The PCH Brand
- Brand Protection is Crucial For Future Success
- Leveraging The PCH Brand With Valued Advertisers
And Partner
23The PCH Brand
- Yes!We really do give away all that money
- Over 50 Years
- PCH is Sweepstakes
- One of Americas most well-known brands.
- TRUSTED
- No!You do not have to order to win.
24Why Have a Compliance Policy?
- It effects email delivery
- It effects us as well as business partners
- Legal implications of not having one
25 - Opt in Practices
- Segmentation
- Targeting
- Bounce Management
- Delivery Monitoring
- ISP Relations
- Frequency
26A Comprehensive Compliance Program
- Your Sending Reputation
- Acquisition Methods and Partners
- Advertisers
27It all starts with Infrastructure
- Authentication
- Lets the ISPs know who the sender of the
mail is. - Domain Keys or DKIM Yahoo
- SPF AOL
- Sender ID MSN/Hotmail
- Its easy to have all 3
28Sender Reputation
- 77 of Delivery Issues result from Sender
Reputation issues
29Impacts on Sender Reputation
- Complaint Rate
- How often people hit the Report Spam button as a
percentage of total mailed. - Volume
- How much mail is being sent.
- Address Hygiene
- Invalid or non-existent accounts
30Impacts on Sender Reputation
- Spam Trap Hits
- Spam Traps are either old abandoned email
addresses used by ISPs and Blocklists to trap
spammers. -
- Blocklists
- Blocklists are 3rd party providers of data that
ISPs used to evaluate the legitimacy of senders.
31- Before you can manage your reputation you must
first know your reputation.
32Tools
33(No Transcript)
34Delivery Monitoring
- Two types of Monitoring
- ESPs provided delivery stats
- Delivery based on absence of bounce message
- Key Metric but not the full story
- No indication of Inbox/Bulk
- Seed Program
- Inbox/Bulk and Missing
- To truly understand delivery mailers should
evaluate both
35Campaign Level Monitoring
36Spam Filter Review
37Rendering Impacts Complaints
38Acquisition Partners
- How are you growing your lists?
- 3rd Party emails
- Banners
- List Rental
-
39Am I Really Responsible for 3rd Partys
- Advertisers an be viewed as the sender of the
email - Sender is responsible for Can Spam compliance
- Penalties for violation up to 250 per address.
40(No Transcript)
41Typical Acquisition Efforts
Email
Banners
42(No Transcript)
43What Could Go Wrong
44Common issues
- Emails Sent to suspect lists
- Scripts inject suspect addresses on unsuspecting
sites - Aggressive tactics
- Over mailing
45Monitoring is CRITICAL
- Know who is marketing your brand
- Know their reputation
- Know their mailing practices
- Know their other clients
- Know how they are marketing your brand
46What Should I Monitor?
- Partner Sending Reputation
- Block Lists
- Unsub Score
- Compliance Issues
- Key Words/Phrases Related to Brand
- Suppression List Management
47Email Partners
- Who are they sending to?
- How do they obtain their names?
- Their mailing practices
- Frequency
- List Hygiene
- Block Lists
- Who are their business Partners
- As an Advertiser you are Responsible!!
-
48Audit
- IPs and Sending Domain
- Review Sending Behavior
- Opt in Practices
- Blocklists
- Suppression List Abuse
49Monitor On-Going Activity
- Review of All Campaigns
- Validate Unsub Process
- Validate that Partners are using only approved
creative's, IPs, Domains - Validate that Partners are not sending to
harvested email addresses or Suppression lists - Verify that Partners are Marketing your offer in
a manner that protects your brand!!
50Suppression List Abuse
- What is it?
- A Suppression List is a list of suppressed email
addresses used by email senders to comply with
the CAN SPAM ACT of 2004. CAN-SPAM requires that
senders of commercial emails provide a
functioning opt-out mechanism by which email
recipients can unsubscribe their email address
from future email messages. The unsubscribed
email addresses are placed into a "suppression
list" which is used to "suppress" future email
messages to that email address.
51Suppression List Abuse
- Suppression list abuse occurs when a third party
takes a suppression list and emails messages to
the email addresses in the list. The original
sender of the email messages who provided the
opt-out mechanism may be liable for suppression
list abuse.
52Suppression List Protection
53MD5 Hash Encryption
- MD5 is a one way only encryption method.
- Widely Used.
- Reliable
- Easy
- In-house Solution or Outsource
54Brand Monitoring
55Third Party Audit
56Ongoing Monitoring
57Commitment to Compliance
- Executive Level
- Business Partners
- Investment in Resources
- Investment in Tools
58Is it all worth it?
59Benefits
- Improved Delivery
- Higher Conversions
- Attract Higher Caliber of Partners
- Able to establish long lasting profitable
relationships - Provide Quality Leads
- Standout from Competition
- Protect your Brand
-
60(No Transcript)
61(No Transcript)
62Engage the Sales Force
- Allow Potential Advertisers to Audit the Process
- Provide Sender Information Openly
- Provide Links to Reputation Services
- Allow Potential Advertisers to Audit the Process
63Additional Info
- www.lashback.com
- Compliance Monitoring, Brand Monitoring
- www.unsubcentral.com
- Suppression List Management, Protection,
MD5Hash - www.aotalliance.org
- Authentication and security
- www.returnpath.com
- Reputation Monitoring Tools, SenderScore,
Delivery Monitoring Tools -
-
64The Best Practice Approach
- Dianna Koltz, CIPP
- Director of Best Practices
- Memolink, Inc
65Agenda
- Company Overview
- Best Practices Division
- The Best Practice Approach
- Components of The Approach
66Company Overview
- History
- Leadership
- Products
67Company Overview
Professional Experience
- Meredith Corporation
- Memolink, Inc.
- Certified Information Privacy Professional
- DMNews Top 30 Under 30
68Agenda
- Company Overview
- Best Practices Division
- The Best Practice Approach
- Components of The Approach
69Best Practices Division
- What we do
- Set standards
- Execute the approach
- Why we do it
- Industry realities
70Best Practices Division
The Divisions mission is dedicated to an
unwavering integrity and resolve as a
cutting-edge leader in online intelligence and
marketing.
71Agenda
- Company Overview
- Best Practices Division
- The Best Practice Approach
- Components of The Approach
72The Best Practice Approach
- How we execute
- Establishes clear expectations
- Enables us to manage risk
- Influencing factors
- Will you take the challenge?
73Agenda
- Company Overview
- Best Practices Division
- The Best Practice Approach
- Components of The Approach
74Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
75Best Practice Standards
What are Best Practices?
76Best Practice Standards
Development of BPs
- Identify areas of need
- Conduct internal interviews
- Research Read, read, read
- Analyze risk and reward
- Prioritize
77Best Practice Standards
The need for BPs
- Memomail
- Reactive ?
- Cause Spam traps
- Affect Blacklisted
78Best Practice Standards
Implementation of BPs
- Sought external help
- Transparent dialogue
- Made Improvements
- Result SBL Removal
79Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
80Partner Vetting
What is vetting?
81Partner Vetting
- i. How long have you been in business?
- Here today, gone tomorrow?
- Reputation is built on what?
- How long is the track record?
82Partner Vetting
- ii. Has your company received venture or
institutional money? - Insight into priorities.
- Conflict of interests?
83Partner Vetting
- iii. How long has your current leadership
- been in place?
- Turnover in key positions
- Individual track records
84Partner Vetting
- iv. Have you ever been the subject of a lawsuit
or investigation relating to your advertising,
marketing, privacy or data security practices? - Changes?
85Partner Vetting
- v. Do you have a formal due diligence procedure
to vet your vendors and affiliates? - (Inquire about the details of the process.)
86Partner Vetting
- vi. Who is responsible for setting compliance
policy at your organization? - Is the role conflicted?
87Partner Vetting
- vii. Who will be my daily operational contact for
fraud- or compliance-related issues? - Is someone available?
88Partner Vetting
- viii. What are your companys best practice
standards above and beyond what the federal law
requires? - Sales pitch
- Reality pitch
89Partner Vetting
- Who executes the program?
- What happens after acceptance?
90Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
91Business Process Separation
- Why separate?
- How do I gather support?
92Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
93Dedicated Staff
- Why hire dedicated staff?
- Who are the best candidates?
94Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
95Privacy Program
- Protect consumers
- Protect clients
- Protect employees
96Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
97Data Access Program
- Conduct an internal audit
- Evaluate the findings
- Remove the context for abuse
98Components of the Approach
1. Best practice standards 2. Partner vetting
3. Business process separation 4. Dedicated
staff5. Privacy program6. Data access program
7. Education and outreach
99Education and Outreach
- Internal training
- Long-term focus
- Industry collaboration
100Conclusion
- Culture Shift
- Best Practices Compliance
- Invesment
- Return
101Questions? Dianna Koltz, CIPPDirector of Best
Practices Memolink, Inc dkoltz_at_memolinkcorp.com 30
3-327-2114