Download Permission At A Glance: DMA`s Marketing Permissions Guidance

Permission At A Glance: DMA’s Marketing Permissions Guidance
Background:
Proper “permissioning” or obtaining proper consent by marketing channel is a critically
important step in ensuring you are acting as a responsible marketer who honors a consumer’s
choices regarding their unwanted marketing offers.
DMA’s number one consumer complaint has been that a consumer is receiving unwanted or
improperly targeted marketing offers and a consumer would like to learn ways to reduce or stop
the marketing offers from a particular company (or organization in the case of nonprofit
fundraising.) Providing consumers with notice and choice is essential to foster a strong trust
between consumers and marketers.
This outline is intended to offer you basic guidance regarding the individual permission
requirements by marketing channel. It includes a permissions chart, See http://thedma.org/wpcontent/uploads/DMA_Marketing_Permission_Table_2014.pdf so that you can review the
permission needed at a “quick glance” prior to your marketing campaign and as you collect and
hold permission data (this means both opted-in lists and suppression files…) for a legitimate
business purpose.
The permissions chart also cites the specific DMA guidelines by channel. As you review the
particular channel, please ensure that you read the DMA’s Guidelines for Ethical Business
Practice which details the more extensive requirements for DMA members by channel and the
particular marketing ethics/compliance requirement. See www.thedma.org/compliance for the
latest DMA Guidelines for Ethical Business Practices.
Please note that this document is not intended to provide you with specific legal advice. You
should ensure you review your campaigns with your own legal counsel.
Types of Consent:
There are different ways to appropriately obtain a consumer’s consent. Some forms of consent
and proof of consent are required by law as explained below. Consent can be broken into two
categories: “opt-in” consent or advance permission, which means the individual must provide
his/her consent before the marketer is allowed to take the action; or, “opt-out” which means a
marketer may take the action until the consumer tells the marketer to stop.
1
Forms of obtaining consent may be: in writing; through a voice recording; through a valid email
unsubscribe; through a valid check-box (not a pre-checked box, though!); via a signature line;
via a text-back message; via an appropriate mobile app consent process; or through a formal
written agreement depending upon the exact type of marketing channel. If you need “opt-in” to
proceed before you take the marketing action, you must ensure you can prove the consent was
obtained properly whether in writing, by voice recording or otherwise.
Mail:
Mail is an opt-out channel. Consumers may be sent marketing offers so long as the marketer
does the following:
 provides a point of contact for the consumer where the consumer may modify their mail
choices or opt-out of all future mailings. This option should be provided via a toll-free
number, your company website, an email or mailing address. There should be no cost for
a consumer to opt-out.
 the marketer must ensure the mailing list used for your future prospects has been run
against a suppression system that includes scrubbing your file against your own internal
do-not-contact file and uses the DMA’s suppression file known as the DMAchoice
suppression file (this includes caretakers and deceased individuals’ name and address as
well.) This will ensure you are not mailing wastefully to an individual who has
specifically asked to stop receiving mail from your organization.
Email:
Email marketing solicitations (not transactional or informational emails) are covered under the
federal CAN-SPAM Act, meaning a marketer may send an email to an individual without prior
consent, but the marketer must have a functioning unsubscribe within the marketing email
message that allows the recipient to opt-out immediately from future marketing emails. The
DMA advises that advance email permission is best since email marketing as a channel is subject
to unique Internet delivery rules by Internet Service Providers (ISPs) to protect their users and
their online delivery systems against illegal spam. Legitimate marketers may get caught up in
spam traps and other methods used to prevent spammers in the global fight against spam
scammers, and they may find their marketing campaigns cannot be executed due to a spam
block. There are services a marketer may use to ensure their email lists are identified and
authenticated, and use of the such protocols are essential to ensure delivery.
The FTC’s CAN-SPAM rules are located here:
http://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/can-spam-rule
Email “Appending”:
Legitimate marketers may decide to improve their data by appending an email address provided
by a third party to their existing records. However, a marketer must ensure the source of the
email they are working with is a legitimate source and that it has obtained prior permission from
the email recipient for the use of their email by such a third party for future email marketing
uses. Otherwise, without proper permissions in place, the marketer can face the same issues of
potentially being blocked for spamming. A prior business relationship with the email recipient is
acceptable under DMA Guidelines.
2
Marketers must not send a Mobile Service Commercial Message (MSCM is an email message
sent to an email address on an Internet domain of a wireless carrier) to appended emails that
belong to mobile devices since prior express authorization is required. Marketers must not send
commercial email messages to wireless devices without prior consent.
Faxing:
A marketer cannot send an unsolicited fax without an opt-in by the recipient or unless there is a
prior existing business relationship.
An “established business relationship” or EBR is “a prior or existing relationship formed by a
voluntary two-way communication between a person or entity and a business or residential
subscriber with or without an exchange of consideration [payment], on the basis of an inquiry,
application, purchase or transaction by the business or residential subscriber regarding products
or services offered by such person or entity, which relationship has not been previously
terminated by either party.”
Each fax must include specific items:
 the date and time of the transmission;
 the identity of the sender;
 the telephone number of the sender or the sending machine;
 an opt-out notice with opt-out instructions.
The Federal Communications Commission regulates the use of telephone facsimile machines.
You may view the FCC’s fax rules by going to http://www.fcc.gov/guides/fax-advertising
Phone/Telemarketing:
A marketer may call a consumer with an unsolicited marketing offer unless the recipient’s phone
number is on the national do-not-call list registry (B2B calls are exempt.) Telemarketing calls are
regulated by the Federal Trade Commission, the Federal Communications Commission and
states. An individual may register their personal landline or cell phone numbers on the national
registry. Marketers may not call these numbers and must ensure they are using the appropriate
telephone number suppression process prior to their calling campaign to ensure they do not
illegally contact a number that is on the registry. To view the rules for telemarketing go to:
http://business.ftc.gov/documents/bus27-complying-telemarketing-sales-rule
Sometimes a marketer may not realize they are calling a wireless device. Consumers can “port”
their numbers to a wireless device. Thus, a number that is safe to call today may be illegal to call
tomorrow.
To determine if a number belongs to a landline or a wireless device, go to http://imsdm.com/products/wireless.shmtl and obtain the Wireless Block Identifier (identifies the more
than 400 million numbers that will be, or are already are assigned to wireless devices) and the
Wireless-Ported Numbers File (this identifies the more than 400,000 ported numbers.) There is a
Safe Harbor if you call a ported number. The Safe Harbor grants a 15-day time period in case
you call a number mistakenly. To qualify for the Safe Harbor, the call must be a voice call, the
3
marketer does not knowingly call wireless numbers, and the calls are made within 15 days of the
port.
Mobile Devices:
Marketers should not be sending a commercial marketing message to a mobile device without
the individual’s prior express consent. Mobile as a device is unique in that it can include other
digital channels—email texting and online access in addition to voice calling. It also provides
access to online websites and online apps. This means that you need to default to “prior express
consent,” when you are sending a marketing solicitation to mobile devices for each campaign
and you should have a clear and easy to follow mobile privacy policy. Assuming you have
obtained prior express consent, every mobile marketing message sent should include a simple
and easy to use mechanism where an individual can opt-out of future mobile marketing
messages. (Where possible, the opt-out should be able to be done via a text reply message.)
Please note that location-based mobile marketing requires prior express consent and you must
ensure you obtain prior express consent if you are sharing location-based data with third parties.
Texting:
The FCC treats text messages and short message services (SMS) messages sent to a wireless
device the same as calls subject to the Telephone Consumer Protection Act (TCPA.) Such
messages include phone-to-phone text messaging and SMS messaging sent to a pager. Thus,
unless you have prior express consent or it is an emergency, it is illegal to use an automatic
dialing system to send text or SMS messages to cell phones or other wireless devices. DMA’s
Guidelines prohibit a marketer from sending text messages to a wireless device without prior
express consent.
Online Ads:
Consumers do not always understand that a display or “pop-up” ad online that they may see
when they go to a website is not served to their own computer or mobile device in a unique
manner. Since this is akin to general mass marketing messages (such as television or radio ads)
specific permission is not required. Marketers must pay attention to ensuring the ad copy and
terms meet other DMA Guidelines, however.
Online Behavioral Ads:
Online behavioral ads may be sent so long as there is the ability for an individual to opt-out of
future targeted ads. Marketers may send online targeted ads to individuals based on their web
browsing behavior without prior permission. This is known as online behavioral advertising, or
“OBA.” A consumer must be provided an ability to opt-out of future behaviorally targeted ads
through notice and choice whereby they may opt-out of such ads by opting out via the Digital
Advertising Alliance icon program, see http://www.aboutads.info/consumers.
Marketers and their third parties (ad networks and others involved in sending the ad to a
particular computer or device) should sign up at http://aboutads.info to obtain the OBA icon
license agreement so that they can join the cross-industry self-regulatory coalition, the Digital
Advertising Alliance (of which the DMA is a founding member and one of the enforcing bodies)
and support its principles. Please note that other non-cookie based options to deliver ads are
4
being developed and should be examined to ensure that the consumer is notified about such
activities in your privacy policy and in your other terms and conditions. The consumer should be
able to opt-out of future targeted online ads, regardless of the underlying ad serving technique.
“Robocalls” and Automated Dialers/Texting:
Robocalling complaints by consumers led to a stringent regulatory regime for marketers who
may wish to use an “automated dialer” to contact consumers with marketing offers. This includes
texts that are sent via an automated dialer process. In order to contact a consumer using such
methods, a marketer must first obtain the recipient’s prior express written agreement, the highest
standard of prior consent. Further, a marketer must provide an in-call mechanism so that the call
recipient can use it to be placed on the company’s do-not-call list during each prerecorded call,
or provide an opt-out mechanism within each text. To review the FCC’s overview of the rules
regarding robocalls and automated texting restrictions, please see
http://www.fcc.gov/guides/robocalls
Contact Us:
For questions or comments about this report, write to:
Direct Marketing Association (DMA)
Corporate & Social Responsibility Department
1615 L Street, Suite 1100
Washington, DC 20036-5624
[email protected]
Copyright, 2014 by the Direct Marketing Association
5