TC Media's own Privacy Guru, Matthew Vernhout, shares the key components of the Digital Privacy Equation. Trust = Control, Transparency, and most importantly for consumers, Value. In addition, he provided important updates on the upcoming CASL legislation changes, and what companies can do starting today to ensure compliance.

1. The Digital Privacy Equation
Matthew Vernhout, CIPP/C
Director, Delivery and ISP Relations

2. Agenda
• Privacy Equation
– Trust = Control + Transparency + Value
• CASL Update
• Q&A

3. TRUST = CONTROL + TRANSPARENCY + VALUE

4. What is Trust?
• Trust is built through your products, reputation,
actions, and marketing
– Paid, Earned and Owned
• Consumers maintain multiple contact profiles
and share these with marketers based on the
trust equation:
– Free web email accounts
– Social media profiles
– Postal address
– Cable/ISP/Work email accounts
– Mobile phone numbers

5. 10 PIPEDA Principles
• Control • Transparency
– Accountability – Identifying Purpose
– Consent – Limiting Collection
– Accuracy – Limiting Use,
– Individual Access Disclosure and
Retention
– Safeguards
– Openness
– Challenging
Compliance

6. TRUST = CONTROL + TRANSPARENCY + VALUE

7. Control Principle – Accountability
• Why is Accountability important?
– First stage of trust – declaring what you will do
with any Personal Information that you collect
from the recipient
• Potential Conflicts:
– Consumers want to know what you plan on doing
with the information you are collecting
– Marketers want to do more with the information
being collected
#1 complaint source for the Office of the Privacy Commissioner in 2011

8. Control Principle – Consent
• Consent must be in such a way that the individual clearly
understands what they are agreeing to.
• Think about more granular control of consent - Consumer:
– Implied vs. Explicit consent
#3 Complaint Source for OCP investigations in 2011

9. Control Principle – Accuracy
• Efforts should be made
to provide tools that
allow for users to self
manage their accounts
and profiles.
• Pro tip:
– Build solutions that
allow for self-service
management with
controls to notify
users of significant
changes to their
accounts (passwords,
email addresses, etc.)

10. TRUST = CONTROL + TRANSPARENCY + VALUE

11. Transparency Principle – Identifying Purpose
• Set expectations
• Provide examples of what
you collect:
– Name
– Email
– Phone, etc.
• Why you need it and how
you plan on using it:
– Billing and subscription
information

12. Transparency Principle – Limiting Collection
• Personal information
collected should only be
limited to that which is
necessary for the
purposes identified.
• Limit the number of
questions.
– imagescape.com case
study: a shortened
contact form saw
• + 160% in the number
of forms submitted
• + 120% in conversion

13. Transparency Principle – Safeguards
• Physical Security vs. Virtual Security
– Access Levels within organizations
– Security policies and internal audits of these
practices
• Examples:
– Public tweets from wrong account: Automotive
company recently fired their agency over a
misplaced tweet from the social media manager.
– Prevention: Have separate tools/accounts to limit
this type of exposure.

14. Transparency Principle – Openness
• Provide a central point of
access to your
organization that is trained
in dealing with customers
and non-customers
interacting with your
business
• Examples:
– Social media (Community
Managers)
– Privacy Officer/Team
– Contact Us/Support

15. TRUST = CONTROL + TRANSPARENCY + VALUE

16. What is the Value?
• Consumers give information
to companies to improve the
relationship/products/service
• Problem:
– 74% of North American
Consumers don’t see benefit
of exchanging personal
information and other info
• How do you fix this?
– Better reporting
– Preference centers
– Surveys
– Identify the perceived value
of your brand
Source: List of consumer demands, G2 eCulturesEUROPE Report

17. Value for Consumers
• Inform users what value they can
expect as the relationship deepens:
– Discounts, coupons, points, free
content, exclusive invitation, etc.
– Targeted and relevant messaging for
the recipient
– The more information collected, the
better targeted the deals, offers and
value returned

18. Value for Marketers
• Value is where the
Win/Win is found:
– Better offers to
consumers = loyal
consumers
• Brand ambassadors
are built on earned
trust
– Rich data for the
marketer to build
trends, projections and
analysis
• Increased ROI

19. TRUST = CONTROL + TRANSPARENCY + VALUE
• Give more control to consumers
• Join the discussion with consumers and
listen to their needs/wants
• Use data and feedback to continually
improve your marketing efforts
• Give people a reason to trust you through
your actions and policies

20. CASL UPDATE

21. Overview
• Canadian Anti-Spam Legislation
– Consent based messaging
• All messaging channels (email, SMS, IM etc.)
– Implied and Express Consent
– Includes Identification requirements
– Installation of Software
– Unsubscribe: Without delay, but not longer than
10 business days
• Regulations finalized by CRTC, OPC
– Still waiting on Industry Canada

22. CRTC Regulations
• CEMs need to include these key identifiers:
– The name by which the person sending the message conducts business
– Third party messages you should use the name by which the third party
carries on business
– A statement indicating which person is sending the message and which
person on whose behalf the message is being sent
Source: EmailKarma.net: http://ekma.co/KBhihp

23. CRTC Regulations
• All unsubscribe mechanisms must be set out clearly
and prominently and must be able to be readily
performed.
– Find a way around password protected unsubscribes
• A request for express consent has been clarified to
include:
– Oral or written consent
– Must be sought separately for each channel (SMS,
Email, etc.)
• Computer program’s that cause a computer system
to operate contrary to reasonable expectations must
have a separate consent
Source: EmailKarma.net: http://ekma.co/KBhihp

24. Next Steps
• Industry Canada to release draft regulations
(expected in September/October)
– 30-day comment period on Draft
• Release of Final Draft with coming into force
date (estimated to be) Q2/3 of 2013

25. Summary
• Trust is earned
• Be upfront with disclosure and consent
• Provide more self-service tools to users
• Answer “What’s in it for me (consumer)?”
• Remember: CASL will be enforced next year.
– Review your processes now for potential
changes

26. Q&A

27. Thank You!
Matthew Vernhout
Director, Delivery and ISP Relations
416-361-3522 x238
matthew.vernhout@tc.tc
Twitter: @emailkarma