ARCHIVES: This is legacy content from before Marketing Dive acquired Mobile Marketer in early 2017. Some information, such as publication dates, may not have migrated over. Check out the new Marketing Dive site for the latest marketing news.

Better Business Bureau exec: Be transparent with data collecting

NEW YORK ? An executive from The Council of Better Business Bureaus Inc. at Mobile Commerce Daily?s fourth annual Nonprofit Mobile Day said that when it comes to collecting user information via mobile, organizations should not only be careful to abide by federal and state regulations but also recommendations and voluntary guidelines.

During the presentation titled ?Better Business Bureau: How to Ensure a Safe and Trustworthy Mobile Experience,? the executive discussed how to build trust and privacy in the mobile environment. The session also gave attendees a run-down on some privacy issues surrounding mobile marketers today.

?If you want to use mobile, then you really do need to consider your privacy practices, and that means considering them throughout your organization,? said Genie Barton, vice president and director of online interest-based advertising accountability program and mobile marketing initiatives at The Council of Better Business Bureaus Inc., Arlington, VA.

?Making sure that you are doing the right thing is really in your interest,? she said. ?So be alert for nuances and exceptions in the law.?

Nonprofit Mobile Day, a conference owned by Mobile Commerce Daily parent Napean LLC, was co-presented with the Direct Marketing Association.

Privacy rules of the road
As opposed to in the European Union, the United States does not have an overarching privacy framework.

?We look at a sectorial kind of approach to privacy, like financial privacy health privacy, health privacy,? Ms. Barton said. ?And in terms of mobile, it?s very much a state issue right now.?

Nonprofits do need to watch out for the Telephone Consumer Protection Act (TCPA) and Telephone Sales Rule (TSR). Autodialed or prerecorded calls (or texts) are not exempt from these acts.

As of October, the FCC will require tax-exempt nonprofit organizations to obtain ?prior express consent? ? oral or written ? for non-telemarketing, informational calls.

It is important for nonprofits to be knowledgeable about these rules to avoid legal complications, although avoiding them entirely may not be possible.

For example, SoundBite Communications tried to create a class-action lawsuit against companies that sent a confirmatory message when consumers opted out of receiving more texts. Even though these confirmatory messages are entirely legal and the case was dismissed, the companies involved lost a lot of money during the trial.

Both federal and state laws are usually focused on the behavior of commercial entities, but nonprofits should still be sure that any company they partner with are following these laws.

?If your for-profit organization that you?re working with is acting on your behalf under the law of agency, you might be liable for their actions,? Ms. Barton said. ?The importance of vetting who you do business with can?t be overestimated.?

Similarly, if an organization wants to create an application with a third party, they need to wisely choose the third-party company. Make sure that they have a privacy policy.

Some companies falsely assume that their app provider will take care of privacy issues and mistakenly do not create their own.

Recommended practices
Beyond the law, there are still many voluntary practices that will build a nonprofit?s trust level with donors and ensure good privacy practices.

Before organizations allow applications to access sensitive content such as location and contact list, they should send out just-in-time disclosures and retrieve express consent from users. Organizations should also create a privacy dashboard to review the content accessed by apps.

Additionally, companies should create a clear privacy policy for their apps that are easily accessible through the app stores.

The California Attorney General Report encourages organizations to minimize surprises for consumers and promote shared accountability in the mobile ecosystem. It also recommends that companies only collect data that is necessary for basic app functionality.

There are a number of different guidelines out there, with the number only growing. There is the Fair Information Practices, FTC report and Attorneys General Reports, and the Network Advertising Initiative, Direct Marketing Association, Mobile Marketing Association, CTIA-The Wireless Association, Groupe Speciale Mobile Association and the Digital Advertising Alliance all have guidelines as well.

While the abundance of guidelines definitely confuses and complicates matters, Ms. Barton encouraged organizations to be knowledgeable about the best practices and put the effort into privacy policies.

Ms. Barton summarized the basic best practices: have a clear and concise privacy policy that is accessible from the mobile device, application or Web site, empower users with notice and choice and use clear short-form notices.

?Unfortunately, when you are in the world of mobile, it really pays to pay attention to what?s going on,? she said. ?Be careful who you?re working with so you can be sure that you have a good privacy policy.?

?Make sure that notice is provided before collection. Limit sensitive data collection. If you can, notify before app download. Think of what your users would expect you to be collecting from them.?

Final Take
Genie Barton is vice president and director of online interest-based advertising accountability program and mobile marketing initiatives at The Council of Better Business Bureaus Inc., Arlington, VA.