Help spread the word about the Privacy Council by embedding the official widget:

It resulted in the girl hanging herself, and a large controversy over who is responsible. Obviously, MySpace themselves comes into question – how could they allow this?

The fact of the matter is that it is almost too easy to pretend to be someone else online, and it will be interesting to see what kind of new regulations this brings about for online publishers.

CARU’s basic activities are the review and evaluation of child-directed advertising in all media, and online privacy practices as they affect children. When these are found to be misleading, inaccurate, or inconsistent with CARU’s Self-Regulatory Guidelines, CARU seeks change through the voluntary cooperation of advertisers.

CARU’s Guidelines contain a section that highlights issues, including children’s privacy, that are unique to the Internet and online sites directed at children age 12 and under. The following is an overview of these guidelines:

1. Advertisers must clearly disclose all information collection and tracking practices, all information uses, and the means for correcting or removing the information. These disclosures should be easily accessible before any information is collected.

2. Advertisers should disclose why the information is being requested and whether the information will be shared, sol or distributed outside of the collecting company. This disclosure should be written in language easily understood by a child.

3. Advertisers must obtain prior “verifiable parental consent” when they collect personal information (such as email addresses, screen names, addresses or phone numbers) that will be publicly posted. The definition of “verifiable parental consent” in the Children’s Online Privacy Protection Rule applies.

4. For activities that involve public posting, advertisers should encourage children not to use their full names or screen names that correspond with their email address, but choose an alias (e.g., “Bookworm,” “Skater,” etc.) or use first name, nickname, initials, etc.

5. Advertisers should not require a child to disclose more personal information than is reasonably necessary to participate in the online activity (e.g., play a game, enter a contest, etc.).

6. When an advertiser collects personal information only for its internal use and there is no disclosure of the information, the company must obtain parental consent, and may do so through the use of email, coupled with some additional steps to provide assurance that the person providing the consent is the parent.

7. To respect the privacy of parents, advertisers should not maintain in retrievable form information collected and used for the sole purpose of obtaining verifiable parental consent or providing notice to parents, if consent is not obtained after a reasonable time.

8. If an advertiser communicates with a child by email, there should be an opportunity with each mailing for the child or parent to choose by return email or hyperlink to discontinue receiving mailings.

9. When performing age-screening, advertisers should ask screening questions in a neutral manner so as to discourage inaccurate answers from children trying to avoid parental permission requirements.

10. Since hyperlinks can allow a child to move seamlessly from one site to another, operators of Websites for children or children’s portions of general audience sites should not knowingly link to pages of other sites that do not comply with CARU’s Guidelines.

Resources: www.caru.org

This surplus of junk mail is not only killing trees, it is also producing mass waste. Approximately 40% of the solid mass that makes up our landfills is paper and paperboard. This number is expected to rise by the year 2010 to about 48%.

So how do people find you to send you this waste? Most lists of names and addresses used in bulk mailings are in mass data-collection networks which are compiled from phone books, warranty cards and charity donations, to name a few. Each time your name is sold, these data-collection networks make between 3 cents to20 cents.

So what can you do? You can start by trying to cut down on the waste. You can do things like reuse the junk mail for scrap paper or shred the paper and use it for filler when shipping. Recycle the junk mail at your local recycling center. Or even create new things like homemade recycled paper.* You can also cut the amount of junk mail you receive. If you cut your junk mail for 5 years, you’ll conserve 1.7 trees, 700 gallons of water and prevent 460 pounds of carbon dioxide from being released into the air.

*Make recycled paper at home by cutting junk mail into small shreds, then soak it in warm water (one hour, stirring occasionally). Next, spread it out on a flat, fine-holed, wire-mesh screen and let it dry. You can also add flowers, grass, and leaves for fun, color, and texture.

2. You should make your information practices available to visitors in a prominent place on you websites home page. The notice about information practices on your website should be easy to find, read and understand so that a visitor is able to comprehend the scope of the notice. The notice should be available prior to or at the time personally identifiable information is collected.*

3. The website contact information should be easily accessible so the visitor knows who is responsible for the site and can contact your organization for service or information.

4. If your organization’s policy changes with respect to the sharing of personally identifiable information with third parties, you need to update your policy and give consumers conspicuous notice and offer an opportunity to opt out.

5. If your organization has a site directed to children under the age of 13 or collects personally identifiable information from visitors known to be under 13 years of age, your website should take the additional steps required to comply with the Children’s Online Privacy Protection Act.

6. Webmasters have 10 days to remove user’s information when they opt-out of a program.

7. Industry guidelines address consumer access to information by providing generally that procedures should be established to ensure accuracy of the information, including allowing consumers access to, and the opportunity to correct, information collected about them.

8. Having an easily visible privacy policy on a website makes visitors feel more secure when using the site.

9. Information retained from visitors can be used for marketing purposes ONLY if they do not opt-out of the program.

10. Having an opt-in is the best way to insure your website is only sending the user information they want to receive.

*If your organization collects personally identifiable information for visitors, your notice should include:

- The nature of the personally identifiable information collected about the individual and the types of uses you will make of such information, including any marketing uses.

- Whether you transfer the collected information to third parties for use by them for their own marketing and the mechanism by which the visitor can exercise choice not to have such information shared.

- Whether personally identifiable information is collected by, used by or transferred to agents as part of the business activities related to the visitor’s actions on the site, including to fulfill orders or to provide information or requested services.

- Whether you use cookies or other passive means of data collection, and whether such data collected are for internal purposes or transfer to third parties.

- What procedures your organization has in place for accountability and enforcement purposes.

- That your organization keeps personally identifiable information secure.

References: www.the-dma.org, www.privacyalliance.org, www.cdt.org

The following modifications have been made:

In a multiple-advertiser email, a single advertiser can assume the role of sole “CAN-SPAM sender.” The Final Rule issued by the Federal Trade Commission establishes that, when there are multiple advertisers in single email, a single advertiser can assume the role of sole CAN-SPAM sender if (a) the advertiser meets the requirements of “sender,” as defined under the CAN-SPAM act of 2003, (b) is the only advertiser identified in the “from” line, and (c) complies with all of the other original sender requirements imposed by the Act, including the requirements surrounding a “valid physical postal address.”

Senders must provide recipients with an easy, unburdened way to unsubscribe from a commercial email. Specifically, the Federal Trade Commission requires advertisers to allow consumers to opt out of subsequent commercial email messages from that advertiser without requiring payment, information beyond the consumer’s email address, “or any other obligation as a condition for accepting or honoring a recipient’s opt-out request,” including requiring a consumer to visit more than a single Internet Web page.
“Person” will be defined, for purposes of CAN-SPAM, as an individual, group, unincorporated association, limited or general partnership, corporation, or other business entity.

A “valid physical postal address” has been defined as “the sender’s current street address, a Post Office box the sender has accurately registered with the United States Postal Service, or a private mailbox the sender has accurately registered with a commercial mail receiving agency that is established pursuant to United States Postal Service regulations.”

It is important to note that the FTC did not modify the time in which a sender had to honor an opt-out request. Senders still have ten business days to honor such a request. The FTC agreed with the industry input that there is little evidence to suggest that the ten-day opt-out window was being used as an opportunity to bombard consumers with email.

Marketers need to be careful when applying the new regulations to everyday marketing practices and should consult with their own console.

Reference: www.outperformance-marketing.com, www.mondaq.com, imhe.blogspot.com

There are also private services that help can help manage privacy. Digitone is a small box that can be placed in your home or office and it will block any numbers you do not want to receive calls from. Along with specific numbers, Digitone will also block full area codes, cell phone numbers, unknown numbers, unavailable numbers and out of area numbers. Digitone can be purchased at www.digitone.com.

Privacy Fortress is a membership site that helps people hide their true physical address from public records, disappear from electronic databases, and have private safe bank accounts in the U.S. This service can be found at www.privacyfortress.com.

Reputation Defender dot com is a service that helps people manage their online reputation, their children’s online reputation and online privacy. With their service, they watch out to make sure most personal data isn’t anywhere that identity thieves, marketers or nosy people can find it. This service can be found at www.reputationdefender.com.

You deny dot com is an email encryption program that allows you to encrypt and decrypt emails without using a black box program. With black box programs, there is no way to make sure your emails are not being kept and decrypted by their services but with you deny dot com, you can see all of the code and be insured that your emails are only going to the people who should be receiving them. This online service can be found at www.youdeny.com.

10 things every marketer should know about CAN-SPAM:

1. CAN-SPAM applies only to commercial email.

2. CAN-SPAM can apply to email sent out by your affiliates on your behalf.

3. CAN-SPAM will not apply to email sent out by your affiliates on your behalf unless you know or should know, that the email is being sent in violation of CAN-SPAM and you stand to gain from it financially and you do not try to stop it.

4. CAN-SPAM applies to email for which the primary purpose is to feature your goods, services or content, even if you do not send the email yourself.

5. CAN-SPAM does not apply to third-party advertisers who advertise in your mailing.

6. CAN-SPAM does not require that you use confirmed opt-in for your mailings, however, it is one of the best defenses against accusation of a violation.

7. CAN_SPAM does not require ISPs to accept email which is CAN-SPAM compliant. ISPs are specifically exempt from claims that they must accept email if it complies with CAN-SPAM.

8. CAN-SPAM requires that all information in your email headers and body be true, accurate and not misleading.

9. CAN-SPAM requires you to honor those opt-out requests and to immediately cease sharing the user’s address even with previously agreed-to partners.

10. CAN-SPAM requires you to provide a fully-functioning means of return Internet based communication for the purpose of the recipient opting-out of your mailing. You have 10 day to complete the opt-out request.

References: www.ftc.gov/spam, www.ftc.gov, www.wikipedia.org