« Personalisation Works | Chocolate Direct Mail »
The Australian Direct Marketing Association (ADMA) released a Regulatory Affairs Bulletin this week, which features concerning news regarding potential changes to Australia's privacy laws. The Australian Law Reform Commission (ALRC) has indicated that the changes to the Privacy Act 1988 that it is likely to recommend to the Federal Government will include:
Abandoning National Privacy Principle (NPP 2) and replacing it with a specific Direct Marketing Unified Privacy Principle (UPP 6) that fails to recognise the difference in relationships between organisations and their current customers versus prospects.
Broadening the working definition of direct marketing to include virtually all direct communication.
Making it mandatory for companies to tell current and prospective customers that they can provide fictitious names and details when dealing with them.
Making it mandatory for organisations to notify individual consumers, whether they have been contacted by the organisation or not, about all the information that the company has acquired about them, as soon as it has acquired it.
Introducing sweeping new data breach notification provisions requiring organisations to notify the Privacy Commissioner and affected individuals when personal information is 'believed to have been' acquired by an unauthorised person (e.g. a stolen computer or flash drive).
Making it mandatory for direct marketers to assess the age and intellectual capacity of consumers to give consent to receive direct marketing taking into account a consumer's 'maturity, injury, disease, illness, cognitive impairment, physical impairment, mental disorder' or 'any disability or other circumstance'.
...and that's just for starters. There are a host of other recommendations noted in the ADMA Bulletin that should raise a few eyebrows within the Australian direct marketing community, as these proposed changes will have a significant impact in how Australian marketers collect and use data.
It's important, however, to note that the majority of these recommendations protect the consumer from identity theft and unnecessary exploitation. With several major high-profile data breaches occurring in the United Kingdom and the United States which have collectively resulted in the loss of millions of people's personal information, it's only natural that the ALRC want to put preventative measures in place.
In addition, marketing organisations need to be more accountable in how they use customer data, there's plenty of unethical practice where many pensioners are exploited based on their age and sold products that they probably don't need or want. Laws which enforce corporate responsibility and ethics can only protect consumers. However, while many of these recommendations might sound logical, they have obviously been created by people who know absolutely nothing about direct marketing. I'm not sure how practical it really is to "assess the age and intellectual capacity of consumers". Marketers have a hard enough time getting their name and address, let alone enough data to make such a subjective evaluation on their intellectual capacity!
While ADMA are notably upset/outraged from the tone of their email bulletin, I'm not so sure this is worth loosing too much sleep over. My take is that the ALRC has proposed a stack of recommendations and they will just chuck this big ball of mud to the wall of Parliament House and see how much of it sticks. It's unlikely that all of it will. ADMA will certainly make sure of that.
Posted on Wednesday, 23 April 2008 at 4:20 PM | TrackBack: http://www.veedeepee.com/cgi-bin/mt-tb.cgi/123