The Interactive Advertising Bureau (IAB) has issued its Email Data Management Best Practices, recommending that e-mail marketers send commercial e-mail only to those who have opted in to receive them, and include an option to unsubscribe. Not a surprise, as most in the industry considers this a best practice — including the FTC, as a part of CAN-SPAM legislation.
The IAB’s push for permission-based e-mail marketing can also include third-party e-mail marketing partners, as long as a customer is aware of to what they are opting in. To do this, the IAB recommends safe data collection procedures and list building. The IAB stresses the importance of opting out customers across lists, once they have opted out of one. In addition, the bureau recommends that advertisers should perform due diligence to understand how their partners their data collection procedures and build this into contracts prohibitions.
When it comes to data security, the IAB recommends that senders “should use a one-way encrypted hash to encrypt suppression files that are shared with third parties that send on the sender’s behalf, or a third-party bonded mail house” to protect consumers. This can be accomplished through MD5 technology, instead of using plain text.
The IAB also encourages advertisers to seed suppression files used by their publishers on a regular basis to validate proper usage, and recommends using list scrubbing technologies to address this issue.