These days marketers need the stamina of a decathlete to execute truly multi-channel campaigns. Add to that a scholarly knowledge of legislation, regulation, best practice and preferably a data security credential or two. And if the boundaries of a campaign cross time zones, cultures and territories, then you face a challenge of truly Olympic proportions.
Because data legislation differs from country-to-country, keeping abreast of cross-border data compliance issues is an absolute must. Unfortunately, the process can be confusing, resource-heavy and, frankly, as dry as sawdust. Having recently rolled out a new international processing solution in partnership with Deutsche Post Adress and Postaddress Global, I’ve tried to grapple with a forest of international legislation and it’s still a constant learning curve.
To that end, I’ve compiled a list of basic pointers that could help marketers to avoid falling foul of international regulation.
Always ensure transparency by publishing your company’s policy on sharing personal data with third parties for marketing purposes. (This is a legal requirement within the EEA and several other countries are expected to follow in the near future.) It’s worth noting that the interpretation and implementation of the Data Protection Directive can vary even between EU member countries and is currently being amended.
Check that your security efforts are proportionate to legislative requirements. The brand damage which can result from playing fast and loose with personal information can be catastrophic.
Seek specialist advice each time you enter a new territory. This will allow you to get to grips with the wider regulatory environment for data handling/processing and security in each country. Exporting your data processing outside your own national borders won’t get you off the data regulatory hook either - especially if it’s to exotic (and increasingly popular) locales like India or the Philippines.
Under international treaties, the prevailing law remains that of the country of origin (ie. wherever you are). There are no cheap and easy shortcuts - the best bet is to select a reputable partner. Europe-based exporters sending data to the US should additionally familiarise themselves with the US Department of Commerce’s “Safe Harbor” self-regulated framework. Make sure you consult your lawyers and have contracts in place before embarking on any new ventures. (There is some good news - the EU Commission has sanctioned that New Zealand is a safe territory to exchange data with!)
Data acquisition, security, legislation and theft are all big ticket issues requiring urgent attention at both micro- and macro-levels by individuals, companies, government departments, law enforcement agencies, the media and community groups. In the current business and social environment, we’re all interconnected and accessible as never before. And with the immense commercial opportunity that this presents comes the need for industry responsibility that crosses borders.
As a data professional, I cannot stress enough the importance of working with an experienced, accredited partner before embarking on an international campaign. With the right information, the international data challenge is one that we can all rise to.