FTC: Consumer Privacy Comments Concerning The Promotion Marketing Association of America--P954807
TELEPHONE 212 339-5400
WRITER'S DIRECT DIAL
June 6, 1997
TELECOPIED and by FEDERAL EXPRESS
Re: Supplemental Response to Document #57 in FTC Project # P954807
This letter and the enclosed survey will supplement the Promotion Marketing Association of America's submission to the FTC 's Request for Comments in connection with its Privacy Workshop, Project # P954807.
The PMAA received 15 responses to the attached survey. Eight members indicated that as of the date of their response, they did not have a website. The following seven do maintain a site and their policies with respect to information collection and use is described below.
One member in the food industry indicated that it collects for internal use only voluntary names, addresses, and dates of birth. It does not collect clickstream information. It uses collected information for market research only and does not sell data. Consumers have an opt-out option to prevent usage entirely. It does not send unsolicited e-mails and has developed its own guidelines for its program.
One of the members in the food retailing industry collects voluntary general information about the site - not individual information. It does not collect clickstream information. It uses information only to improve site. It does not sell data. It follows the BBB CARU Guidelines. It does not send unsolicited e-mails and has developed internal guidelines for the use of such data.
One of the world's largest personal consumer goods companies collects names, addresses and phone numbers in a "suggestion box" for refund/defective product purposes. It has specific product sites that solicit personal information such as hair, skin and eye color that is then linked to a user selected registration ID to make personalized product recommendations. Some sites collect mail/phone information for contests. Collected information is only used internally to better understand consumer preferences, habits and practices by demographic groups, and to improve the website. Data is never sold. Data submission is voluntary. It does not send unsolicited e-mails. Some internal sites ask whether the consumer would like to receive future e-mails about relevant product. It is aware of the CASIE and DMA Guidelines. It has developed its own internal guidelines, and includes a statement on the information submission form reflecting that policy.
A bank member collects information on a voluntary basis to allow consumers to create "Customized Home Pages" to explore personal financial scenarios, such as financial plans, purchases, etc. It requests names, addresses, and e-mail addresses to contact the consumer if a question or inquiry arises about the creation of the customized home page. It retains aggregate clickstream information to assess traffic to site sections. All collected information is used solely for internal purposes and information is never sold or rented. The company has developed its own Guidelines -- the purpose of which is to collect and better understand customer needs and preferences so that the company can offer better services. Customers are informed of the company's use of voluntarily submitted information. It does not send unsolicited e-mails and is aware of the CASIE and DMA Guidelines.
Two travel service members use their sites to allow consumers to inquire about, make, and pay for flight reservations. The sites collect names, addresses and credit card numbers. All information is kept behind a firewall. No clickstream information is gathered. It does not rent or sell information. No notice is given to consumers regarding the use of the data. It has developed its own internal guidelines. One of the companies offers the consumer a box to click if they are interested in receiving future sales and promotional information.
A discount retailer member does not collect personal data or clickstream information. It does collect information regarding a user's internet service provider, browser level, and last link (referring link). The data is used internally only to help design its site. It does not send unsolicited e-mails.
Very truly yours,
Marc S. Roth
New York, NY 10010-7304
Ronald S. Goldbrenner, Esq.
Date: April 1, 1997
To: PMAA Marketer Members
From: Ronald S. Goldbrenner,
Total pages Transmitted (including this transmittal
page) __ If you do not receive all
Re: FTC Privacy Workshop and Survey
URGENT - IMMEDIATE ACTION REQUIRED PLEASE RESPOND TO ENCLOSED SURVEY
(If you are not the person who can answer these questions, please immediately direct this to the proper person.)
The FTC intends to hold a Public Workshop devoted to exploring the issue of Privacy for consumer information, in one case particularly information collected over the Internet. In order for PMAA to participate we must have data referencing FTC concerns by April 10, 1997. Therefore, please forward your response to the survey to my office.
In June, 1996, the FTC held a Workshop on Consumer Privacy issues. It will revisit this issue and seek further information on how the industry is doing with respect to self regulation. A notice was published in the Federal Register on March 6, 1997, 62 Fed Reg. 10271 requesting comment. Every effort will be made to maintain the confidentiality of submissions, aggregate all data and destroy original submissions immediately, so that responding companies will not be identified individually. Individual case studies will similarly be prepared so as not to disclose the source and original materials will be destroyed.
PMAA will focus on Consumer OnLine Privacy.
Therefore, please answer the following questions as best you can. To the extent you have studies, surveys research or other empirical data please provide it with your answers.
1. On your Website, do you collect data
2. How do you use this data?
3. Do you follow any self regulatory guidelines with respect to privacy concerns for the people about whom data is collected? If so, which ones?
4. Do you have any survey information or other data about consumer's reactions and concerns about the data collected concerning them?
5. What notice is given to consumers on your website that data may be collected about them?
6. What notice is given to consumers about how that data may be used?
7. Are you aware of (a) the "Joint Statement on Online Notice and Opt Out" procedures , or (b) the "Principles for Unsolicited Marketing E-Mail" of the Direct Marketing Association and the Interactive Services Association.
8. Are you aware of the Privacy Guidelines set forth by CASIE?
9. Do you send out unsolicited commercial E-mail?
10. Do you have your own internal guidelines about use of data collected from users?
Thank you very much for your cooperation.