Scott Swift, the Assistant VP of Claims with AXIS PRO Insurance returned to the DMA to talk to direct marketers about the laws around today’s marketing and advertising, and how to keep your business – and your clients’ businesses – out of trouble.  He covered a variety of digital and direct marketing channels such as: text & mobile marketing, data storage and use, celebrity endorsements (and non-celebrity endorsements), other digital advertising, and social media.

TEXT/SMS marketing – FTC and the Telephone Consumer Protection Act highly regulate text message campaigns. Additionally CAN-SPAM, the DNC and state and local regulations have governance on what’s allowed.  Many laws that are in place for email or telephone are even amplified for delivery on a mobile device.   Stay on top of laws and trends with an expert on mobile marketing:

Data Breach – Only PII exposure requires a very specific legal protocol for notifications –and a data breach is defined as unauthorized disclosure.  This can be unintentional (like a hacker), but could also be stolen or lost equipment (like laptops or cell phones that had the information on it), or even careless behavior.  PII is not usually addresses or email addresses or contact information – but it’s social security numbers, driver’s license numbers, bank information, credit card information, or health information.    Scott told us all that even if you don’t store this type of information for your clients, your company probably has some of it on the employees – so a data breach plan, including policies and procedures is critical.  And what’s more critical is actually following them.  Think you’re immune?  Think again! The 2013 Verizon Data Breach Investigation Report said that 40% of breaches happen to small businesses.  For a primer on how to establish a data breach plan, visit

Data Privacy – Invasion of privacy is defined as collection, use and disclosure of personal information not authorized by the individual.  This is usually things like circumventing a user’s privacy settings, collecting data without permission (like cookie data or social network data), or using personal information or internet browsing history to provide online behavioral advertising, without disclosing it.  It all boils down to not being shady.  Scott’s recommendations were:  Provide clear and conspicuous notice of what you’re collecting – not buried in the small print or on a separate document (like terms of use).  Provide opt-out at the time of the agreement, and also later if the user changes their mind (i.e., don’t make it too hard for them to change their mind later).  Last – require opt-in for all information you’re collecting, even GPS location data.  His advice “Don’t be Sneaky.”

Endorsements – if anything material is given to someone (celebrity or not) – if they write about it – regardless of channel, it must be disclosed as a paid advertisement.  This means that if you do a blogger outreach program or a Super Twitter user advocate program and provide your product for review, you must include your policy that they disclose that they received the item(s) for free.  (If they don’t follow it, then you’ve at least done your diligence).  Even in messages that have length limits (like text messages or tweets), this can be accomplished with a quick “#AD”.

Online Ads (any format or channel) If any of your advertising has disclaimers, or qualifiers or any other copy that must be included – then it needs to be clear and conspicuous.  Avoid putting it in small text, and far away.  (Don’t put it down at the bottom of the page in mouseprint!)  Just because it’s okay in printed versions, doesn’t make it okay in digital.  View that ad in a mobile device – do you have to scroll past several screens to find the disclaimer?  Then you’ve hidden it and made it hard to find.

Social – Know the difference between stating negative things in Fact format “This guy is on crack!” versus Opinion format “This guy is super hyper, I wonder if he’s on drugs”.   As marketer’s WE would never use Fact format, but our employees might, and if any argument can be made that they’re representing the company, we can be sued for defamation of character.    Scott warns us all to have a policy on employee use of social channels – (things like, if you talk about the company regularly, you can be seen as a representative).  Include language in your employee handbook that addresses what is allowed, and when the company can intervene or request removal of content.

His last piece of advice?  If it feels sneaky or wrong – it probably is.  But make sure you involve your legal counsel and your insurance when you draft your policies and procedures, know what to do in the event that something happens, and then FOLLOW those policies.