Transcript Privacy Issues In Market Research

Privacy Issues In
Market Research
PL&B Annual
Conference
Cambridge, MA
22 August 2007
Duane L. Berlin, Esq.
General Counsel, CASRO
Principal, Lev & Berlin, P.C.
Lev & Berlin, P.C.
We’re the people who ring you at dinnertime
Quantitative – surveys
Qualitative – focus groups
Data collection methods
In-person — door-to-door;
mall intercept; focus group
facility
Telephone
Mail
Fax
Internet
Anonymous random samples
Third-party lists
Anonymity is a fundamental principle
Industry standards and
ethical codes of conduct
predate most privacy laws
Anonymity and data quality
go hand in hand
Personal information
stripped from data files
Responses reported in
aggregate to research
sponsor
Anonymity is a fundamental principle
Respondents’ personal
data may be disclosed to
research client or third
parties when:
Respondents consent
Information is used only
for research purposes
(e.g. no direct marketing)
Telephone response rates falling precipitously
Consumers bombarded with
unsolicited calls to their homes
In response, Do Not Call laws
and registries established in
several countries
Most of them do not apply to
survey research, but public
often does not make distinction
between survey research and
telemarketing
Telephone research becoming
more expensive to conduct
Internet-based research growing rapidly
Fast and inexpensive
compared to other methods
Most online research
conducted with “access
panels”
Consumers opt-in to
receiving periodic emails
from research firm, inviting
them to complete surveys
Panel members rewarded
for their time (e.g. cash,
points, prize draws)
Example of panel research recruitment website
Link to
Privacy
Policy
should be
on every
page.
Site should
use SSL
encryption
Panels and privacy
Panel research firms
collect and retain personal
data (e.g. contact details
and profile information)
Recruiting new panel
members may be
challenging in the future
Spam, phishing, spyware
and online identity theft
are causing consumers to
be wary about submitting
personal data at websites
Panels and privacy
To counter the threats
posed by Internet scams,
panel research firms must
demonstrate their
trustworthiness to current
and prospective panellists
Participation rates in online
surveys can be quite high
if panel is managed well,
including attending to
privacy concerns
Client-supplied lists
Customer or employee
satisfaction research often
conducted using lists
provided by client
Does your organisation’s
privacy policy permit
disclosures of personal
data to service providers
for market research
purposes?
Excerpt from Telus Privacy Code
We may disclose a customer's personal information to:
A company or individual employed by TELUS to
perform functions on its behalf, such as research or
data processing;
Any such disclosure of a customer's personal information
outside of TELUS is made on a confidential basis with the
information to be used only for the purpose for which it was
disclosed.
Client-supplied lists
Some respondents ask, “how
did you get my name and
number?”
Discuss with your research
partner how these requests will
be handled
Respondents may have a legal
right to know, but revealing the
name of the survey sponsor at
the start of the interview could
introduce bias
Client-supplied lists
Most clients rely on opt-out
consent for sharing their
customers’ personal data
with research suppliers
Opt-in consent strongly
recommended for sharing
customers’ email addresses,
owing to spam complaints
Even better, if possible,
clients should issue the
survey invitation emails to
their customers
Good example of client obtaining opt-in for research
Sending survey invitation emails
From: TNS on behalf of CLIENT <[email protected]>
To:
Rebecca Smith <[email protected]>
Subject: Complete CLIENT’s survey and receive a reward
for your time
Date:
Wed, 6 Jun 2007 10:51:10 -0500

In this example, TNS is sending survey invitations
from its domain to a client-provided list of email
addresses
Sending survey invitation emails
From: CLIENT <[email protected]>
To:
Rebecca Smith <[email protected]>
Subject: Complete CLIENT’s survey and receive a reward
for your time
Date:
Wed, 6 Jun 2007 10:51:10 -0500

In this example, Research Firm X is sending
survey invitations from its domain, but spoofs the
From address
Spoofing is not in anyone’s interest
• Major ISPs all use authentication systems to combat
spamming and phishing
• Sizeable proportion of spoofed emails are routed to
users’ junk mail folders, or carry warning messages, or
are not delivered at all
Questions to ask your research vendors
In addition to the standard privacy compliance questions that
you ask your market research vendors, find out from them:
Which industry trade associations
they belong to
If they participate in privacy
certification programs (e.g. TRUSTe,
IAPP’s CIPP) and privacy audits
The URL of their panel recruitment
website — review the privacy policy
Whether they are on ISPs’ whitelists
and adhere to industry best practices
for sending emails
Further Information:
Duane L. Berlin, Esq.
Lev & Berlin, P.C.
Phone: (203) 838-8500
Fax: (203) 854-1652
Email: [email protected]