Guidelines for Ethical Business Practice: Digital Marketing | ANA

Guidelines for Ethical Business Practice: Digital Marketing


Article #1

A Mobile Service Commercial Message (“MSCM”) is a commercial electronic mail message that is transmitted directly to a wireless device that is utilized by a subscriber of a commercial mobile service. Marketers sending MSCMs messages should obtain prior express consent from recipients and should abide by CAN-SPAM, the Federal Communications Commission’s Wireless Email Rule, Part II, Section XII of these Guidelines, and any additional federal and state regulations.


Article #2
  1. Definition. This article refers to addressable commercial solicitations initiated online by marketers (or their affiliates); including commercial solicitations sent to an individual’s email address or another “direct contact point.” For purposes of this article, a “direct contact point” is defined as a user ID or other unique identifier at which an individual can be communicated with online or through a mobile internet device. This may include, for example, a text message number, personalized activity feed identifier (e.g., “twitter” ID), or user ID for postings on or to a personal social network profile page.

    Nothing in this Article or definition is meant to restrict or prohibit the use of aggregated or anonymized data pertaining to direct contact points, the use of profile data for online behavioral advertising (“OBA”), or online banner advertising.

  2. Channel Appropriate Consent:Marketers (or their affiliates) may initiate commercial solicitations online to customers or prospects under the following circumstances.
    • Individuals have given their channel-appropriate consent to the marketer (including, but not limited to, through the terms of a social media platform) to receive solicitations online; or
    • Individuals did not opt out after the marketer has given notice of the opportunity to opt out from receiving solicitations online; or
    • The marketer has received assurance from the third-party list provider that the individuals whose email addresses or other direct contact points appear on that list:
      • Have given their channel-appropriate consent to receive solicitations online; or
      • Have already received notice of the opportunity to opt out from receiving online solicitations and have not opted out, and DMA’s Email Preference Service (“E-MPS”) suppression file was used by the third party.
  3. Channel Appropriate Choice: Marketers should furnish individuals with the appropriate notice or a point of contact and an internet-based mechanism individuals can use to:
    • Request that the marketer not send them future online solicitations, and
    • Request that the marketer not rent, sell, or exchange their email addresses or other direct contact point data for online solicitation purposes.

If individuals request that they be added to the marketer’s in-house suppression list, then the marketer may not rent, sell, or exchange their email addresses or other direct contact point data with third parties for solicitation purposes.

The above requests should be honored within 10 business days, and the marketer’s opt-out mechanism should be active for at least 30 days from the date of the solicitation.

Marketers that rent, sell, or exchange personally identifiable information need to provide individuals with notice of a mechanism to opt out of personally identifiable information transfer to third-party marketers.

Solicitations sent via email should disclose the marketer’s identity and street address. The subject and “from” lines should be clear, honest, and not misleading, and the subject line should reflect the actual content of the message so that recipients understand that the email is an advertisement. The header information should be accurate. A marketer should also provide specific contact information at which the individual can obtain service or information.


Article #3

Marketers that use email for communication and transaction purposes should adopt and use identification and authentication protocols.


Article #4

Marketers should not install, have installed, or use, software or other similar technology on a computer or similar device that initiates deceptive practices or interferes with a user’s expectation of the functionality of the computer and its programs. Such practices include, but are not limited to, software or other similar technology that:

  • Takes control of a computer (e.g., relaying spam and viruses, modem hijacking, denial of service attacks, or endless loop pop-up advertisements);
  • Deceptively modifies or deceptively disables security or browser settings; or
  • Prevents the user’s efforts to disable or uninstall the software or other similar technology.

Anyone that offers software or other similar technology that is installed on a computer or similar device for Marketing Purposes should:

    • Give the computer user clear and conspicuous notice and choice at the point of joining a service or before the software or other similar technology begins operating on the user’s computer, including notice of significant effects* of having the software or other similar technology installed;
    • Give the user an easy means to uninstall the software or other similar technology and/or disable all functionality;
    • Give an easily accessible link to your privacy policy; and
    • Give clear identification of the software or other similar technology’s name and company information, and the ability for the user to contact that company.

*Determination of whether there are significant effects includes, for example:

    • Whether pop-up advertisements appear that are unexpected by the consumer
    • Whether there are changes to the computer’s home page or tool bar
    • Whether there are any changes to settings in security software, such as a firewall, to permit the software to communicate with the marketer or the company deploying the software, or
    • Whether there are any other operational results that would inhibit the user’s expected functionality

Cookies or other passive means of data collection, including web beacons, are not governed by this Guideline.


Article #5

Email address appending is the process of adding a consumer’s email address to that consumer’s record. The email address is obtained by matching those records from the marketer’s database against a third-party database to produce a corresponding email address.

A marketer should append a consumer’s email address to its database only when the consumer gives a marketer permission to add his or her email address to the marketer’s database; or

  1. There is an established business relationship with that consumer either online or offline, and
  2. The data used in the append process are from sources that provided notice and choice regarding the acceptance of receiving third-party email offers and where the consumer did not opt out, and
  3. Reasonable efforts are taken to ensure the appending of accurate email addresses to the corresponding consumer records.

Marketers should not send emails to appended email addresses that are on their in-house email suppression files. Marketers should not send Mobile Service Commercial Messages (“MSCMs”) to appended email addresses that belong to Wireless Handsets or devices unless the recipient has provided prior express authorization to receive such messages from the sender. A marketer should not sell, rent, transfer, or exchange an appended email address of a consumer unless it first offers notice and choice to the consumer. All messages to an email appended address should include a notice and choice to continue to communicate via email.

Marketers should have in place appropriate record-keeping systems to ensure compliance with these Guidelines.