Archive for the ‘Data(List) Marketing’ Category

New Australian Privacy Principles: Be prepared or face tough penalties

Tuesday, January 28th, 2014

12 March 2014. It’s the day the new Australian Privacy Principles come into force. There are new rules and strong penalties for breaking them. Read on to find out more about how the changes impact marketers.

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 amends the Privacy Act 1988, replacing the ten National Privacy Principles with thirteen Australian Privacy Principles – including one specifically relating to the use of personal information in direct marketing.
The Australian Privacy Principles will replace the existing National Privacy Principles from the 12th of March 2014

Schedule 3 of the current Privacy Act 1988 contains ten National Privacy Principles (NPPs), which will be replaced with the Australian Privacy Principles (APPs) from the 12th of March 2014. Although the content of the thirteen APPs is largely similar to the existing NPPs, more specific requirements in relation to privacy policies, cross-border disclosures and access to personal information, as well as a principle that deals solely with direct marketing, have been added.

With new penalties of up to $1.1 million for company breaches of the Act, and some advisors claiming that penalties could be up to $1.7 million, it’s important to be aware of the changes and adjust corporate policies and procedures to comply.

Australian Privacy Principle 7: Direct Marketing

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 includes Australian Privacy Principle 7, which focuses on direct marketing and privacy. This is in contrast to the current NPP dealing with the use and disclosure of personal information that lists direct marketing as a potentially secondary use of collected data.

The existing NPP 2.1 states that an organisation must not use or disclose personal information about an individual for a secondary purpose unless one of the listed exceptions applies. Some of these exceptions include where:

  • - the secondary use is directly related to the primary purpose of collection and the individual would reasonably expect the organisation to use or disclose their personal information (2.1 (a))
  • - the individual has consented to the use or disclosure of their personal information (2.1 (b))
  • - the information is not sensitive information and the use of the information is for the secondary purpose of direct marketing (2.1 (c)).

The new, more specific, APP 7.1 states that “if an organisation holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing”. However the APP 7 subclauses also set out a number of exceptions where direct marketing uses are permissible. Organisations can use the personal information (other than sensitive information) they have collected from individuals themselves if these individuals would reasonably expect their information to be used for that purpose and there is a simple and free opt-out mechanism in place (7.2).

Under APP 7, organisations can also use personal information (other than sensitive information) obtained from a third party for direct marketing, or information that individuals would not necessarily expect to have used for that purpose, if:

  • - the individual has consented to the use or disclosure of the information for that purpose or it is impracticable to obtain that consent (7.2 (b)); and
  • - the organisation provides a simple means by which the individual may easily request not to receive direct marketing communications from the organisation (7.2 (c)); and
  • - in each direct marketing communication with the individual the organisation draws attention to the fact that they can opt out of the communication (7.2 (e)), and provides a clear and easy way of doing so (7.2 (d)).

Sensitive personal information, such as the individual’s race or ethnicity, their political beliefs or health data, may only be used for direct marketing if the person has agreed to the information being used for that purpose (7.4). Furthermore, if an individual requests not to receive direct marketing communications from the organisation, or requests that their personal information not be shared with other organisations for that purpose, the organisation which collected the individual’s information must “give effect to the request within a reasonable period” (7.7 (a)). Of course, APP 7 will work in correlation with other privacy laws, with the Do Not Call Register 2006 and the Spam Act 2003 taking precedence (7.8).

Border protection

Another important change to the Privacy Act 1988 which could affect direct marketing practices is in regards to the sharing of personal information with overseas entities. APP 1 states that in an APP entity’s privacy policy, not only should the organisation fully disclose the kinds of personal information it collects and how it is stored, but it should also clarify whether it is likely to disclose information to overseas recipients (1.4 (f)), and if so, in which countries these recipients are likely to be located (1.4 (g)).

Also relating to the cross-border disclosure of personal information, APP 8 builds on the existing NPP 9 but increases the responsibility of organisations to ensure that the overseas entity has similar privacy principles to the APPs. APP 8 states that before an organisation transfers an individual’s personal information to an overseas recipient, it “must take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles (other than Australian Privacy Principle 1) in relation to the information” (8.1).

There are a number of subclauses that allow for exceptions to APP 8.1, including the informed consent of the individual for their personal information to be transferred to the overseas entity (8.2 (b)), or the organisation’s reasonable belief that the overseas recipient is subject to a law or binding scheme similar to the APPs and that this law or binding scheme is enforceable (8.2 (a)).

The APPs’ more detailed and prescriptive requirements protect and enhance the rights of individuals over their personal information, as well as increasing the responsibilities of organisations. For direct marketing businesses and users, it’s important to be aware of the amendments to the Privacy Act 1988 and how it will affect your privacy practices and data collection.

For a detailed analysis of the Amendment’s changes, the Australian Government has produced a comprehensive comparative guide outlining the differences between the NPPs and the APPs.

To ensure your organisation’s data privacy policies and practices are up-to-date and address the APPs, make sure you can complete this Data Privacy Compliance Checklist.

ADMA Announces New Privacy Laws

Monday, December 3rd, 2012

ADMA logo

Big Changes on the Horizon for  Data-Driven Marketers

ADMA has announced that the new Australian Privacy law  passed by Parliament on Thursday is due to come into effect on 24 March 2013.

The law will introduce changes to how marketers and advertisers can collect, use, hold and disclose customer information and other personal information relating to prospects and individuals.

Due to ongoing lobbying by ADMA and ADMA member companies, the Government made some last minute changes to the new law before it was passed to reduce the impact of the legislation on marketers and advertisers. In particular, the Government:

  • - Removed the statement that DM is prohibited and replaced with a new statement that clarifies that DM is permitted within certain parameters.
  • - Reduced the requirement to include opt-out notices in all marketing communications.
  • - Limited the need to offer customers the ability to engage under a pseudonym.
  • - Reconfigured the requirements on overseas transfer of data.
  • - Extended the period of time that companies will be given to comply from 9 months to 15 months. (Starting 24 March 2013)

Although ADMA is pleased that the immediate issues facing marketers and advertisers were addressed, it considers that, in general, the law is out-of-touch and out-of-date and will become an increasing hindrance as we continue to move to a data-driven digital economy.

Also, there are still concerns with how the law will be interpreted and enforced. The remaining concerns include:

  • - The new definition of ‘personal information’ could result in the Privacy Act now applying to information that is currently not considered ‘personal’. For example, certain information collected through cookies and types of Big Data.
  • - The new rules require marketing communications to include an opt-out notice (including to existing customers) in all cases where the marketer has used data collected from a third party.
  • - This could include, for example, where a marketer has appended data to a customer database; extracted customer information from a social media site; or used behavioural data from a third party site.
  • - Fines of up to $1.1m apply and it remains unclear whether this is calculated on a per ‘incident’ or per ‘record’ basis.

ADMA will be drafting guidelines for marketers and advertisers to clarify the new law and assist with compliance and will also produce a webinar series and education course to assist businesses interpret the provisions and how they apply to traditional channels, online, social media and mobile.

For more information please visit WWW.ADMA.COM.AU

Q Ltd launches Great Sites

Thursday, March 10th, 2011

great sites logo

Today our parent company, Q Ltd has  launched a brand new membership website, the first step in the development of a comprehensive online membership portal which will feature an enhanced and expanded offering for members and advertisers.

Great Sites is an expansion of Q Ltd’s original The Great Australian Survey and for it’s 500,000+ members.  The new portal will continue to reveal a range of new features over the coming months .

Members visiting the site will have access to competitions, offers, shopping, entertainment and research surveys. There will be more prizes and a focus on social media integration and engagement with and between members.

Jon Ostler CEO of Q Ltd’s digital asset development division QEDigital said,

“We have seen many rapid changes over the last three years with an increasing number of membership based sites playing in our space as well as the increased use of social media, one day deals and group buying sites by our members. We intend to respond to these changes to further position ourselves as leaders within the media space.”

Great Sites will offer improved options for advertisers including enhanced marketing data verification and quality controls, more members to target, higher response rates and additional contemporary advertising options including advanced targeting, co-registration and various research services.

The new portal  is based on a .NET CMS (content management system) and CRM (customer relationship management) platform which will support rapid development of new capabilities in response to rapidly evolving member requirements and online behaviours.

Q Ltd has also launched versions of GreatSites in the UK and New Zealand which will be available for advertising, affiliate and research opportunities from the 3di team.

contact us for more information on

1300 806 986 or

Online Channels for Direct Marketers (ADMA)

Wednesday, July 28th, 2010

Jon Ostler CEO of Q Ltd (Sydney) presented an overview of online marketing channels and techniques relevant to the Direct Marketer at the ADMA conference this week. In the presentation he reviewed a wide range of topics including;

  • Data marketing via Email
  • Data marketing via Ad Networks
  • Performance Media
  • Search Engine Marketing
  • Conversion Rate Optimisation

Presentation – PDF