Canada’s FISA (the Fighting Internet and Wireless Spam Act) Bill went into law on December 15.  Its new requirements apply to anyone sending Commercial Electronic Messsages  from Canada or to someone in Canada.  FISA will apply to Canadian and international organizations sending email, SMS, instant messaging and social media/networking communication.

The biggest difference between FISA and CAN-SPAM is FISA requires opt-in consent before marketers can send a CEM.  FISA also accepts circumstances of implied consent, including when the sender has an existing business relationship with the recipient.

While CAN-SPAM requires a company postal address, FISA requires address information along with the identity of the person who is sending the email message.  If the email is being sent on someone’s behalf other than the sender, the name of that person needs to be included.

There are similarities between FISA and CAN-SPAM.  They both require easy and clear unsubscribe mechanisms.  The unsubscribe requests must be honored within ten business days.  Both guidelines  say Marketers cannot use address harvesting or dictionary attacks to generate lists.

As the Federal Trade Commission and Commerce Department recently released reports on the best privacy practices, it is important that the government looks at ways to improve international cooperation.  Creating unified privacy and compliance laws across different countries will create more focused marketing messages and an improve internet user experience.

FISA may not go into effect until September 2011.  For more information on FISA along with an excellent guide on how to become compliant with the new law, head over to Return Path.

The Commerce Department released a proposal on Dec. 16 calling for the development of a privacy office within the agency and for enforceable codes of conduct for data companies and advertisers that track Internet user data.

The Commerce Department’s Privacy Policy Office would help in enforcing the codes of conduct.  The report says commercial privacy policy “must be able to evolve rapidly to meet a continuing stream of innovations.  A helpful step would be to enlist the expertise and knowledge of the private sector, and to consult existing best practices, in order to create voluntary codes of conduct that promote informed consent and safeguard personal information.”  The report wants to “…streamline industry compliance, and allow businesses to develop a strong, nationwide data management strategy.”

The report did not endorse or criticize the Federal Trade Commission’s “Do Not Track” report issued earlier this month.  Instead, it seeks further comment on how the agency can “best encourage discussion and development of technologies such as “Do Not Track.” The Commerce Department also wants comments on how the privacy principles should be enforced, whether the FTC should be given authority to issue more detailed rules and whether privacy legislation should include the right for consumers to sue over privacy breaches.

The report also calls for improved international cooperation on privacy.  It says, “The process of trying to comply with the different privacy regimes around the world can be time consuming and costly for U.S. businesses.”

It is great to see government agencies acknowledging the need for an Internet privacy leader that can evolve and enforce privacy policies.  As more social networks allow for more connectedness however, we can only hope the FTC’s and Commerce Department’s plans are not too little too late.

While the suggestions made by the Federal Trade Commission last week are no where close to legislation, they have already impacted one of the most popular web browsers, Internet Explorer.  Microsoft announced on December 7 a feature for Internet Explorer 9 that will let users limit the ability of third party companies to track them online.

The new feature, called Tracking Protection will allow users to create lists of trusted web sites and domains allowed to track their information.  Tracking Protection would then identify and block third parties from collecting and exchanging data through cookies and other tracking mechanisms.  While tracking allows for more personalized, relevant ads, Microsoft is giving consumers a way to block that tracking altogether.

Jon Leibowitz, the FTC chairman was encouraged by Microsoft’s move and said in the NY Times, “Microsoft deserves enormous credit for taking a critical step toward providing consumers with more choice about who can track their online browsing.”

While advertisers will have to rethink their deliverability strategies, privacy experts will have to keep up-to-date Trusted Tracking Protection lists.  Privacy policies are likely to broaden and change, and it is up to Tracking Protection programs and privacy experts to keep their users informed.

This is a step in the right direction and it will be interesting to see how other browsers respond, and if privacy and online advertising can co-exist at all.

The Federal Trade Commission issued a report on December 1 calling for a “Do Not Track” mechanism in consumers’ web browsers so they can choose to have their actions monitored online.   The report, “Protecting Consumer Privacy in an Era of Rapid Change” aims to be the first step in achieving a balance between the importance of user privacy and the need for innovative online products and services.   FTC Commissioner Jon Leibowitz said the report “is not a template for enforcement…At this point I think we’re making recommendations for best practices.”  While Privacy advocates are loving the report, the $23 billion online ad industry is not.

Restricting advertisers to track data regarding online searches and other browsing activities could result in an increase of unwanted advertisements and the loss of free content that is paid for by advertising.  Mike Zaneis, Senior Vice President at the Interactive Advertising Bureau said in the  Wall Street Journal article, “Web Privacy ‘Inadequate’” that consumers wouldn’t benefit from turning off tracking because “consumers depend on sharing data… to customize news sites, optimize Web services such as social networks, and provide relevant content and advertising across the Web.”

The report also recommends that companies improve their privacy policies.  Most of these found on the bottom of websites have become far too long and complicated.  Even if consumers do read it, it is not easy to understand or see how it applies to their usage of the website.

A factor that should not be overlooked is consumer education.  While these policies are not legislation yet, the online marketing industry should ensure its consumers are aware of commercial data practices and the choices available to them.

The FTC will accept comments on its proposals through January 31, 2011 and will issue a final version of its report later in 2011.

The US Commerce Department is also planning to release a report containing online privacy recommendations soon.   And it may contain ideas conflicting with what the FTC proposed.  Stay tuned for updates.