Wednesday, January 28, 2004

"PIPEDA compliant" software

I am often perplexed by press releases and marketing speak that suggest that a piece of software can make your business "PIPEDA compliant" or "privacy compliant". I just came across the following (names are changed so that I'm not singling anyone out):

"XXXX upgrades e-mail marketing product

E-mail marketing service provider XXXX has released version XXXX of its e-mail marketing product, XXXX. The new release includes an improved spam-checker feature, certified compliance in support of Canada's new privacy law (PIPEDA) and significantly enhanced reporting capabilities."

What the heck does "certified compliance" mean? I looked at the company website and there was no certificate from anyone other than a web-seal of their privacy policy. No suggestion that their product has been certified as PIPEDA A-OK. I'm curious if my shoe can be "certified privacy compliant" since it doesn't collect, use or disclose personal information without written opt-in consent. The part that is particularly confusing in this release is the fact that their e-mail product includes what appear to be intrusive "enhanced reporting capabilities":

"Features of the improved reporting system include visual link tracking report (with colour-coding, marketers can now see where e-mail recipients have clicked in a visual representation of the actual e-mail that was sent) and drill-down reporting (all reports in the XXXX system now link e-mail addresses to a profile of that individual)."

Not only is privacy not a technology problem with a technology solution, it appears that an intrusive product that collects personal information without the individual's knowledge is being dressed up a privacy-friendly. Buyer beware!

No comments: