EU Data Directive, January 2012 update

On 26 January 2012, the European Commission released new proposals regarding the EU Data Protection Directive (95/94/EC) and e-Privacy Directive (2009/136/EC) which came into effect 25 May 2011.  The objective is to make the data protection rules more consistent across all EU member states, making it far simplier for international businesses to understand their data obligations and comply with the rules.

These laws apply to both employee and consumer personal information.

While stricter rules regarding cookies will be imposed, it is important to note PoliteMail does not make use of cookies for its email tracking and analytics.

Organisations will need to obtain “specific and explicit” consent from internet users to store information and must delete data unless there is a “legitimate and legally justified interest” in keeping it.  In the working group’s opinion on the question of consent, when consent is required from a worker and there is a real or potential relevant prejudice that arises from not consenting, the consent is thus considered not freely given and therefore not valid.

For tracking internal communications, (e.g. email and intranet pages), we have suggested employers may comply with these rules within their employment and labour agreements and within the context of privacy and/or technology use policies that explains the reasons for the collection and use of such data. The company should be clear about the reasons for data monitoring, and the extent is it is necessary to achieve a legitimate aim (see the closing paragraph for our rationale).

By no means claiming any legal expertise on the matter, we do suggest that companies are already collecting personally identifiable employee information simply by function of using their email systems. In other words, the employee email address, and what messages the employee has sent and received is already stored within the Exchange environment.  Certainly the PoliteMail email analytics data are additive to this.  Our system is storing another copy of the email address, and storing additional interaction data (open/click/fwd/reply) in relation to those email messages.

Certain types of data tracking and processing are not significantly intrusive.  The PoliteMail email analytics tool enables communicators to measure the effectiveness of their email communications and the ability to monitor if the resources being developed and deployed to support the organisation are in fact being utilised by employees. While the tool also enables communicators to take follow-up action with specific employees or groups of employees based upon their interactions (or lack thereof), we see this as reasonable use of data and not outside the interests of data protection or privacy compliance.

 

 

Compliance with EU Data Directive, Individual Privacy

Within the EU certain countries have strict privacy policies which may prevent you from compiling data at the individual level.

If you want to use PoliteMail to get the email metrics (opens,click, etc) but keep the individuals anonymous, you can accomplish that using Exchange Aliases for your distribution groups, and retain the ability to track the email, but not at the individual level.

This method requires setting up or changing your distribution groups within Exchange as Exchange Aliases, and hiding the members of those lists from the sender. Using this types of lists (which would be used like a individual email address such as “groupname@company.com”) PoliteMail treats the send a one email message. However, because Exchange will do the distribution, PoliteMail will track multiple opens and clicks for that one alias address. This prevents PoliteMail from tracking at the individual level.

Here is a a href=”http://technet.microsoft.com/en-us/library/bb125178.aspx”>Microsoft TechNet articleexplaining how to set-up those types of lists. The key step, hiding the membership, is shown below.

Exchange Alias List Hide Membership

Setting up an Exchange Alais Distribution list with hidden membership

Please note however, that you will lose certain features as a result of sending to these types of lists.

1. There is no personalization capability when sending to Exchange Alias lists with hidden membership. If you utilize the personalize feature, it will represent the alias for each individual.

2. As the primary Open Rate and Click Thru Rate email metrics are calculated as unique counts, these will always display at 100% for these types of lists, as PoliteMail only sees it as a send to one person (one email address), so even one open will result in a unique rate of 100%. However, the sub-metrics Multiple Opens and Multiple Clicks will provide you with the total interactions for the entire distribution.

3. There will be no segmentation or follow-up ability. Again, because the list is treated as one email address, the open/click results can not be segmented in any way, which prevents follow-up to sub-groups based upon their click-behavior (or lack thereof).

4. Mixed Exchange Alias sends with regular distribution groups sends (individualized) within the same campaign will result in erroneous metrics.

Despite these reporting limitations, if individual data privacy is paramount, then setting up Exchange Aliases for those distribution groups enables email tracking with individual privacy.

Can't Export to Excel – "Internet Explorer Cannot Download" Error Message

If you are trying to export a list of contacts to Excel, or Export a report to Excel, IE may give you the following error message:

This is due to a recent security update in IE, which can be fixed with a setting.

See the related Microsoft Article here: http://support.microsoft.com/kb/812935

Note: For Internet Explorer 9, please see the following KB article:

How do I connect the PoliteMail Server to my Exchange Server?

PoliteMail Server, whether internally installed or cloud-hosted, may be connected to deliver email direct to your Exchange Server. This is ideal for internal employee communications, as well as for keeping all email delivery within your existing email infrastructure.

PoliteMail enables hands-off Exchange integration, and email is delivered to Exchange via an SMTP Smarthost connection (sometime thought of as a mail relay).

The best way to accomplish this is to utilize the Exchange Management Console Edge Transport or Hub Transport Service and add a Receive Connector which may be isolated to a specific IP address and authenticated.

Here is a Microsoft Technet article which explains the details of how to set-up that receive connector.