Privacy & Preference Committee Update Ensuring a healthy ecosystem via transparency & trust

1. Privacy & Preference Committee Update Ensuring a healthy ecosystem via transparency & trust Date: January 13, 2009 Alan Chapell, President

3. The Privacy Professional’s Message

4. Why is this year different?

6. Why else is this year different? Mobile is Big… … and getting Bigger

9. “Chapell’s” Law As $$$$ increase … scrutiny also increases

10. Privacy & Preference Committee Membership

11. MMA Privacy Committee 2008 Goal: Globalize the Code of Conduct2009 Goal – Implementation GuideHow do we apply the Code of Conduct in real world situations?

12. Case Studies(how privacy, IP & revenue intersect)

13. Brand Advertiser Case Study The mobile team for a large consumer brand is putting together an SMS program. They’ve collected 1MM mobile #s in compliance with law and MMA standards. They are about to deploy their first wave of messages when the brand manager gets a call from legal with two questions • Did you scrub the list of mobile #’s against the DNC list? • Are there any children under 13 on the list? Legal won’t let the campaign commence until these questions are addressed… what now?

14. Mobile Cookies A mobile advertising network announces that they’ve developed a ‘cookie’ mechanism and are about to implement it across their network. A reporter from the trade press calls the company and asks: • Are these cookies tied to wireless #’s or other PII? • How does the user opt-out from these cookies? • Are the cookies stored on the device or on the server? No sympathy just because the cookie isn’t implemented yet

15. Mobile Gaming There’s a new mobile game that all the cool kids are playing – it combines ‘Risk’ with ‘Second Life’. The game knows the location of all players and serves targeted advertising via SMS based on location. You want your brand to advertise via this game. What should you consider? • Is the game targeted at children? (Cartoon Characters) • Does the game contain UGC? • How precisely does the game pinpoint location, and does the user understand that his location is available for ads?

16. Social Networking A consumer sends an SMS message (opting in) to a social networking platform to receive SMS messages about their favorite band. Who ultimately ‘owns’ the customer? Who owns the Data? • The Band? • The carrier? • The SN technology service provider? • The band’s Record label? • The User?

17. Data Collection A large media company is collecting names for a sweepstakes via SMS campaign. Most registrations are obtained via a web based landing page. Users provide their name, cell # and date of birth, and are immediately sent an SMS message confirming their entry into the sweepstakes. Someone enters their date of birth as May 4, 1997 and are sent the SMS message. • Did the media company violate the Children’s Online Privacy Protection Act?

18. Mobile Application A mobile technology company has partnered with a media company to offer a downloadable application that serves ads via SMS and other mechanisms within the phone. The application collects the User’s name, phone, email and a good deal of non-PII about the User. Some of that User information is shared with the carrier, the media company and various other technology intermediaries. • Who ‘owns’ the data collected via the application? • Who’s terms and conditions and privacy policy governs?

19. Carrier as Data Engine?

20. Clear messaging is more important than ever Esp given mobile’s Limited Real Estate

21. Thanks!MMA Privacy & Preference Committee Alan Chapell President Chapell & Associates 917-318-8440 alan@chapellassociates.com