[Chapter-delegates] Notice: Privacy Policy and Personal Data / Email Opt-In

Todd M. Tolbert tolbert at isoc.org
Mon Sep 4 05:41:38 PDT 2017 

Good Day Chapter Leaders, 

 

First of all, apologies for the lengthy email, but the topic requires a bit of background…

 

Over the last nine months, a small focused team of ISOC Staff and our General Counsel have been discussing the need of ISOC to update our Privacy Policy. 

We looked at it from the perspective of maintaining personally identifiable information (PII) of our members while balancing our commitment to privacy in maintaining that data and adherence to numerous privacy laws around the world.

 

This presented us with an opportunity to review our data from the perspective of where we obtained it, and if had we obtained consent (opt-in) to have and use that data. 

We found that in many unintentional ways we were not living by the standards we advocate for, and we were most likely not going to meet the requirements of the EU GDPR and other laws in other countries around the world.  

 

The main issues are: 

1)    Our Privacy Policy had been out of date for some time and does not include up-to-date, best-of-breed standards that need to be met for legal and advocacy reasons.

2)    We had not received an implicit opt-in to send email to many individuals in our database.

3)    We have never asked for an implicit opt-in to hold and utilize PII.

4)    Where we had input non-member data for individuals, we have not been tenacious about recording where the data came from (business cards from meeting at events, etc). 

5)    We found that our methodology for opting OUT of emails or cancelling membership and removing PII would not pass any current legal review, including CAN-SPAM, CASL and the new GDPR (US Antispam Law, Canadian Anti-Spam Law and European Commission General Data Privacy Regulations).

 

We have completed a re-write of our Privacy Policy to meet or exceed many privacy laws and have published that statement of policy on 18 August. To facilitate this new policy, we rewrote some areas of the Membership Management Portal and the Email Preference Center and will be rolling those out as soon as possible.

 

Why is this important for ISOC? 

•       Legal compliance - GDPR and likely other laws around the world will require this at some point in the very near future.

•       Meeting our Ethical Data handling responsibilities as an organizational citizen on the Internet

•       Laying the ground work and asking permissions to collect more data about our relationships with members of all types so that we can better service the needs of the community.

 

And while not mission based, this work also gives us the opportunity for cleaning up our database in preparation for a new Association Management System (AMS) in 2018.

 

The final step for ISOC is to follow GDPR standard by asking all members to opt-in for email communication and opt-in to allowing ISOC to maintain PII in our systems.  The notification will start with the roll-out of our new Membership Management Portal which will happen in the next seven days.  The first time a member logs in to an ISOC web property (Connect, Inforum, Email Preference Center or the Membership Management Portal) we will ask for this opt-in. After InterCommunity 2017, we will start an active email campaign to request this re-opt-in to all member email addresses in our database.

 

At that time, we would like to hold some information sessions with the chapters on the next steps with regards to the opt-in process.  At this point we wanted you to be aware of the newly published Privacy Policy and the capabilities that will be available to all current members, new members and non-members in our database.

 

Thank you very much,

Todd

 

 

-- 

Todd M. Tolbert
Chief Administrative Officer
Internet Society

1775 Wiehle Avenue, Suite 201

Reston, VA 20190

E: tolbert at isoc.org
Zoom.us: tolbert at isoc.org

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20170904/2357b34e/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5213 bytes
Desc: not available
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20170904/2357b34e/attachment.p7s>

More information about the Chapter-delegates mailing list