Data Transfer and Security Best Practice Principles for UK-based businesses that collect and use data for online lead generation
Size: px
Start display at page:

Download "Data Transfer and Security Best Practice Principles for UK-based businesses that collect and use data for online lead generation"

Transcription

1 Online Lead Generation: Data Transfer and Security Best Practice Principles for UK-based businesses that collect and use data for online lead generation Version: 1.1 Released: 10 March 2011 Updated: 02 August 2012 Developed and endorsed by the IAB UK Lead Generation Council 14 Macklin Street London WC2B 5NF

2 Introduction This document is to provide a basic overview of the best practices and issues facing the transfer of data in the online lead generation sector. This is not a definitive guide, nor the final version of this document, but is intended as a plain English guide to companies working in the field of online lead generation. It has been produced by the IAB Lead Generation Council to assist advertisers and publishers who wish to quickly review their data transfer methodology and benchmark it against the industry standards being set by the IAB Lead Generation Council. When a third party is involved in data capture and data transfer, a party that is not the lead subject nor the advertiser, this party has national and international legal responsibilities towards both the subject and the advertiser. There are also additional commercial responsibilities that are beneficial to the fast growth of the online lead generation sector. This document is a starting point for all practitioners seeking to implement or deliver best practice to their data transfer processes. Quick Summary Use Live feeds for data transfer wherever possible Batch file transfers are susceptible to discrepancies and increase data security risks Data storage should match the standards of the data owner and the requirements of the law Copyright: Internet Advertising Bureau page 2

3 Data Transfer Live feed data transfer The IAB Lead Generation Council concur that best practice in data transfer requires the implementation of a live feed between the data seller and data buyer, which should wherever possible be conducted without delay. The primary benefit to the seller of leads is that a receipt can be issued by the buyer for each lead received. The seller can record the receipt on the seller s lead delivery system, and record any declines made in real time too. The primary benefit to the buyer of leads is that leads are received faster, enabling improved lead response times for the buyer, who can act faster on the lead, and reach the subject while they are still interested in the advertised product/service. Put simply, live feeds of data between buyer and seller enable each individual lead to be sent, received, and for the sent and received events to be logged. This leads to faster reconciliation, and simplified deal management and accounting for both parties. Methods for live feed transfers The standard method used between buyers and sellers of leads is currently the https method of data transfer. Put simply, the seller of leads sends each lead individually to a secure http location. Both post and get methods can be used. There are additional methods being used in the UK and wider marketplace, including the use of soap/xml, but the principles remain the same for all these methods. The objective is to secure the data during transfer, and to implement a process that enables the sending system to record the sends, and the recipient system to respond to the sending system with response codes that reflect safe acceptance of the data record. The primary benefits associated with live feed transfers are as follows: Only one lead is transferred at a time, reducing the risks of data loss in the event of system breakdown or security breach If something is wrong with the data being sent, then response codes can raise the alert to the sending system, enabling any issue to be swiftly resolved by the sender. Of course, this only works if the sending system actually raises an alert to personnel. Response codes from the receiving system effectively provide a digital receipt for each individual unit of data being transferred. Given that each Copyright: Internet Advertising Bureau page 3

4 unit is being sold and bought, there is a financial value to each unit and receipt ticketing makes sound commercial sense. In summary, the use of live feed protocols, together with issuing and receiving receipts, sensible alerts, and archiving of the transference events, leads to more sound commercial foundation for the selling and buying of internet leads. Overwhelmingly, live feed transference of data is deemed by the IAB Lead Generation Council to represent best practice when compared to any of the other methods outlined below. Batch data transfer In simple terms, batch delivery refers to the sending of multiple leads in a single event. The reasons why the batch method for delivery of leads is less favoured by the Council are as follows: If the sender batches up and sends 10,000 leads to a buyer, and the buyer does not provide any acknowledgement that 10,000 leads have been received, there is an increased likelihood of discrepancies and disputes arising between seller and buyer of leads. These issues will slow down the growth of the online lead generation sector. Overwhelmingly, issues associated with data loss and data theft occur when batches of data are being handled by individual members of staff in form of data loss, errors and breach of data privacy regulations. In reality, most batches are sent using in CSV files (or excel files) and require human intervention during dispatch preparation and during receipt handling. The personnel involved in sending and receiving are generally working in Microsoft PC environments, sometimes with internet connectivity, and may be able to remove copies of the data using USB memory devices. Copyright: Internet Advertising Bureau page 4

5 Methods for improving batch transfers The Council recognises that batch transfers remain prevalent in the current market, and wishes to drive the market towards Live feed data transfer. Under these circumstances the Council recognize the following practices of batch transfers to reduce the risk of data theft or loss: Encrypt all batches of data using a level of encryption that is in keeping with the local or regional or international laws relating to the geography of the sender and the receiver of the batch files Ideally, use PGP or GPG encryption, set to the highest grades, and recommend that transferring parties exceed minimum legal requirements. Wherever possible, automate the compilation and encryption of the batch, thereby removing an unnecessary stage of human intervention. Ensure that the data is delivered to write only end points, and that the IP range of the sending system is known and approved by the receiving party. When using password protected zip files, be careful to ensure that such protection meets the legal requirements for protection, and consider the physical PC environment of the location at which the file is unzipped. Use secure FTP rather than standard FTP to further enhance the security of the data transfer. Generally speaking, the Council does not advocate the use of systems for the delivery of data, and does not advocate the use of batch methods of data transfer. The process of returning unaccepted lead data is also something that the Council believes increases the risk of data breaches. It is recommended that rejected leads are rejected using some form of lead identifier that does not require the transference of any personally identifiable information. Data Storage The IAB recommendations on data storage and required security levels can be summarised quite simply. It is advisable for all companies involved in online lead generation, who are required to store data as part of their activities, to store client data using the equivalent security levels used by the advertiser or ultimate data owner. In the event that a company cannot provide the equivalent security levels, the IAB recommends that such a party should notify the client clearly and directly regarding their arrangements. Copyright: Internet Advertising Bureau page 5

6 The IAB recommends that storing parties consider what data is being stored, whether the data set represents personally identifiable information, and consider whether the data contains sufficient financial information as to bring it within the remit of the Financial Services Authority. Specifically, the company storing data should confirm in plain English their ability to manage associated data risks as follows: Physical access to the data should be restricted at all times. Access to physical data should not be provided to unauthorised personnel, and should only be provided on a needs only basis. For example, no personnel should be enabled to obtain physical access to the hardware without passing through a considered security check, comparable with any checks and controls required by the data owner. Network and remote access to data should only be provided to known parties, and password controlled access points should be subject to predetermined procedural controls. For example, if a remote access point is provided, the storing party should limit remote access to predetermined IP ranges, ensure all such access points utilise passwords of restricted term, as comparable with any access controls and password controls required by the data owner. Employees working for the data storage party should be briefed in accordance with the data protection policies of the advertiser, wherever possible, and should receive limited access under similar controls to the access granted to staff by the ultimate owner of the data. The data should be stored in an encrypted form at all times, utilising the same or enhanced encryption methodology to that used by the ultimate owner of the data. In accordance with local (UK) and regional (EU) legislation, it is the responsibility of the storing company to advise the data owner of the geographical location of the data, in order that the data owner can ensure all legal requirements pertaining to such legislation are being met. Put simply, if a data owner is allowing data to be stored outside the EU, IAB best practice states that it is the responsibility of the storing party to advise the owner of the location, and for the owner to then ensure that legislative requirements are met. What the IAB Best Practice guide is seeking to avoid is the storage of data in scenarios which reduce the data protection standards of the ultimate data owner, and that all necessary discussions and disclosure are completed to ensure that compromises on data protection are not made. Copyright: Internet Advertising Bureau page 6

7 It is widely acknowledged that whilst the majority of lead buyers and sellers involved in the IAB Council on Lead Generation are not audited for compliance to data protection laws, the Council wishes to promote the issues of data security to all parties, enhancing the education and increasing the awareness of the issues facing the sector. The Council currently believes that the responsibility to ensure data storage is compliant lies with the data owner, whose representatives should ask the necessary questions and ensure that any and all Terms and Conditions and Privacy policies are not contradicted by the commercial practices of intermediary parties. Whilst this caveat emptor approach reflects the current market state, the Council is promoting openness on the part of the storage party, and a willingness to discuss and resolve these issues in good faith when they arise. For more information contact: Clare O Brien, IAB Programmes Consultant: clare@iabuk.net Copyright: Internet Advertising Bureau page 7

Similar documents
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information