Security
On-Demand Capacity
Business Continuity

Data Privacy Service

Extreme Flexibility
Demonstrably Simple
Continual Improvements


  topic image  

Legal Framework:

The world has changed as regulations evolve in how email and related message services can be used to communicate with customers, suppliers, prospects and business associates.
1. PECR: UK Privacy and Electronic Communications Regulations 2003 and related European acts.
2. DPA: European Data Protection Act 2010.
3. SPAM: USA CAN-SPAM Act 2003 (because so many people in Europe use USA owned email services).
4. RIPA: UK Regulation of Investigory Powers Act 2000 (need for encryption).

  topic image  

Glossary:

Message in this page shall mean any kind of electronic message or email.
Quotation messages are like all other kinds of marketing messages and are subject to direct marketing regulations.
Invoice messages transactional, not marketing and not subject to direct marketing regulations.
Kind of message; "Transactional" in the course of some agreed mutual business and "Marketing" as all other messages.   Exemptions include: religious, political and national security messages.

  topic image  

Obligations:

The company is legally responsible for all messages to its customer contacts with regard to:-
1. Content of all messages must be appropriate so it does not offend the reader.
2. Security of company confidential information must be provided with encryption and other means.
3. Opt-In evidence trail must be maintained to prove that the customer contact opted-in to receive the information.
4. Opt-Out or unsubscribe methods must be provided with every electronic message.
5. Evidence of every message must be retained and a court can demand a copy of every message relating to a named person.
6. Disclaimers must be applied to every message unless the message is a reply already contains the disclaimer.
7. Maintenance is needed to identify obsolete email addresses and record when real addresses are actually used.
9. Complaints must be handled by Executives according to documented procedures.

  topic image  

Internal Messages:

This paper has focus on external messages to people in other companies, however must of the legal framework applies equally to internal messages.   It may be easy for a sales person to comment that a competitors product is rubbish, but this can lead to substantial damage claims on the company.
The content of every message must be of a good quality that you can be proud for it can be shown on the 6 pm news.   Where a message is of a low quality, then it may be shown on the 6 pm news - everything in a message will be recorded and may be used against the author and their company.
A number of professional victims have identified that they can claim damages by being offended and being distressed by ad-hoc messages sent by unsuspecting companies.

  topic image  

Key Disclosure:

Also known as "rubber-hose cryptanlysis" where encryption secrets are extracted by coercion in accordance with RIPA.   LeXica Ltd purposefully disclose that no one person holds a complete encryption key.   At least three system administrators must cooperate together at the same time to gain access to any encryption key or any business data.   The objective is to ensure that LeXica Ltd people and families are not placed in harms way of a criminal attack to gain access to business data.
Data Sovereignty: ACRM data is only subject to UK law - Data is encrypted in European-Owned data centres that are subject to European Data Protection laws and not subject to USA laws.   Only a UK court order on three of more LeXica Ltd system administrators could cause business data to be disclosed.

  topic image  

Private Messages:

Theoretically, regulations concern company messages and not private messages, however what one person imagines as a private message, other people may imagine to be a business message.   To be safe, the same guidelines should be followed with a degree of flexibility, depending on how private the message is.   Increasingly, people are claiming damages against other people because of what they put in an electronic message.   Increasingly, people are being taken to court for something they said as a joke, but was interpreted by others as offensive.
A safe solution is to use ACRM for all private messages that are of a similar quality to business messages.

  topic image  

Notes:

ACRM includes a discount code (or coupon) for retail prospects - just to say thank you.
ACRM messages may be changed (or cancelled) after they have been sent and before the person has viewed the message.
ACRM messages may have an assigned life cycle before they expire.

  topic image  

Track and Trace:

ACRM has a unique track and trace domain (*.info) that stores a one pixel image with a name that resembles the contacts email address.   The activity log for this domain is monitored in real time to detect when one of these special images is viewed.   The CRM for the applicable email address is updated with the date and time when the image was viewed.

  topic image  

Data Privacy Service:

ACRM is a world leading Data Privacy service provider - information feeds to people can be protected and managed to the full extent of all European regulations.   Companies who do not deply a comprehensive data privacy solution and continue to send emails to people without adequate opt in-out capabilities will be fined by the UK Information Commissionaire up to 5% of their global revenue.

  topic image  

Information Commissionaire Office:

ACRM can only send emails wheere consent has been knowingly given, clear and specific - it must involve some form of positive action, for example: ticking a box or clicking on an icon - and the person must fully understand that they are giving consent.   The clearest way to obtain consent is to ask the person to tick and opt-in box confirming they are happy to receive marketing messages from the business.   The business must keep clear records of what the person had consented to, and when and how this consent was obtained, so that the business can demonstrate compliance in the event of a complaint.
 
  topic image  

1a. Content Law:

Message contents must not offend the reader.   Employees do not own the content of any business message - the company owns and is fully responsible for the content.   Every message should contain a company copyright notice and applicable disclaimers as approved by Executives.   The company must recognise that every message exposes the company to legal threat and potential claims for damages.
The law demands that the "FROM" address is correct and relevant - all message validation is based on this from address.   The law demands that a message cannot be sent without an unsubscribe option.   The law demands that a message must contain at least one sentence.   Every message should include the company name and address with registration country and number.   Laws are based on the recipients country, not the senders country.   A casual comment that a competitors product is rubbish can lead to massive damage awards - even in an internal email.
The law permits a company to inspect and monitor all employee business messages.   Contractual obligations in messages are binding on the company.   Defamatory content in messages can cause the company to be liable for damages.   Offensive content in messages can cause the company to be liable for damages.   Intellectual property such as photos in messages can cause the that property to be in the public domain and no longer the exclusive property of the company.

  topic image  

1b. Content Solution:

Every message must be a standard template that has been approved by Executives and does not contain any ad-hoc text that could be imagined by others to be offensive.   Every message must be retained in a document format that can be easily read for the next seven years - nothing proprietary.

  topic image  

2a. Security Law:

Data Protection regulations demand that private and confidential information must not be disclosed to third parties, including Internet Service Providers (ISP) who are obliged to copy all Internet traffic.   Public email services are not secure and never will be secure - they cannot comply with basic Data Protection laws.   An encrypted message attachment may comply with Data Protection regulation, but that would involve an exchange of private keys between the parties.
Traditional email services can be equated to a postcard where its contents will be read and may be copied by many Internet nodes.   It would be illegal to send a traditional email to a person containing confidential business information where that information is not encrypted or secured using a similar method.
Traditional email services that push and store confidential business messages on smart phones and portable devices that may be stolen or lost would be illegal.   Companies have suffered massive fines when a laptop containing business data is targeted and stolen by criminals.

  topic image  

2b. Security Solution:

ACRM sends every message as both an envelope and a private letter.   The envelope message must not contain any private and confidential business information because it will be copied by many agencies as it flows though the public Internet.   The private letter message must be encrypted that can only be read by the intended recipient and cannot be read by agencies that copy all Internet traffic.
ACRM retains all valuable business data in safe encrypted databases - no business data needs to be downloaded to any type of computer.   Messages may be viewed from a smart phone or laptop, but such data is encrypted and never stored on a local computer.

  topic image  

3a. Opt-In Law:

Before any marketing information can be sent to a named person, that person must have opted in to receive that marketing information.   Not only must the person opt-in, but an evidence trail must be maintained to prove when and how the person opted-in - verbal agreement can be contested in a court.   It would be illegal to send a traditional email containing marketing information to a person without evidence of when and how they opted in.

  topic image  

3b. Opt-In Solution:

ACRM sends a simple standard template message asking the named person to confirm their email address and showing a list of optional kinds of messages that may be involved.   When the person clicks on a confirmation link, details of the person, date, time, IP address, browser, computer etc., are recorded as evidence.   Messages can then be sent to those people in accordance with their information requirements - evidence exists to verify why any message is sent.

  topic image  

4a. Opt-Out Law:

Every message sent to a named person must include an unsubscribe option (or similar method).   It would be illegal to send a traditional email containing marketing information that does not include a workable unsubscribe option.

  topic image  

4b. Opt-Out Solution:

ACRM will only send a standard template messages that always include the mandatory unsubscribe link.   When the person clicks on an unsubscribe link, details of the person are recorded as evidence to ensure that a message is not sent to that person until they opt-in again.   Opt-in and opt-out data must be recorded with every potential person (prospect) who may be sent a business message.

  topic image  

5a. Evidence Law:

Every message to named person must be retained for at least seven years and it must not be possible for the message to be changed or deleted.   A court can demand that all correspondence with a named person is disclosed without any exceptions and with evidence that it has not been manually tampered with.   It would be illegal to send a traditional email where the only copy of that message is stored in a private sent folder where messages can easily be deleted.   It would be illegal to retain emails using a proprietary file format that may be unreadable in a few years time - such as Outlook Express or PST.

  topic image  

5b. Evidence Solution:

ACRM records every standard template message as a raw HTML file that is certain to be easy to read in seven years time.   Every file name includes the date and time when the message was generated and that cannot be changed in any way.   Every file is associated with the author and who it was sent to so court orders can quickly be responded to without any exceptions.

  topic image  

6a. Disclaimer Law:

Disclaimer notices are optional in law but any council will advise that they carry great weight in any court of law.   The exact details of any disclaimer must be verified by corporate legal opinion and must be implemented for all employees without favour.   Because a company can be locked into contractual obligations and because a company is liable for disclosure of confidential information to other parties, the role of the disclaimer notice is of paramount importance.   It is not illegal to exclude a disclaimer, but it can be beneficial.

  topic image  

6b. Disclaimer Solution:

ACRM only sends standard template messages that have been approved by Executives and/or legal council.   Evidence of every change to the corporate disclaimer is provided as an audit trail that can be presented to a court.

  topic image  

7a. Maintenance Law:

It would be illogical to keep on sending messages to obsolete addresses, so the management of CRM addresses is critical.   On average, 13% of email addresses become obsolete each year as people leave and move on.   That demands on-going procedures to detect and revise CRM email addresses.
Considerable business benefits can be derived by recording when (date + time) a message is viewed.   Timely follow up becomes practical when it is known that a person has viewed each specific message.

  topic image  

7b. Maintenance Solution:

ACRM includes track and trace facilities to identify when each message is viewed - data, time and other factors are recorded.   Evidence of the life cycle of every message increases the value of each message and identifies those messages that are never viewed.   It is easy to identify obsolete addresses where messages are ignored and follow up may be needed to discover if a new person has taken that function.
ACRM has invested a lot into its track and trace facilities to maximise the benefits to the business.   When used in an effective way, productivity can be dramatically increased while operating costs are reduced.

  topic image  

9a. Complaints Law:

Many industries have a mandatory requirement to have a published complaints procedure and many more companies are conforming to these good governance laws.   Where a person makes a complaint that the content of a traditional email is offensive and claims damages, then Executives are obliged to action the complaint.   Where the person sending the email has lost the email, then the company may be obliged to settle and pay damages as the cheapest solution.   If the case is disputed and goes to court, then the complaint procedure will need to be disclosed so the court can decide its effectiveness.

  topic image  

9b. Complaints Solution:

ACRM includes public access complaint procedure forms where a person can explain how and why that were offended of suffered distress.   Evidence of every complaint is recorded with follow up actions taken by all parties.   Where disciplinary action can be demonstrated to the court, then the evidence trail can be taken into account and if any damages need to be awarded.
Privacy Service 14 Dec 2017 : 20:53Copyright © 2017 LeXica Ltd54.83.122.227 request 1 in 0.08 seconds