“Privacy is the business of the survey research profession,” says Howard Fienberg, Director Government Affairs, Council for Marketing and Opinion Research (CMOR).
Privacy matters not just because of the huge list of federal and state laws regulating telephone and online research. There’s also a wary public, tired of spam and scams, who needs to be assured that survey research is legitimate and that their private information will be protected.
CMOR tracks federal laws and regulations as well as industry codes and best practices for telephone and online research. We checked in with Fienberg and others there to discuss some of the biggest concerns facing the survey research industry and tips on how to deal with them.
-> Challenge #1. Federal laws are complex
Privacy laws are constantly changing, making it hard for researchers to stay abreast of all the requirements. Remember, being unaware of a regulation won’t make you exempt from compliance. Here are a few regulatory areas to study carefully:
- Telephone Consumer Protection Act of 1991. Even though legitimate researchers are familiar with this set of regulations governing solicitation calls, many are unaware of a provision that prevents researchers from using autodialers to call cell phone numbers. With a growing number of consumers ditching land lines and using only their cell phones, CMOR is working to get regulators to create an exemption to this rule for researchers.
In the meantime, researchers must be careful not to use autodialers to contact cell phones. If you’re having trouble identifying cell phone numbers in your database, you can turn to vendors that operates cell phone number recognition services.
- CAN-SPAM and COPPA. All online researchers must abide by the CAN-SPAM Act of 2003, but depending on the audience you’re surveying, the Children’s Online Privacy Protection Act is just as important. Those rules govern the way information is collected from children under age 13 and require parental consent. But CMOR recommends that researchers follow COPPA procedures anytime they’re dealing with respondents under age 18.
-> Challenge #2. States have their own laws, too
Every state can create its own regulations and sub-requirements under federal laws, and, of course, every state handles survey privacy issues differently. For example, several states are looking to make their do-not-call logs more restrictive than the federal program, although LaToya Rembert-Lang, State Legislative Director, CMOR, says she hasn’t yet seen negative impacts for survey researchers.
Still, state laws differ in important areas, such as:
o Notification procedures for data security breaches
o The age of majority; in some states it’s 21, not 18
o Cell phone use in automobiles, which could affect telephone researchers’ best practices for when to contact respondents
Because of this, researchers need to follow the laws governing online and telephone research in every state in which they do business, not just the state they are headquartered in.
-> Challenge #3. Stricter international standards
If you conduct research with an international audience, you could get tripped up with laws enacted by foreign governments and regulators. For example, the European Union has strict standards on the collection and transfer of personal data to non-EU countries, as well as tricky language requiring things such as “unambiguous consent” from survey respondents.
Any researcher conducting a survey with EU members must adhere to the EU Directive on processing personal data or by safe harbor rules developed by the US Department of Commerce (see link below). “If you can’t follow those principals, you’re putting yourself in danger,” Fienberg says.
-> Challenge #4. Privacy and data security
Even researchers in full compliance with federal, state and international regulations face consumer concern and confusion about privacy rules. Here are three of the most common concerns and advice on how to deal with them:
#1. Survey respondents think you’re violating the Do-Not-Call Registry. Many consumers don’t know that survey research is exempt from the restrictions of the Do-Not-Call Registry and will react angrily when contacted. While it’s best to honor their wishes, you can also try to clear up confusion about the difference between survey research and sales-focused telemarketing.
Better training for telephone interviewers can help them explain what kind of data they’re collecting, why they’re collecting it and how it will be used for research purposes. CMOR also has an affiliate program called “Your Opinion Counts,” which certifies that research firms are conducting legitimate research and following best practices. The program has a website where researchers can send survey respondents for more information.
#3. Survey respondents are concerned about personally identifiable information. Laws governing the collection and use of personally identifiable information specify two types: ordinary personal data (name, address and marital status) and sensitive personal data (Social Security numbers and medical information). The definition of personal information for children is even broader, encompassing areas, including hobbies and team affiliations.
While researchers need to follow rules governing the collection of such data, they also need to remain sensitive to respondents’ concerns about information that might not be regulated under the law, but is sensitive to them, such as income ranges, age and education levels.
-> Challenge #5. Declining survey participation
Whether caused by the rise in caller ID or the general increase in online and telephone research, it’s becoming harder to get consumers to respond to surveys. One study found that telephone survey response rates dropped from 72% in 1979 to 48% in 2003.
In this environment, researchers need to design their surveys to reflect the factors that are most important in encouraging respondent participation. According to the recent CMOR survey on participation, the top three factors influencing a respondent’s decision to take a survey are:
o The survey doesn’t take too long
o The survey will be used to improve products/services
o The survey will be used by the government for policy decisions
Therefore, keep it short and focused on helping you change and improve your products or services.
-> Challenge #6. Choosing a research company to work on your behalf
If you’re thinking about hiring a research company to conduct surveys on your behalf, you need to think about privacy concerns and respondent compliance issues, too. The best way to protect yourself is to ask for these three items when hiring a research company:
- A confidentiality agreement. Make sure the data they’re collecting on your behalf (and information they have about your company and project) will remain between you and the researcher.
- An indemnity agreement. This agreement will protect your company against fines and penalties related to violations that a research firm might commit.Useful links related to this article
US Department of Commerce Safe Harbor Program for collecting data from the EU:
FCC’s TCPA site:
FTC’s COPPA site:
FTC’s Do-Not-Call Registry:
NeuStar - operates a cell phone number recognition service:
Your Opinion Counts Program: