Board Approves New Ethical Guidelines; Calls for New Measures to Enhance Data Security Across Data-Driven Marketing Industry

In response to the recent spate of data security breaches on retailers and others, today the Direct Marketing Association (DMA) issued a call to action to all data-driven marketers to recommit to DMA’s long-standing commitment to ensure the security of consumer data.  The call to action derived from the approval of new Business Ethical Guidelines around data security by the association Board of Directors today, and outlines several new steps that the DMA will take to guide industry best practices and advocate strong data security protections before policymakers at the federal and state levels.

“Earning consumer trust requires proactive, purposeful action,” said DMA President and CEO Linda A. Woolley.  “Recent headlines have been full of news about data breaches, and while such situations are a risk of modern business and difficult to prevent, DMA believes that the best defense is a strong offense.  DMA standards help businesses ensure that they are protected and ready.”

DMA has long been the leading association for setting guidelines and representing the business community before Congress and the Federal Trade Commission (FTC) on issues of data security and breach notification.  DMA’s broad membership includes retailers, financial institutions, marketers, advertisers, nonprofit and charitable organizations, and others who rely on DMA as the forum through which to develop consensus on how consumer data should be used responsibly and secured appropriately.

DMA calls on every data-driven marketer to take proactive measures to further enhance data security across the data-driven marketing industry:

  • Develop and implement a data integrity and governance program;
  • Read and utilize in all marketing practices the principles and guidance outlined in the updated Ethical Guidelines for data security and other marketing practices issues by DMA as part of our public trust with consumers;
  • Continue to work as part of DMA with policymakers to enact a national standard for data breach notification.  DMA has been supportive of a federal breach notification law; and
  • Work with internal and industry stakeholders to identify additional data security measures and practices to help reduce the risk of data breaches across the ecosystem.

The DMA Board today approved revisions to DMA’s Guidelines for Ethical Business Practice (, which have provided data-driven marketers with generally accepted principles of conduct and formed the basis for industry-wide self-regulatory enforcement for more than forty years.  The updates are in the areas of data security, mobile applications, and retailer data. The updated Guidelines speak directly to the issue of data security, recommending that data-driven marketers consider an information management program that addresses Data Minimization, Retention, Access, Use, Communication, Storage and Disposal for all types of data collected and used.  Following approval by the Board, the updated Guidelines will be promoted to and shared with the full membership quickly thereafter.

A full set of the Guidelines is available for press from DMA upon request.

About Direct Marketing Association (DMA)

The Direct Marketing Association ( is the world’s largest trade association dedicated to advancing and protecting responsible data-driven marketing.  Founded in 1917, DMA represents thousands of companies and nonprofit organizations that use and support data-driven marketing practices and techniques. DMA provides the Voice to shape policy and public opinion, the Connections to grow members’ businesses and the Tools to ensure full compliance with ethical and best practices as well as professional development.

In 2012, the Data-Driven Marketing Economy (DDME) added $156 billion in revenue to the U.S. economy and fueled more than 675,000 jobs.  The real value of data is in its exchange across the DDME:  70 percent of the value of the DDME – $110 billion in revenue and 478,000 jobs – depends on the ability of firms to exchange data across the DDME.


# # #