Bell - Do Not Call Solutions Review


Bell
Nymity's Independent Privacy Solutions Review provides an unbiased assessment of the legal and privacy benefits of Bell's Do Not Call Solutions by detailing how these services will help your organization comply with privacy laws.

Privacy Laws and Marketing Phone Calls

Privacy laws in Canada typically require organizations to obtain consent from individuals for the collection, use and disclosure of their personal information, including for marketing purposes. This obligation usually extends to the collection, use and disclosure of an individual’s phone number, unless the individual’s phone number is made publicly available, for example, through a phone book. In those circumstances when an organization wishes to use for marketing purposes an individual’s phone number that is publicly available, privacy obligations require organizations to provide the individual with the ability to opt-out from being contacted by phone. When an individual opts-out in such cases, the organization clearly does not have the individual's consent to contact him or her by phone for marketing purposes. An organization should ensure they have mechanisms in place to track those individuals who have withdrawn their consent. This is commonly called an “opt-out list” or a “do-not-call list”.

When an individual provides an organization with their phone number, say through a form or website for non-marketing purposes, they are, in most cases, providing the organization with consent to be contacted for purposes consistent with the reason the phone number was collected. Calling for a non-related or secondary purpose such as marketing would therefore require consent, which could be obtained by providing the individual with some form of notice at time of collection. Without this consent, the organization would not be meeting their privacy obligations. In all cases, an organization should provide individuals with the opportunity to opt-out of being called for marketing purposes and should therefore maintain an opt-out list.

In one federal case, an individual whose account was flagged as “do not solicit” continued to be called by the bank's employees. It turned out that the bank developed internally generated sales leads that would override the customer’s request not to be solicited. The Commissioner agreed with the complainant that this was unacceptable and recommended that the bank cease this practice. The bank admitted that branches would still contact customers with the DNS designation because it believed that these customers would want to be informed of certain offers and that when they have a DNS flag on their file, it is really telemarketing and bulk mail marketing programs that they do not want. The bank revamped its training and scripting materials for all affected staff to reinforce the message that, from here on in, the DNS designation will apply to all sales activities, both the database mining initiatives, as well as the internally generated sales lead applications. The bank also stated that customers who have already withdrawn their consent to marketing were being removed from internally generated sales lists.
National Do Not Call List

Consumer privacy is enhanced with the National Do Not Call List (NDNCL) which requires many organizations to augment their internal do not call list with this national do not call list, and to do so every 31 days. In fact, the CRTC’s Telemarketing Rules also require organizations not subject to the NDNCL to maintain an internal do not call list. With the implementation of the NDNCL, an organization contacting an individual on the National Do Not Call list for marketing purposes by phone without consent or a valid exemption from the NDNCL (such as an existing business relationship) would violate both privacy laws and the NDNCL, the latter making them subject to penalties up to $15,000 per offending call for corporations and $1,500 per offending call for individuals. (Learn more about National Do Not Call List)

The National Do Not Call rules require an organization to manage and maintain its own internal lists and to refresh its calling lists a minimum of every 31 days. Further, best practices suggest that firms engaged in telemarketing should also establish processes to monitor and enforce compliance with the NDNCL Rules within the organization. Privacy laws provide the additional requirement that an organization implement written policies and procedures and provide adequate ongoing training to employees.

How Does Bell's Do Not Call Service Enable Compliance?

Bell`s services help organizations maintain compliance with privacy laws and the NDNCL by ensuring the organization has consent when calling an individual. But Bell’s services go beyond consent, they help organizations meet many of the other requirements found in privacy laws and the NDNCL. Bell’s solutions provide organizations the mechanisms to implement, maintain and demonstrate compliance. Let’s have a look at how Bell’s services help an organization meet their legal oblications/compliance.

Implement and Maintain Compliance

To implement one of Bell's services, an organization will develop policies and procedures and programs to train employees. In doing so, the organization has complied with two of the key areas in privacy laws.

To maintain compliance, Bell’s services provide automatic Do Not Call compliance by certifying every call. Depending on the services selected, the number can be verified prior to dialing or as it is dialled from any dialing device. This ensures compliance as:

  • Every dial attempt is checked against all Do Not Call restrictions including federal and internal lists;
  • It performs call curfew certification for all appropriate locations, automatically converting time zones and adjusting for daylight savings time; and
  • Can also be used to enter and manage exempt numbers based on federal regulations.

Demonstrate Compliance

When a complaint occurs and there is an investigation by the Privacy Commissioner's office or the CRTC or both, Bell’s services provide the necessary documentation to demonstrate compliance.

The policies, procedures and training programs created when implementing Bell's services provides the documentation to demonstrate a solid compliance framework. The organization can demonstrate that employees are trained on compliance with privacy laws and the DNCL. Training employees continues to be one of the cornerstone of protecting personal information and improve compliance and is a method reinforced by the privacy commissioners.

Once the organization can demonstrate an investment in privacy compliance, the investigators are going to look at the specific incident that resulted in a complaint. Bell’s services provide an audit trail that validates the organization claims related to the complaint. Audit trails provide:

  • Defences against complaints;
  • Evidence of a valid exemption;
  • Evidence of due diligence re compliance;
  • Current DNCL being used – 31 days; and
  • Monitor and enforce internal compliance.

Bells Do Not Call Services:

Nymity Privacy Solution Review

Guardian Service – Desktop lead certification software designed for large contact centre operations that use automated dialing devices. Bell’s Guardian service represent the final step in a marketing campaign creation process.

The campaign contents are checked against all applicable restrictions, including internal lists, National do No Call lists. Restricted numbers are removed before being loaded into the dialing queue, thus eliminating any risk of violation.

Call Adviser Service – This is for enterprises using business development professionals who place manual calls. Every call is automatically certified as it is dialed, with every dial attempt checked against all applicable restrictions, including internal lists.

Call Search Service – User-friendly web interface that allows users to search numbers on demand against all applicable lists and restrictions. Results are returned instantly to the desktop.

Exemption Advisor Service – This automated exemption management solution creates new customer calling opportunities. Each time a call is attempted or a number is searched, built-in intelligence checks exemption status in real time. The call is routed when rules allow for it and blocked when disallowed.

Compliance ROI (Privacy ROI)

Bell’s services provides many benefits including operational cost savings, but these are outside the scope of this Privacy ROI section. This section is strictly used to help organizations calculate the privacy ROI, which is the return on investment (ROI) an organization can expect from compliance. Privacy ROI can be gained from 8 areas, which are:

  • Contacting individuals who have chosen not to contacted will often result in complaints to the CRTC and the Privacy Commissioners Office. This results in an investigations which are time consuming and expensive. Complaints to the CRTC can lead to financial penalties. Bell’s services will reduce the chances of a complaint and reduce the cost of an investigation.
  • Complaints that result from compliant calls, likely due to organization making calls to which an exception applies. Bell’s services will allow organizations to quickly demonstrate compliances by specifying the exemption. Not only will this demonstrate compliance to the regulators, but it will enhance customer service as providing prompt documented reason for the call will help the customer understand why they are being contacted and the value in doing so. In fact, Bell's services will help organizations explain why they are being contacted even though they are on the DNCL.
  • Eliminate unnecessary restrictions on business. Bell’s services ensure organizations maximize the call potential and leverage the exemption for calls to consumers with whom the seller has an established business relationship:
    • A duration of 18 months from any purchase or financial transaction;
    • A duration of 6 months from an inquiry or application;
    • Prior Express Permission; and
    • A Consumer’s Signed Written Consent, which states that the consumer agrees to be contacted, including the telephone number to which the calls are to be placed; this consent remains in effect as long as the consumer has not made a subsequent request to be placed on the company’s internal do not call list.
  • Demonstrating compliance due-diligence. Should a complaint occur, for any reason, part of the investigation from the privacy commissioner’s office is to review the organization's compliance framework. Information on this framework can also be used by organizations in defending their actions in the course of CRTC investigations of telemarketing complaints. Organizations using Bell's services can demonstrate their due diligence for compliance and that the organization is serious about observing their customer and prospect consent.
  • Accidental calls, should they occur. If in the unlikely event a call is made due to some error in the implementation of the NDCL or internal do not call list and a complaint occurs, the risk of a penalty would be reduced. The CRTC has stated that they will consider the best-efforts to comply with the laws when assessing penalties.
  • Bell’s services provide an audit trail which will simplify the investigation process and virtually stave off any need for an audit after a complaint. The audit trail will save a significant amount of time and money when the investigation takes place.
  • Employee training and documented policies and procedures have a variety of other privacy compliance benefits. One of the important benefits is that privacy training will help eliminate privacy breaches which can occur quite easily in a phone centre environment.
  • Eliminating contacting individuals who have chosen to not be contacted is bad for the brand and bad for the business. Individuals who may have responded to other marketing communications or advertising will be dissatisfied with the organization after being contacted by phone, which may result in them contacting a competitor.

Next Steps

Bell provides many resources for organizations wanting to comply with the National Do Not Call List and privacy laws. Bell provides:

  • Exemption checklist: Will you need to be compliant? This checklist will help you understand what parts of your business may be affected.
  • Needs assessment: 24 questions that will help you understand what’s involved in preparing for Do Not Call.
  • Readiness checklists:
    • Sales and marketing: Nine questions for sales and marketing readiness.
    • Legal and compliance: 11 questions to help you understand your obligations.

Review these resources at Bell's Do Not Call Solutions.

Privacy Statement · Legal notice