Josh - I am updating my forms to populate an opt-in check box when someone selects Canada as their country. Do you know if I can make the opt-in check box a require field since the only people who will see it are the people who choose Canada? I don't want all of the non-Canadians to have form completion errors because they aren't checking a box they will never see!
Making a checkbox required is also unethical - and potentially illegal (such as with the upcoming EU GDPR). So basically what you're saying is "unless you check the opt-in box, you cannot submit the form"
Making a checkbox required is also unethical... what you're saying is "unless you check the opt-in box, you cannot submit the form"
But that's not a priori unethical. It's the same logic as not letting somebody download software unless they agree to a EULA. How else do you indicate to someone that they must not submit a form unless they understand what you will do with their data, and what they are allowed to do with your data? That's not the same as forcing them to submit the form!
Maybe i'm misunderstanding the question. So we're not telling the user that they must click the "opt-in" checkbox if they want to proceed? Similar to how we use "implied" consent when someone visits our website (primarily for countries outside of North America that have strict cookie policies:
This will no longer be acceptable after May of next year (to comply with GDPR). So I was just thinking the same is being done here - but with an opt-in checkbox. Kind of like forcing a user to check it, even though they don't want to opt-in to future marketing emails.
Either the checkbox must be checked to proceed, or the checkbox must not have been checked if the person doesn't proceed (contrapositive!). But that doesn't mean the person must proceed: they aren't being forced to do anything.
Again, like explicit consent with a EULA. Not implicit ("if you do this thing that isn't principally consenting, you have also consented") consent.
Thank you Sanford Whiteman and Dan Stevens for your responses to my question. I'm still relatively new to Marketo AND I'm trying to figure out the best way to comply with the CASL and other anti-SPAM laws, so your feedback has been very helpful.
I guess I hadn't thought about the fact that requiring an opt-in checkbox for Canadians might be unethical. We send an autoresponder email with the information a lead requests via the form completion, so my thought was to add the check box when someone indicates that they're from Canada so I can ensure documentation of their consent before I send them the autoresponder. My company used to take the form completion (along with brief disclaimer text saying that we will email product info to people submitting the form) as confirmation that the person is giving consent for us to email them with the info they've requested, but I don't believe that counts as "express consent" for CASL.
I probably need to get a better understanding of CASL and EULA to figure out how to proceed from here.
I'm looping Grégoire Michelinto this thread. Greg has some good perspectives on this - especially where spam/consent laws are strict (and will be even stricter, come next May with the EU GDPR).
Thanks Dan Stevens! I appreciate it!
It's not unethical or illegal to present an UNchecked checkbox, correctly labeled with jurisdiction-specific text indicating what's being agreed to if checked.
Don't know how we started going down the road of unchecked-by-default checkboxes with explicit agreements being problematic. They're the opposite of problematic: they're the only way -- short of digital signatures -- to allow people to grant express consent on the front end.
The other options are checked-by-default (illegal in many countries) or unchecked-but-with-misleading-text (illegal in even more countries, since it could fall under false advertising or other trade practices).
I think what's still unclear, Sandy, is that for a user to proceed in submitting the form - and making the field required, aka "checked" - it might not align to some of the new laws/regulation coming down the pike. I see what you're saying about liking this to EULAs, but I'm just not sure that would fly in the eyes of the EU (and I realize we're only dealing with Canada in this instance (where CASL laws are also very strict) - but if they market/sell their services to EU countries, GDPR would apply to them).
Cayce, going back to the original question, why not just have the opt-in field appear for Canadian users? Why do you want to make this a required field that someone must "check" in order to submit the form?