Affiliate marketing industry needs to clean up its act in terms of privacy law compliance


An international operation has found that the affiliate marketing industry has significant issues to overcome in terms of compliance with rules concerning privacy and unsolicited communications.

Affiliate marketing is a commercial arrangement allowing a company to generate business by allowing other organisations (“affiliates”) to promote their products or services. For example, an online retailer may pay commission to an external website for traffic or sales generated from its referrals, by hosting links on its own site or sending links out via email or text message.

A global intelligence-gathering operation by the Unsolicited Communications Enforcement Network (UCENet), involving nine agencies from five countries, visited 902 websites and also examined 6,536 consumer complaints related to affiliate marketing in their respective databases. The issues they found included:

Apparent lack of self-regulation: A majority of participants noted that most of the publicly available terms of services between the affiliates, the merchants, and the affiliate platforms lacked appropriate unsolicited communication guidelines establishing what is permissible.

Lack of consent: Some participating countries that have an opt-in unsolicited communication regime noted that affiliates generally do not possess the consent of the consumer to send electronic communications.

Misleading advertising: Many participants noted the prevalence of misleading advertising in the affiliate marketing ecosystem. Within minutes of beginning their research, sweepers were exposed to some form of misleading advertising.

Affiliate marketing platforms: Some affiliate marketing platforms, which operate as a third party agent handling interactions and payments between merchants and affiliates, have a short lifespan (often less than a year) and conceal their physical location, potentially making enforcement a challenge.

Of the 902 international websites visited during the sweep, 221 were flagged for further action. However, the operation also found many examples of good practice in the industry, demonstrating that compliance with laws on unsolicited marketing can be easily achieved.

The UCENet Sweep 2017 was jointly led by the UK’s Information Commissioner’s Office (ICO) and the Canadian Radio-Television and Telecommunications Commission (CRTC).