Researchers found that only 30% of the candidates running for president are following industry best practices when it comes to consumer privacy and data protection. Online privacy and data security continues to be a concern for your voters.
And while there aren’t yet any specific laws or regulations that campaigns need to comply with, it’s important that your campaign adhere to best practices involving protecting your voters personal data and privacy. A data breach could mean a loss in confidence in your campaign a crucial time and campaigns can’t afford any avoidable errors.
The good news is that not only will following these security best practices protect your supporters, they will improve your online campaign as well.
Here are four important steps you should be taking:
Prevent Spoofing (And Get Emails Delivered)
We’ve covered this one with all of our BPD clients, but make sure you have SPF records and DKIM set up for your domain so supporters know they can trust that when an email appears to have come from you that you really sent it.
Not only does having these records in place protect your supporters, it helps improve your campaign’s email deliverability because email providers like Google look to ensure marketers have these before placing email in inboxes.
Secure Your Website With SSL/TLS
Protecting all of your website’s traffic with a security certificate – not just your donation page – is critical for campaigns. It ensures that any data transmitted from your supporter over your website, whether an RSVP, a petition, a survey, etc. can’t be snooped on by spammers or other bad actors. Most modern browsers also alert users when they’re on a website not secured by this protocol (that’s what the lock in your address bar means)
In addition to securing supporter data and boosting confidence, using SSL/TLS will help them make it easier to find you online since Google ranks pages higher that are secure.
Have a Privacy Policy
Your website needs a privacy policy. It should be easy to find and whenever possible in easy to understand language. Make it clear how and if data will be shared with affiliated organizations, partners, and vendors. If you’re sharing lists, let them know.
Some third party services you may use will also require that you have a privacy policy with certain language before you’re allowed to use the service, so have it in place before you need it.
Work with Reputable Consultants
The consultants, agencies, and vendors you work with will also have access to important voter data as well as sensitive information and conversations via email. When you’re hiring them, ask them how they store, protect, and use your voters’ data. Also make sure they are following security best practices like multi-factor authentication to prevent email phishing.
The good news is that all of the tools your campaign’s partners need to secure your supporters’ data are readily available and very cheap (if not free). All it takes is their commitment, and anyone worth working with knows what’s at stake in modern campaigns.
It’s important to remember, that when it comes to your online campaign, you’re not just competing with other campaigns, you’re competing with every marketer on the internet. Your voters know what a professional, reputable website and online marketing effort is supposed to look like. By following these best practices, you’ll not only earn their trust, but also be more effective.