ANA Ethics Code of Marketing Best Practices

The ANA Ethics Code of Best Marketing Practices is a framework of high-level principles, guidelines, resources and examples of ethical marketing and advertising best practices applicable to all entities engaged in marketing, advertising, and fundraising. The Code has been shaped by your peers on the ANA Ethics Code Steering Committee and is designed to be a resource to guide the industry towards ethical business practices with the overarching goal of rebuilding and maintaining consumer trust.

The Code covers the following sections:

• Member Principles
• Advertising Offers
• Audiences (Children, Older adults, Disabled)
• Diversity and Inclusion
• Data Privacy, Security and Stewardship
• Regulated Products (Tobacco, Alcohol, and others)
• Digital Innovation (AI, Machine Learning, and Automated Processing)

This is a living, evolving document. If you are interested in participating in the drafting of further enhancements to the Code, contact us at ethics@ana.net. We will be reconvening the Ethics Code Steering Committee periodically to review and consider further enhancements. The Code cannot and does not cover every nuanced topic. It provides broad guidance on issue areas identified as timely and relevant that will continue to be reviewed to reflect changes in the legislative, regulatory, technological, and business landscape.

Our vision is to advance an accountable and ethical marketing ecosystem for brand growth through a central Code of Ethics, alongside complementary efforts that help implement the spirit of that code, managed by the Center for Ethical Marketing and ANA's leadership as a force for responsible growth. The Code is voluntary and matched with a foundational self-regulatory program to help educate companies on implementing acceptable industry standard practices. These efforts stave off regulation at the state and federal levels. It serves as the baseline of best practices for our industry through ethical accountability and elevates ANA and its members as leaders in this area.

---

 

 

---

 

ANA ETHICAL CODE OF BEST PRACTICES

CONTENTS

---

ANA MARKETING ETHICS CODE PREAMBLE/INTRODUCTION

The ANA Marketing Ethics Code (“Ethics Code”) is an ethical framework comprised of a set of high-level Principles and Guidelines. The Ethics Code is designed to serve as a resource to help guide marketers, advertisers, fundraisers, and solution providers into incorporating high ethical standards into their business practices to strengthen consumer trust and industry credibility within the marketing ecosystem.

The ANA Marketing Ethics Code has been developed by the ANA and is intended to provide generally accepted principles of conduct to individuals and entities involved in data-driven marketing and advertising in all media. This Code serves as a baseline set of practices and intends to reflect the advertising and marketing industry’s aspiration to serve and delight customers and consumers by being accountable and trustworthy. The guideposts contained in the Code are the result of decades of development by seasoned marketers, advertisers, and solution providers.

Furthermore, the Ethics Code represents the general philosophy that self-regulation by our industry is uniquely able to provide adaptability to technological, economic, and social conditions. Widespread use of such ethical business practices leads to better business results and valuable customer and donor experiences that improve lives while respecting individual choices.

The Ethics Code is the basis by which the ANA’s Ethics Review Committee (“Committee”) reviews and mediates consumer complaints about marketing and advertising across all media. The Committee is comprised of seasoned marketing and advertising professionals who review consumer complaints and seek voluntary compliance with these Guidelines to enhance consumer trust in the marketing process and in advertisements. The Guidelines are meant to serve as guidance, not as legal advice, for marketers and advertisers to “do what is right.” Marketers and advertisers should always consult with appropriate legal counsel for specific legal compliance questions.

Because dishonest, misleading, or offensive communications discredit all means of advertising and marketing, observance of these Guidelines is critical. All individuals involved in data stewardship and marketing should take reasonable steps to encourage industry members, partners, and affiliates to follow these Guidelines as well.

These Guidelines provide the basis for ethical data and marketing practices and compliance primarily under the United States standards and expectations. Global companies should review international standards and rules.

For compliance examples and best practices that may be more specific and illustrative than the baseline Principles and Guidelines in this Code, send questions or marketing complaints to ethics@ana.net.

---

ANA MEMBER PRINCIPLES (GENERAL)

These Member Principles are the underlying foundation for the ANA Marketing Ethics Code and for Principles and Guidelines that will be drafted in the future. These Principles apply to relationships with current and prospective customers, donors, and members. This foundation applies to all marketers and marketing activities, including direct-to-consumer, business-to-business, government agencies, and SOHO (small-office/homeoffice) entities.

An ethical and accountable marketer:

1. Commits to achieving customer satisfaction through good stewardship of the environment and its community. By integrating these practices, it creates value for itself, its stakeholders, and society.
2. Does not tolerate unfair bias (intentional or unconscious), stereotypes, or denigrating content, and instead supports accurate portrayals and representations.
3. Supports all potential customers by using techniques and strategies that are both inclusive and accessible to people with wide-ranging abilities along the entire customer journey.
4. Considers the age range, knowledge, sophistication, maturity, and stages of development of their intended audience.
5. Uses technology in a responsible manner to advance marketing and to improve the consumer experience.
6. Clearly, honestly, and accurately represents their products, services, terms, and conditions, and engages in practices that are transparent to their desired audience.
7. Delivers their products, services, and experiences as represented.
8. Communicates in a respectful and courteous manner.
9. Responds to inquiries and complaints in a respectful, timely way.
10. Takes steps to help prevent misleading or deceptive marketing and fraud from occurring on their platform or in their name.
11. Maintains heightened security policies and practices to safeguard data.
12. Provides information on their policies about the use and/or transfer of personal information for marketing in a clear manner and easy for consumers to access.
13. Honors requests not to have personal information transferred for marketing.
14. Honors consumer requests not to receive future solicitations.
15. Follows the spirit and letter of the law as well as this Ethics Code.

---

1 // ADVERTISING AND MARKETING OFFERS: SUPPORTING CLAIMS

To ensure marketing offers and claims are provided using the highest standards of clarity, honesty, truthfulness, and accountability for intended audiences and customers.

Article 1. Honesty and Clarity of the Offer

All offers should be clear, honest, and complete so that the consumer may know the nature of what is being offered, the price, the terms of payment (including all mandatory and extra charges), and the commitment involved in the placing of an order. Before publication of an offer, marketers should have substantiation for any claims or offers made. Advertisements that contain claims that are untrue, misleading, deceptive, or fraudulent should not be used.

Design practices should not be used to trick or manipulate users into making choices they would not have otherwise made and/or that may cause harm to the user. These include business practices that subvert or impair consumer autonomy, decision-making, or choice when making an offer or making claims.

Examples of these so-called “dark patterns” in creative design that could mislead consumers:

• Bait and switch
• Hidden costs that are not disclosed in advance to a potential purchaser
• Forced continuity without the ability to cancel or imposing roadblocks to cancellation
• Burying important information in hard-to-read disclosures
• False sense of urgency
• Disguising advertising, such as claiming to be an invoice for a warranty, or an issued “check” for a sweepstakes when it is a promotional offer
• Claiming to be coming from a government agency

Article 2. Accuracy and Consistency

Simple and consistent statements or representations of all the essential points of the offer should appear in the promotional material. The overall impression of an offer should not be contradicted by individual statements, representations, or disclaimers.

Article 3. Clarity of Disclosures

Disclosures which, by their size, placement, duration, or other characteristics, are unlikely to be noticed or are difficult to understand should not be used if they are material to the offer or the advertising claims. “Clear and conspicuous” generally means difficult to miss, easy to read, and easy to understand.

Article 4. Conditions

All descriptions, promises, and claims should reflect the results that can be achieved by consumers under actual conditions, situations, and circumstances existing at the time of the promotion.

Article 5. Disparagement and Discrimination

Disparagement of any person or group on grounds addressed by federal or state laws that prohibit discrimination is unacceptable. For additional guidance, review the Diversity and Inclusion Section of the Code.

Article 6. Offensive Materials

Consumers who have indicated to the marketer that they consider their solicitations to be vulgar, immoral, profane, pornographic, or offensive in any way should promptly be removed from receiving such future marketing materials.

Article 7. Photographs and Artwork

Photographs, illustrations, artwork, and the situations they describe should be accurate portrayals and realistic reproductions of the products, services, and subjects they represent. If an image or other representation specific to a brand, organization, or individual is created using Artificial Intelligence (AI) and has a capacity to mislead, there should be transparency regarding the AI generation of the image or representation, and a watermark or other indication of the use of AI within the image or representation. See the AI Principles in Section 6 of this Code.

Article 8. Disclosure of Sponsor and Intent

All marketing contacts should disclose the name of the sponsor and each purpose of the contact. Entities should not make offers or solicitations in the guise of one purpose when the intent is a different purpose, regardless of the marketing channel used.

Article 9. Point of Contact for Marketing Preferences

Every offer should clearly identify or link to a location that identifies the marketer’s name and street address or telephone number, or both, at which the individual may obtain service, and exercise their marketing preferences. If an offer is made online, the marketer should provide or link to a web page listing their name, an internet-based contact mechanism, and a street address.

Article 10. Solicitation in the Guise of an Invoice or Governmental Notification

Offers that are likely to be mistaken for bills, invoices, checks, or notices from public utilities or governmental agencies should not be used, because these practices could mislead consumers.

Article 11. Postage, Shipping, or Handling Charges

Entities should not misrepresent shipping or handling fees. Postage, shipping, or handling charges, if any, should bear a reasonable relationship to actual costs incurred.

Fulfillment

Article 1. Unordered Merchandise or Service

Merchandise or services should not be provided without having first received the customer’s permission. Exceptions to this Article are when samples or gifts clearly marked as such, and merchandise mailed by a charitable organization soliciting contributions are sent with a clear and conspicuous statement informing recipients of an unqualified right to treat the product as a gift and to do with it as they see fit,
at no cost or obligation to them.

Article 2. Product Availability and Shipment

In general, marketers should offer merchandise when it is on hand or when there is a reasonable expectation of its timely receipt. If the marketer knows there is an availability or shipping delay issue, then this should be clearly disclosed to consumers.

Marketers should ship all orders according to the terms of the offer or within 30 days where there is no promised shipping date, unless otherwise directed by the consumer.

If the marketer learns that they cannot ship within the time stated or within 30 days, they must seek the customer’s consent to the delay.

The first delay notification should include:

• The updated shipment date (or the statement that no definitive date is available and the reason that the company cannot provide a definitive date)
• Disclosure to customers that they can cancel
• A method to cancel the order

If the marketer cannot meet the revised shipment date, they should send an updated shipping notification and request customer consent to the delay. The customer’s consent should involve affirmatively notifying the marketer with an agreement to wait beyond the most recent definite revised shipment date. If the marketer has not shipped the order by then, the customer’s order should automatically be canceled, and a prompt refund provided.

Article 3. Dry Testing

“Dry testing” is promoting a product that is not yet available for delivery to the buyer to test response to the product before incurring the costs of producing or delivering the product. Marketers should engage in dry testing only when the promotion clearly discloses the fact that the merchandise is only planned and may not ever be shipped.

Advance Consent and Negative Option Plans

These Guidelines apply to all media and address marketing plans where the consumer gives consent to receive and pay for goods or services
in the future on a continuing or periodic basis, unless and until the consumer cancels the plan. Entities should follow applicable state and federal laws before engaging in any such marketing plan.

The following principles should apply to all advance consent or negative option marketing plans:

Article 1. Initial Offerings: Obtaining Consent

Regardless of channel, marketers should have the consumer’s express informed consent to participate in any negative option marketing plan before the consumer is billed or charged. For example, a pre-checked box without further action is not sufficient. In telephone sales where the consumer agrees to the offer in a way other than by credit or debit card payment, the consumer consent must be written, or
audio recorded.

Marketers should inform consumers in the initial offer of:

• The amount(s) that the consumer will be charged under the plan
• Their right to cancel their participation in the plan
• The amount(s) owed for the initial transaction if the customer cancels
• The length of any trial period, including a statement that the consumer’s account will be charged after the trial period (including the date of the charge) unless the consumer takes an affirmative step to cancel, a reasonable period to cancel, and the steps needed to avoid charges

Article 2. Material Terms and Conditions

Regardless of channel, marketers should clearly and conspicuously disclose all material terms and conditions before obtaining the consumer’s billing information, including:

• A description of the goods or services being offered
• The identity of the marketer and contact information for service or cancellation
• The interval between shipments or services to be provided
• The price or the range of prices of the goods or services purchased by the consumer, including whether there are any additional charges
• Whether the consumer will be billed or automatically charged
• When and how frequently the consumer will be billed or charged
• Any terms in regards to a “free to keep” incentive as applicable
• The fact that the consumer must take affirmative action to cancel to avoid future billing or charges
• The specific and simple steps that consumers should follow to cancel the plan and stop recurring charges from being placed on the consumer’s account
• The time within which the consumer must cancel to avoid future charges being placed on the consumer’s account

When applicable, the following terms and conditions should also be clearly and conspicuously disclosed in the initial offer:

• That the current plan or renewal prices of the goods or services are subject to change
• The length of any free, trial, or approval period
• Any discount or specific quantity offered through the plan
• The length of membership period, and the length of subsequent renewal or billing periods
• The fact that delivery of goods or services will continue, and the consumer will be charged after the free, discount, trial, or approval period, unless the consumer cancels
• Any minimum purchase obligations
• The terms and conditions of any refund policy

In instances where the marketer uses acquired account information under a free-to-pay conversion plan, the marketer should:

• Obtain from the consumer the complete account number to be charged within the appropriate data security protocols (such as PCI compliance)
• Obtain affirmative consent from the consumer to charge such account
• Provide channel-specific proof (an email or hard copy confirmation, or if via telephone, audio record the entire transaction with appropriate disclosures)

In instances where the marketer uses acquired account information but does not engage in a free-to-pay conversion plan, the marketer should:

• Identify with specificity the account that will be charged
• Obtain affirmative consent from the consumer to charge such account

Article 3. Providing the Goods and Services to the Consumer as Promised in the Offer

• Marketers may provide products or services and bills concurrently; however, consumers should not be obligated to pay bills prior to the expiration of any trial period.
• Marketers should inform consumers in renewal reminders of their right to cancel their participation in the plan, how they can cancel their participation in the plan, the amount they will be charged if they do not cancel, and any outstanding fees owed.
• Marketers should provide renewal reminders at the frequency specified in the initial offer and as may be required by law.

Article 4. Providing an Easy Cancellation Process

• Marketers should honor a consumer’s request to cancel a trial offer, product, or service.
• Marketers should promptly honor requests for refunds due under the marketer’s stated refund policy and upon consumer’s cancellation of the plan.
• Marketers should allow consumers a reasonable length of time between receipt of renewal reminders and the renewal date, after which consumers can cancel the plan.

Article 5. Internet Sales: Protecting Financial Information

The initial merchant must never disclose a credit card, debit card, or other financial account number or other billing information that is used to charge the customer of the initial merchant to any post-transaction third-party seller for use in an internet-based sale of any goods or services from that post-transaction third-party seller.

Article 6. Post-Transaction Third-Party Sales Obligations

No charges should apply to a consumer’s account before the third-party seller obtains the consumer’s billing information and consent. Before obtaining the consumer’s billing information, the post-transaction third-party seller should clearly and conspicuously disclose to the consumer a description of the goods and services being offered and all material terms of the transaction, including:

• The fact that the third-party seller is not affiliated with the initial merchant
• The costs of such goods or services

The third-party seller should obtain the consumer’s express informed consent for the charges by providing the complete account information to be charged, providing the seller’s name and address and a means to contact the seller, and prompting the consumer to take an affirmative action such as clicking a confirmation button or checking a box that indicates the consumer’s consent to be charged the amount disclosed or otherwise demonstrating consent to the charges.

Special Offers and Claims

Article 1. Use of the Word “Free” and Other Similar Representations

A product or service that is offered without cost or obligation to the recipient may be described as “free” without qualification.

If a product or service is offered as “free,” all qualifications and conditions should be clearly and conspicuously disclosed, in close conjunction with the use of the term “free” or other similar phrase.

When the term “free” or other similar representations are made (e.g., 2-for-1, half-price, or 1-cent offers), and consumers must purchase a product or service to obtain the product or service using the “free” or similar representation, the product or service required to be purchased should not have been increased in price or decreased in quality or quantity.

Article 2. Price Comparisons

Price comparisons, including those between a marketer’s current price and a former, future, or suggested price, or between a marketer’s price and the price of a competitor’s comparable product, should be fair and accurate and easy to understand.

In each case of comparison to a manufacturer’s suggested price, or competitor’s comparable price, recent substantial sales should have been made at that price in the same trade area.

For comparisons with a future price, there should be a reasonable expectation that the new price will be charged in the foreseeable future.

Article 3. Guarantees and Warranties

The guarantee should clearly state or link to the name and address of the guarantor and the duration of the guarantee. If a product or service

is offered with a guarantee or a warranty, either the terms and conditions should be set forth in full in the promotion, or the promotion should link to or state how the consumer may obtain a copy.

Any requests for repair, replacement, or refund under the terms of a guarantee or warranty should be honored promptly. In an unqualified offer of refund, repair, or replacement, the customer’s preference should prevail.

Article 4. Use of Test or Survey Data

All test or survey data referred to in advertising should be valid and reliable as to the source and methodology and should support the specific claim for which it is cited. Testing should be conducted using impartial and reliable methodology.

To enhance the reliability of findings and facilitate informed recommendations regarding a product or service, it may be advisable to conduct multiple, repeated tests.

Article 5. Testimonials, Endorsements, and Customer Reviews

Testimonials and Endorsements

An “endorsement” means any advertising, marketing, or promotional message for a product that consumers are likely to believe reflects the opinions, beliefs, findings, or experiences of a party other than the sponsoring advertiser, even if the views expressed by that party are identical to those of the sponsoring advertiser.

Verbal statements; tags in social media posts; demonstrations; depictions of the name, signature, likeness, or other identifying personal characteristics of an individual; and the name or seal of an organization can be endorsements.

The party whose opinions, beliefs, findings, or experience the message appears to reflect will be called the “endorser” and could be or appear to be an individual, group, or institution.

An “expert” is an individual, group, or institution possessing, because of experience, study, or training, knowledge of a particular subject, which knowledge is superior to what ordinary individuals generally acquire.

“Clear and conspicuous” means that a disclosure is difficult to miss (i.e., easily noticeable) and easily understandable by ordinary consumers.

Endorsements should reflect the honest opinions, findings, beliefs, or experience of the endorser. Furthermore, an endorsement should not convey any express or implied representation that would be deceptive if made directly by the advertiser. Test or survey data may be used as the basis for claims made so long as the tests and surveys are conducted in an impartial manner and are reported truthfully.

Requirements for testimonials and endorsements used in any media:

1. They are authorized by the person quoted.
2. They do not include reviews by individuals who do not exist (such as the use of bots and AI tools that generate artificial reviews).
3. They are accurate, genuine, and related to the actual experience of the person giving them, and disclose the expertise of the endorser in terms of whether they are an expert for the purposes of the advertisement or simply a consumer endorser.
4. When the advertisement represents that the endorser uses the endorsed product, the endorser must have been a bona fide user of it at the time the endorsement was given. (A “product” may include a service, brand, company, or industry).
5. They are not taken out of context to distort the endorser’s opinion or experience with the product.
6. They clearly and conspicuously disclose any material connections between the endorser and marketer. A material connection refers to a connection between the endorser and marketer that materially affects the weight or credibility of the endorsement, such as payments or free products, the chance to appear in promotions, other incentives, or an employer/employee relationship. A disclosure of a material connection does not require the complete details of the connection, but it must clearly communicate the nature of the connection sufficiently for consumers to evaluate its significance.
7. They clearly and conspicuously disclose the generally expected, or typical, results/performance of the advertised products or services, if the claims made are not typical of what a user could expect under normal circumstances.

A marketer should be able to provide prior and adequate substantiation, including reliable scientific evidence, as necessary, for any claims of efficacy (i.e., whether the product/service will do what the marketer says it will do), typicality (i.e., whether the typical consumer will have an experience like that of the endorser in the depicted circumstances), and environmental benefit where applicable.

Additionally, marketers should ensure that their celebrity endorsers disclose their relationships with marketers when making endorsements outside the context of traditional advertisements, such as on talk shows or in social media, and they should not knowingly make statements that are false or unsubstantiated.

Customer Reviews
Honest consumer assessments are protected by law. Marketers should refrain from procuring, suppressing, boosting, organizing, publishing, upvoting, downvoting, reporting, or editing consumer reviews in a way that misrepresents what customers who have purchased their product or service think of their products or services.

Marketers may edit content that is unlawful, abusive, harassing, obscene, vulgar, sexually explicit, and/or inappropriate with respect to race, gender, sexuality, or ethnicity that may appear in customer reviews in a uniform manner, whether the review is positive or negative.

If a customer seeks to update or change their review, marketers should work with the customer to do so and should document the changes made by that customer as appropriate and reasonable.

Article 6. Claims Regarding the Environment

There should be clear and accurate information regarding environmental claims.

Marketers should accurately state the objectively verifiable environmental characteristics of their products and not make claims that are likely to mislead reasonable consumers.

With respect to general unqualified environmental benefits claims, such as “green, ” “recycled, ” or “good for the planet, ” marketers should qualify the claim through clear and conspicuous disclosures that limit the claims made to a specific benefit or result(s).

Article 7. Claims Regarding Brand Purpose

Marketers should not make unsupported claims about what a company stands for and what it does in practice to trigger a sale and to appear more attractive to a consumer.

Marketers should never deliberately, knowingly mislead a consumer into thinking they are more conscientious than they really are in practice.

Marketers should develop and use a company’s purpose statement to help craft marketing offers truthfully and clearly. For example, the company’s purpose statement can be used to describe its reason for being, such as to “implement solutions to the environmental crisis” or “save people money so they can live better.”

Marketing and advertising regarding a company’s purpose should be rooted in authenticity, human insights, and business strategy.

Article 8. Claims Regarding Results (Finances, Drugs, and Health)

There should be clear and accurate information substantiating claims made about the expected results from the use of a particular product. Marketers should accurately state the objectively verifiable characteristics of their products and should not make a claim if they do not have a reasonable basis to do so.

With respect to general unqualified results claims, such as “enhances health” or “improves memory, ” marketers should qualify the claim through clear and conspicuous disclosures that limit the claims made to a specific benefit or result(s) and should utilize, as appropriate, clinical trials to substantiate such claims.

Article 9. Claims Related to Charitable Donations

Claims made by charitable organizations should follow the standards set forth in these Guidelines, including being truthful and accurate. For instance, specific claims made in fundraising appeals should be substantiated. This includes claims regarding matching donations (made by supporters encouraging additional donations that meet
a specified matching donation amount) and claims regarding the specific use of donations.

Organizations should let donors know if their donation will be used for purposes other than those made in the fundraising appeal.

Unethical Business Practice Examples

• A company provides a marketing offer for home insurance to consumers that includes a notice that appears to be an invoice and that it must be paid, or stating that the home insurance offer could become more costly and implies a government agency is endorsing the ad. This offer violates Article 1. Honesty and Clarity of the Offer, Article 8. Disclosure of Sponsor and Intent, and Article 10. Solicitation in the Guise of an Invoice or Governmental Notification.
• A health aid claims to enable a consumer to lose pounds while they sleep without a scientific basis for making the claim. This ad violates Article 1. Honesty and Clarity of the Offer, Article 2. Accuracy and Consistency, and Article 8. Claims Regarding Results (Finances, Drugs, and Health).
• A U.S. President’s name, image, or likeness is used to sell a brain supplement, claiming he uses the supplement himself to benefit his own health and includes fake quotes the president did not actually make. This offer violates Article 1. Honesty and Clarity of the Offer, Article 5. Testimonials, Endorsements, and Customer Reviews, and Article 7. Photographs and Artwork.
• An ad selling adult toy products appears on an educational website for children. This offer violates Article 6. Offensive Materials.
• A fundraiser claims consumers’ funds will be directed toward buying meals for children when they are provided to pay salaries to the chairs of the fundraiser board. This fundraiser violates Article 9. Claims Related to Charitable Donations.
• A consumer enters their email address for a new magazine subscription offer to learn more. The subscription detail on the web page includes a prechecked box that is hidden from view unless the consumer reviews the subscription terms. By entering their email, the consumer is signed up for a recurring subscription and charged annually. This offer violates Article 1. Honesty and Clarity of the Offer, a designed “dark pattern” that forces the consumer into subscribing without their consent.

Resources

• Federal Trade Commission: Consumer Review Fairness Act
• Federal Trade Commission: Green Guides
• Federal Trade Commission: Testimonials and Endorsements
• Federal Trade Commission: Health Claims
• Negative Option Rules
• Restore Online Shoppers’ Confidence Rule
• ACH RULES (Banks and Account Information)
• ANA Center for Brand Purpose
  • Social Purpose Assessment Tool
  • Six Principles for Avoiding Purpose-Washing
• ANA Society and Sustainability Collective
• The Ad Net Zero Action Plan
• ANA Ethical Resources for Nonprofits

---

2 // ADVERTISING TO SPECIFIC AUDIENCES

PURPOSE

To foster and create inclusivity in marketing to meet the expectations and needs of audiences.

Accessibility

Article 1. Digital Inclusivity

Marketers should consider all potential customers in marketing campaigns and touchpoints: social, digital display, email, website, and others. They should support all potential customers and donors by using techniques and strategies that are both inclusive and accessible to people with varying abilities, focusing on best practices of the channels used. This may include:

• Writing content clearly and concisely that is understandable to a wide variety of consumers
• Incorporating responsive design for content to scale and display properly on multiple devices
• Using semantic code (e.g., tags like < h1> and < p> ) to help assistive technologies differentiate between content sections
• Using short, descriptive, and relevant alt text to describe images and visual content for screen readers to accurately describe content and enhance the reading experience
• Providing accessibility tools in videos: descriptive audio, closed captioning, and transcripts. Audio effects and background music should be chosen carefully, as they may muddle video content by assistive technologies.
• Choosing a readable font and layout: Consider font size, placement, and design, and avoid using excessive flashing and strobe animations.
• Choosing colors with appropriate color contrast: Consider using colors that support all users (one in 12 men and one in 200 women are color-blind).
• Incorporating different ways for users to access and interact with forms and preferences

Article 2. Authentic Portrayals

When presenting the story of a person with a disability, be aware of the models of disability and how they can affect one’s understanding of the disabled experience. Use first-person narrative as much as possible and allow the person to speak for themselves. If applicable and possible, include a person with a disability in the development and/or content of your advertising and marketing.

Marketing to Children

Marketers should employ all aspects of this Ethics Code when marketing to children (Marketing Claims of the Offer/Product/Service, Endorsements and Testimonials, Regulated Products, Diversity and Inclusion, Data Privacy, Security, and Stewardship, Innovations, etc.).

Special considerations should be made when marketing to children: Consider the age range, knowledge, sophistication, and maturity of the intended audience, and stages of development.

Generally, if disclosures are necessary, they should be clear and conspicuous for the intended recipient. Special attention should be paid, and care should be taken, when conveying the product or service’s attributes, abilities, and performance so the intended target age is reasonably likely to understand.

Article 1. Parental Notification and Choice

When personal data is collected from a website or online service directed to children, as defined in the Children’s Online Privacy Protection Act (“COPPA”), and/or when the collector has actual knowledge that they are collecting data from children, the collector should provide parents and guardians with:

• Appropriate notice and choice to consent to the collection of data from a child. Such data should not knowingly be disclosed or distributed to third parties:
  • Unless the disclosure is subject to a COPPA exception, in which case that should be made clear to the parent or guardian
  • Without verifiable prior parental or guardian consent, if such disclosure would permit any contact with that child

Upon request from a parent or guardian, marketers should promptly provide the source or categories of sources and the general nature of information maintained about a child and allow for removal or correction.

Article 2. Collection and Use of Data from Children

When personal data is intended to be collected from children and/or when the collector has actual knowledge that they are collecting data from children, marketers should:

• Limit the collection, use, and dissemination of “personal information, ” as defined in COPPA, to only data that is required for the promotion, sale, and delivery of goods and services; the provision of customer services; conducting market research; and engaging in other appropriate marketing activities.
• Be transparent when the data is being requested for marketing purposes.
• Implement appropriate security measures to help prevent unauthorized access, alteration, or dissemination of the data collected from or about children.
• Retain personally identifiable information only as long as is reasonably necessary, and delete personally identifiable information using reasonable measures.

Article 3. Websites and Marketing to Children

Operators of websites and online services should:

• When directing content to, marketing to, or communicating with children under 13 years of age, carefully review and obey all applicable federal and state laws (i.e., COPPA and relevant state laws).
• Consider that when directing a website to a certain age group, they can expect that the visitors to that site are in that age range.

Special considerations:

• Websites devoted to products that are subject to age restrictions due to applicable federal or state laws (such as alcoholic beverages, gambling, and tobacco products) should undertake appropriate measures, such as age screens (an online method to determine the age of a visitor), to restrict access to such websites by those who do not meet age restrictions. Age screens can include asking visitors to enter their birthdate in an open data field that is not automatically set to a date that would permit access to the site, or they can be other, more complex verification processes.
• Websites with child-directed features for different age groups and different legal requirements should consider following more restrictive notice and consent requirements:
  • Provide a privacy notice with a clear and concise description of their data policies and practices. This notice should be easy to read on smaller screens (e.g., mobile devices) for parents or guardians and allow them to provide verifiable consent before collecting personal information from a child.
  • Ensure that a child’ s access to its website or mobile content is not contingent on the collection of “ personal information, ” as defined in COPPA.
  • Take reasonable steps to prevent the online publication or posting of children’ s data.

Article 4. Special Online Considerations for Marketing to Children

The following considerations should be followed by marketers and advertisers when advertising to children online:

• Online Games: May be developed and marketed for children as a source of entertainment and education. When marketing a digital game to children, marketers should follow the gaming software industry standards regarding the need to provide parents and guardians guidance on the game content and display appropriate warning labels indicating the age appropriateness of the game.
• Metaverse and VR Tools: Marketers should not engage in unfair, deceptive, or manipulative tactics to induce children to view or interact with advertising or make in-game purchases. Marketers should make reasonable efforts to avoid blurring advertising and non-advertising content.
• Influencers or Endorsers: Should clearly and conspicuously disclose any material advertiser connection, which may include financial payment for services rendered, employment, or other benefits or conditions of the relationship. The endorser’s or influencer’s comments or testimonials should reflect their actual experiences and beliefs and not imply untrue attributes, benefits, conditions, or results of the product or service.

For additional, special considerations to consider when marketing to children online, review the BBB National Programs' Children’s Advertising Review Unit (CARU) for additional guidance. Companies should also work with a COPPA Safe Harbor provider which will help ensure compliance with COPPA and the accompanying FTC COPPA Rule. The first and longest-running FTC-approved COPPA Safe Harbor program is CARU.

Marketing to Older Consumers

Marketers should seek to avoid perpetuating ageism (prejudice or discrimination based on a person’s age) in creative work, marketing communications, and advertising campaigns. Marketing and advertising directed toward older adults should represent this population accurately and without bias, recognizing this audience as learned, multidimensional, and intergenerationally connected.

Marketers, including leadership, account, and creative teams, should make reasonable efforts to access current research and deploy integrated, multigenerational teams to ensure accurate and realistic portrayals of aging versus perpetuating ageist beliefs that ignore, insult, or negatively characterize older adults.

These accurate portrayals should be deployed in all channels of marketing communications and can include:

• Imagery that captures older people in a variety of real-world settings
• Language that represents and celebrates older adults as experienced and mature
• Avoidance of stereotypical depictions of older adults as weak, feeble, and vulnerable when older adults continue to make a meaningful difference and may still work, use technology, and/or regularly connect with people of all ages

Consider audiences with a range of abilities in all marketing campaigns and touchpoints (social, digital display, email, direct mail, website). Marketers and advertisers should support older audiences with legible text (e.g., font size and contrast) as well as clear, understandable information in copy, Terms and Conditions, and other information. Marketers should never intentionally sell a product or service targeting older adults using fraudulent, confusing, or coercive language that misrepresents offers, information, or calls to action (See the Ethics Code Section on Marketing Claims for additional guidance).

Examples of Best Practices for Ethical Marketing

Commercials featuring people with disabilities should ensure that the disability is being accurately represented in their marketing content. Companies can consult with nonprofits that support people with disabilities, as well as work with agencies that represent actors and models with disabilities. (Best Practices for Portraying People with Disabilities in Advertising | ANA)

Brands should be proactive and alert consumers to scams and fraud in their name and on their platform. For example, review Amazon’s Consumer Alert on Impersonation Fraud. Amazon posts important tips and guidance on how to spot and report potential scams on its website and shares this information proactively by emailing its customers.

Brands that offer products or services that are geared towards children should develop a privacy notice that can easily be understood by children. For instance, LEGO posts a privacy notice titled “Information for Kids: Child-Friendly Privacy Information.” It offers its information practices in clear, child-friendly language.

Resources

Accessibility

• ANA RESOURCES

  • Achieving Accessibility in Email Marketing: For Marketers and Designers
  • LEGOLAND Resorts’ Commitment to Neurodiversity and Accessibility
  • Everything Advertisers Need to Know About Digital Accessi- bility and the Law
  • Integrating Accessibility into Marketing and Tech
  • Accessibility Issues for Nonprofit Organizations in the Digital Age
  • Four Ways to Make Your Social Media Campaigns More Accessible
  • The Golden Benefits of Disability Inclusion and Accessibility
  • Reaching People with Disabilities Authentically
• W3C: WCAG 2 Web Content Accessibility Guidelines
• Accessibility | McDonald’s USA (mcdonalds.com)
• Disability in Advertising: Is Representation Finally Improving? | Just Copy
• Coalition for Better Ads
• Touch Card | Mastercard
• Diversity by Design: Embedding Inclusivity in Products and Solutions | Lenovo StoryHub

Children

• ANA RESOURCES

  • Marketing to and Protecting Children | ANA Ethics Issue Alerts
  • Marketing to Children and Ethical Considerations for Brands and Organizations
  • Welcome to Hollywood, Kids! Navigating Children’ s Advertising and Privacy on TikTok, YouTube, and the Metaverse

• BBB National Programs Self-Regulatory Guidelines

  • Children’ s Advertising Review Unit (CARU) (bbbprograms.org)
  • CARU Metaverse Guardrails_2023_Digital_Report
  • COPPA Safe Harbor Services (bbbprograms.org)
• Children’s Privacy | Federal Trade Commission
  • Children’ s Online Privacy Protection Rule (“ COPPA” )
  • Complying with COPPA: Frequently Asked Questions
  • Protecting Kids from Stealth Advertising in Digital Media
• Family Online Safety Institute (fosi.org)
• The Future of Privacy Forum (fpf.org)
• ICC Marketing Code
• ESRB Ratings | Entertainment Software Ratings Board
• Kids’ and Teens’ Online Privacy and Safety: 8 Compliance Considerations (iapp.org)

Older Adults

• Ageism Is Alive and Well in Advertising | AARP
• Age: The Missing Part of DEI and the Most Misrepresented Segment of Advertising: 10 Things Marketers Can Do About It |Advertising Week
• Is Your Brand’s Advertising and Marketing Depicting People Age 50+ as They’ re Really Living? | LinkedIn
• The Disrupt Aging Collection | Getty Images and AARP
• Ageism Affects All Generations | LinkedIn
• The Longevity Economy Outlook | AARP
• Is Your Brand Missing Out on the 50+ Market? | AARP
• A New Perspective on Older Consumers | ANA
• Fighting Fraud Against Older Adults | Consumer Advice (ftc.gov)

---

3 // DIVERSITY AND INCLUSION MARKETING PRINCIPLES

PURPOSE

To build awareness and drive engagement for the advancement of diversity, equity, inclusion, and belonging in the marketing and advertising industry.

Article 1. Accurate Portrayals

Entities should seek to present accurate portrayals of individuals in advertising, content, and media:

1. Content in marketing and advertising communications, regardless of marketing channel, should accurately and respectfully portray individuals regardless of gender, race, ethnicity, sexual orientation, gender identity, ability, religion, socioeconomic status, body type, or age. All reasonable measures should be taken to avoid perpetuating harmful stereotypes.
2. Casting decisions and creating and using content (imagery and terminology) in marketing communications and campaigns should accurately represent the brand and its products and services and resonate with the intended target audience.

Article 2. Preventing Stereotypes and Discriminatory Portrayals and Practices

Entities should take appropriate steps to address bias, stereotypes, and denigrating content, and support equality and inclusion in marketing communications and campaigns.

1. Review and implement internal training protocols for marketing staff.
1. To ensure inclusive marketing, provide proper training to instruct staff on how to identify and prevent different types of harassment, potential microaggressions (unconscious actions that communicate derogatory or negative attitudes toward stigmatized or culturally marginalized groups), and bias. Routine training should be employed.
2. Seek to achieve alignment and support at all levels.
1. All appropriate stakeholders should be involved in developing and implementing diversity and inclusion policies and procedures for internal and external purposes and communications.
2. Marketing and human resource teams should collaborate and align on messaging to ensure uniformity.
3. Communicate the company’s vision and mission.
1. Transparency and authenticity are important. Communicating a company’ s vision and mission aids in transparency, accountability, and disclosure. It helps to notify existing and potential employees, customers, and clients about the company’ s principles and the steps and actions it is taking.
4. If using AI in marketing and advertising, work to mitigate potential bias in algorithms (to minimize algorithmic decisions that could create unfair outcomes that could advantage certain groups over others).
1. Provide algorithmic transparency and accountability. Use tools and techniques like algorithmic impact assessments, data audits, and/or other quantitative techniques to test for bias by evaluating the automated decision systems and their impact on fairness, justice, and bias. (See Digital Innovations Section for AI guidance.)
2. Consider developing a steering committee or other governing body to establish bias thresholds for models and AI applications.
5. Mitigate potential bias when planning and/or conducting research.
1. Invest in research to understand and respect the unique needs, attitudes, and behavior of your audience(s).
2. Recruit from a variety of diverse sources (apps, media, social channels, websites/online forms, loyalty programs, partnering, etc.) when selecting a panel or survey to include people of varying backgrounds, experiences, and demographics.
3. If permissible or required under relevant law, include questions about gender, race, ethnicity, sexual orientation, income, ability, or education to uncover insights about the diverse needs and experiences of those surveyed.
4. Create online and mobile-friendly surveys to broaden your ability to reach different demographics.
5. Safeguard against fraud through gatekeeping at registration. Use pre-survey advanced quality approaches and in-survey checks.
6. Implement strategies when engaging in online advertising and social media campaigns.
1. Review appropriate industry resources and tools (see Resource section below) for guidance on how marketers can help to reduce online hate.
2. Review your online advertising placement to ensure that it is adjacent to content that aligns with your brand.
3. If you encounter hate, harassment, or objectionable content or imagery online, promptly report it on the platform where it occurred.

Article 3. Diverse and Inclusive Talent Development

Marketers should review these strategies to enhance representation and incorporate diversity and inclusion in their existing marketing talent pool as well as to attract a new generation of marketers.

1. Build the talent pipeline.
1. Connect business and academia to address gaps in academic marketing curriculum to inspire and attract diverse students to a marketing career.
2. Recruit from diverse schools.
3. Create cooperative (co-op) programs that seek to provide opportunities for individuals from different backgrounds, including those defined by race, ethnicity, low income, rural areas, and sexual orientation.
4. Provide internship opportunities for diverse populations.
2. Develop and retain internal diverse talent.
1. Develop a framework for acquiring, advancing, and retaining diverse talent within the organization.
3. Engage in strategies to attract diverse candidates.
1. Consider using third-party resources to broaden the company’ s reach (i.e., hiring consultants or specialized recruiting services).
2. Consider hiring individuals based on merit, experience, and potential with or without a college degree.
3. Consider hiring from outside the company’ s industry to bring in new ideas and experiences.
4. Field a diverse slate of interviewers for job seekers.

Article 4. Supply Chain Factors and Diversity

Marketers and advertisers should consider developing a supplier diversity strategy a proactive business program to encourage the use of suppliers owned by women, minorities, veterans, LGBTQ+ people, and people with disabilities, and/or which are small businesses.

Suggested strategies:

1. Establishing goals within the organization to proactively support using diverse suppliers and audits to identify diversity gaps and track results.
2. Working with like-minded third parties that employ a supplier diversity strategy.
3. Participating in the annual ANA Diversity Scorecard.

Examples

Cautionary Example: An Asian MIT Grad Asked AI for Professional Headshot, Turned Her White (businessinsider.com)

Resources

• ANA RESOURCES

  • ANA DEIB Resource Center: Essential diversity, equity, inclusion, and belonging resources to help drive inclusive growth.
  • Global CMO Growth Council’ s Talent and Marketing Organization Working Team: Achieve true diversity and inclusion throughout marketing’ s talent pool. Develop new talent and organizational workflows to drive peak performance across the existing marketing talent pool as well as attract a new generation of marketers.
    • 2023 Marketing Capabilities Framework
    • Recruiting Diverse Candidates
    • Strengthening Black Entry-Level Talent Representation Across the Marketing and Advertising
    • Ecosystem | CMO Content
  • Global CMO Growth Council’ s Society and Sustainability Working Team: Use our collective reach and voice in advertising and media to eliminate bias, promote equality and inclusion, eliminate denigrating content, and build a more sustainable environment.
  • AIMM | ANA: The Alliance for Inclusive and Multicultural Marketing is an industry-wide alliance representing the entire marketing ecosystem advertisers, media, research companies, trade organizations, and agencies across Hispanic, African American, Asian American, LGBTQ+, Indigenous, and non-multicultural segments. Through a collective member approach, AIMM provides proprietary industry measurement tools and innovative solutions to drive engagement and investment for the advancement of equity, inclusion, social, and systematic changes across the ecosystem.
    • Commitment to Equality, Inclusion, and Systemic Chang (anaaimm.net)
    • AIMM Diversity Report: Compendium of Historical Member Case Studies
    • Marketing to Asian Americans | ANA
    • AIMM: Understanding the Hispanic and Latin People, History, and Culture
    • Findings from the ANA/AIMM’ s LGBTQ+ Inclusivity Perceptions Study
    • How AIMM Is Helping Foster Inclusivity in Front of and Behind the Camera
    • How Brands Bolster Their DEI Efforts amid Growing Turbulence (Featuring AIMM Co-Founder Gilbert Dvila)
    • How Brands Can Authentically Engage Hispanic Consumers (Featuring AIMM Co-Founder Lisette Arsuaga)
  • AEF | ANA: The ANA Educational Foundation
  • Engage Responsibly: Education initiative to reduce online hate
    • 2023 Engage Responsibly Brand Activation Kit
    • Brand Safety/Online Hate Quick Win Package
  • SeeHer | ANA: Committed to increasing the representation and accurate portrayal of all women and girls to achieve gender equality and drive business growth in the global marketing and media ecosystem, now and for generations to come.
    • Insights and Tools
    • GEM^® (Gender Equality Measurement)
    • ANA SeeHer Global Perceptions of Progress in Gender Equality
  • GARM: Global Alliance for Responsible Media: Cross-industry initiative established by the World Federation of Advertisers to address the challenge of harmful content on digital media platforms and its monetization via advertising.
  • Supplier Diversity:
    • Supplier Diversity Resources | ANA
      Supplier Diversity
  • ANA Marketing Knowledge Center:
    • How Employee Resource Groups (ERGs) Help with Inclusion and Diversity
    • DEI Internally
    • DEI in Marketing
    • Hispanic Marketing and Language Preference
    • Marketing to African Americans
    • Marketing to Asian Americans
    • Marketing to Hispanics
    • Marketing to Indigenous Peoples/Native Americans
    • Marketing to the LGBTQ+ Community
    • Marketing to Men
    • Marketing to Millennials
    • Marketing to Moms
    • Marketing to Women
    • Marketing to Veterans

• INDUSTRY RESOURCES

  • Algorithmic Bias Explained: How Automated Decision-Making Becomes Automated Discrimination | The Greenlining Institute
  • What Is the Paper Ceiling?
  • Take the Guesswork Out of Inclusive Marketing | SeeMe Index
  • How to Incorporate the Rooney Rule into Your Recruiting Efforts | Untapped

• BRAND EXAMPLES

  • Diversity and Inclusion at L’ Oral USA
  • PF Purpose | Planet Fitness
  • Diversity and Inclusion | Careers | Oracle
  • Equality and Inclusion | Procter and Gamble

---

4 // DATA PRIVACY, SECURITY, AND STEWARDSHIP

PURPOSE

Marketers should strive to be transparent, accurate, responsible, and responsive stewards regarding data privacy and security. This will build consumer trust in the marketing process and enable marketing growth. This section is intended to offer baseline guidance on privacy principles to fulfill these goals.

Article 1. Point of Contact for Marketing Communications

Consumers should be provided with an easy-to-locate point of contact for their marketing questions and consumer preferences. Therefore, entities should provide a clear, accessible privacy policy that includes easy access for consumers to update their marketing communication preferences. For example, offering a valid point of contact including the marketer’s name, an internet-based contact mechanism or email, and a street address should be provided. This point of contact is where consumers may obtain the entity’s information regarding the collection, use, and transfer of consumer data, and to express consumer choice about marketing communications.

Article 2. Privacy Policy

Placement: The privacy policy should be available in a prominent place on the website’s or application’s home page or in a place that is easily accessible from the home page or its functional equivalent. Optimal placement for the privacy policy link is in the homepage footer and every footer on every page of the website.

Clarity: The privacy policy should be easy to find, read, and understand. Consumers should be able to comprehend the scope of the notice and how they can exercise choice regarding the use of personal information or personal data. States offer different definitions of personal information/data; entities should refer to applicable state laws for exact legal definitions and compliance. In general, Personal Information (PI) as set forth in these Guidelines is meant to refer to information that is collected or inferred and that is linked or can reasonably be linked to a particular individual, device, or household. (This definition is not meant to replace, supersede, or be utilized as the only definition of PI, since this may change over time and by state law.)

Timing: Access to the applicable privacy policy should be publicly available. Depending on the collection and use of PI, the policy should provide sufficiently robust notice. Entities that collect PI should review the privacy policy and update as needed at least annually, and more frequently in the event of material changes. Material changes that affect previously collected data may require notice and consent under applicable laws and regulations.

Content: The privacy policy should include the following content:

1. Scope
1. The scope of data practices covered by the notice.
2. Data Collection
1. The type and categories of the data collected, including sensitive data.
2. Whether third parties may collect PI across different websites, applications, or the functional equivalent when a consumer uses the entity’ s service (See Digital Advertising Alliance [DAA] Cross-Device Guidance).
3. Whether or not data is collected, stored, and retained.
3. Data Use
1. The categories of uses the entity makes of such data.
4. Data Source
1. Upon reasonable request by a consumer, an entity should disclose the nature and types of sources from which it obtained PI about that consumer.
2. If data was provided by a third party, the entity should engage in reasonable efforts to ensure that proper notice and choice was provided by the third party to the consumer regarding its collection, use, sharing, and (if applicable) rental or sale of such data.
5. Data Sharing:
1. Categories of any entities with or to which the business shares, exchanges, rents, licenses, or sells data.
2. Whether PI is collected by, used by, or shared with service providers.
3. That they may be required to disclose PI in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
6. Connected Devices
1. Whether the entity collects PI for marketing purposes via a connected device.
7. Choice
1. Access, Correction, Deletion, Opt-Out, and Appeals Rights: If applicable, the entity should describe the process it provides to consumers to access, correct, delete, and/or opt out the data the entity maintains about the consumers, and the right to appeal.
2. MarketingPreferenceManagement:The means by which consumers can exercise choice directly with the entity with regards to sales, targeted advertising, profiling, and sharing in compliance with applicable state laws, and if provided, not to have data shared and/or accessed by third parties.
8. Accountability
1. The policies, procedures, and compliance mechanisms used to ensure adherence to these standards.
9. Security
1. The physical, electronic, and administrative safeguards and practices used to protect PI collected.
10. Special Categories for Online Advertising:
1. Interest-Based Advertising (IBAs): If data is collected for IBA purposes on the entity’ s website (even if it serves as a third party for others), it should provide an enhanced link/footer that links visitors directly to the notice, opt-out, and adherence to IBA principles and choice (YourAdChoices.com | DAA Self-Regulatory Principles).
1. If there are third parties that are collecting data on the entity’ s website for IBA purposes, then the entity should disclose this to consumers and notify them on how to opt-out OR should prevent such third parties from collecting IBA data on its website.
2. The following purposes are not considered IBA and do not require enhanced notice:
   1. Conversion tracking
   2. Analytics
   3. Research
   4. Processes used exclusively for internal site observation, whose data is not shared across browsers or with others
2. Online Political Advertising: Advertisers paying for the promotion of an online political or express advocacy message are responsible for providing enhanced notice in or around that political advertisement, which links to a notice disclosing certain information about the political advertiser where you can research registered political advertisers associated with an online political ad (DAA Self-Regulatory Principles for Political Advertising).
3. Sensitive Data: Marketers should provide notice of any collection, use, and/or sharing of special categories of personal data as defined by applicable laws. For example, sensitive data may reveal or identify one’ s racial or ethnic origin, political opinion/affiliation, citizenship or immigration status, religious or philosophical beliefs, trade union membership, genetic data, biometric data, mental or physical health condition or diagnosis, other health data, sexual orientation, status as a victim of a crime, sexual activity or sex life, status as transgender or binary, personal data collected from a known child, financial information, geolocation, account logins, access codes, full date of birth, Social Security number, driver’ s license information, credit and debit card numbers, and bank account numbers. These types of data are subject to specific processing conditions and should receive higher protection than other PI.

• Material Changes
• Prior to making a materially different use of data collected from a consumer, entities should obtain consent to such a new marketing use from the consumer.
• Effective Date
• The effective date of the privacy policy.

Entities should provide consumers channel appropriate notice and options for how to contact the entity to express their marketing choices:

• Direct Mail: Provide the entity’s website, email, telephone number, and/or valid physical postal address. The entity should subscribe to leading industry data hygiene tools like DMAchoice.
• Digital Advertising, Websites or Apps: Subscribe to the Digital Advertising Alliance (DAA) Interest-Based Advertising (IBA) optout program, and adhere to its principles regarding transparency, notice, and choice. Display the DAA icon that links to appropriate notice and choice regarding such opt-out.
  • Combination of Consumer Data and Digital Identifiers
    • An entity that combines consumer data with digital identifiers for marketing on non-affiliated digital properties should provide consumers with choice with respect to such practice by that entity.
  • Connected Devices
    • An entity that collects data via a connected device should provide consumers with a choice with respect to the transfer of such data to non-affiliated third parties for marketing.
• Email: Provide a valid unsubscribe mechanism and include a valid physical postal address in each promotional email; honor opt-out requests within 10 business days of receiving the unsubscribe request; and follow all applicable federal, state, and global laws and regulations.
• Website: Provide in the entity’s privacy policy and/or other prominent place on its website that is easy for the consumer to find, read, understand, and act upon: a valid email, online form, telephone number, and/or valid physical postal address.
• Calls: Subscribe to the National Do Not Call registry and honor consumers’ direct Do Not Call requests.
  • Short Message Service or SMS entities that send Push Notifications, In-App Messaging, Meta, WhatsApp, Two-Way Chat, or texts should provide appropriate notice and a valid choice method to honor the consumers’ marketing preferences. When texting, entities should:
    • Obtain prior express written consent from the consumer.
    • Provide a clear and conspicuous disclosure that the entity will be sending texts.
    • Provide entity’ s (sender’ s) identity and opt-out instructions in every text that is sent.
    • Provide a way for consumers to reply directly to text messages to opt out.

Article 3. Accountability

An entity should have a meaningful, timely, and effective procedure through which it can demonstrate its adherence to its stated data practices. Such a procedure should follow applicable state law(s) and may include self or third-party verification and monitoring such as:

• A designated internal person or group with authority and budget to verify and monitor compliance
• An independent auditor
• Public assertion of compliance
• A third-party privacy seal program
• A licensing program
• Membership in a trade, professional, or other association with a self-regulatory program, such as the ANA

Additionally, an entity may elect to provide complaint resolution, internal education, and external outreach. Such education and outreach can be accomplished by:

• Mechanisms to put privacy policies into effect, including tools, training, and education
• Systems for internal education, training, and ongoing oversight and assurance reviews
• Transparency and mechanisms for individual participation
• Means for remediation of consumer complaints

Article 4. Consumer Choice in General

Entities should provide appropriate notice and choice regarding their data collection, use, and sharing practices, and have processes in place to handle consumers’ marketing choices, including:

• Maintaining and appropriately deploying in-house marketing suppression files (i.e., Do Not Contact, Do Not Share, and/or Do Not Sell)
• Respecting a consumer’s choice regarding the transfer of PI to non-affiliated third parties for marketing purposes and providing notices to users before sharing their data
• Honoring a consumer’s choice regarding use of, access to, or sharing of PI made in accordance with the entity’s stated policy. If the entity has promised to honor the consumer’s choice for a specific time period, and if that time period subsequently expires, then the entity should provide that consumer with a new notice and opportunity for choice.

Timing: All opt-out requests should be addressed as effectively and efficiently as possible with promptness and to meet the consumers’ reasonable expectations and applicable laws.

Article 5. Channel-Appropriate Notice and Consent

Marketers should offer consumers a clear and conspicuous point of contact or method to reach the company with their marketing choices/ consent in any marketing channel used.

The following steps should be taken into consideration when offering consumer choice and to avoid so called “dark patterns” or deceptive marketing practices:

• Font size, colors, and copy should be easy for the ordinary person to recognize, read and understand.
• Steps for opting out should be as easy as signing up for the marketing offers.
• The opt-out method provided is accessible and valid. (Consumers should not be directed to an online contact form that serves as a lead generation tool.)
• The number of data points requested should be minimized to effectuate the opt-out process.

Article 6. Industry Choice Mechanisms

Marketers and the third parties that serve them should use appropriate and respected industry choice tools for data hygiene purposes and to honor consumers’ marketing preferences. These include:

• ANA’s Data Hygiene Tools:
• DMAchoice: Comprised of records related to deceased individuals, individuals who need extra assistance with their mail as submitted by caretakers, and individuals who seek to be opted out of mail due to concerns with its environmental impact or another valid reason.
• Pennsylvania and Wyoming State Do Not Call Lists
• Email Opt-out List
• Digital Advertising Alliance’s Interest-Based Advertising opt-out tools to provide consumers notice and choice regarding use of interest-based ads served on websites, mobile devices, or mobile apps.

Article 7. Consumer Data Requests to Access, Correct, and/or Delete

Consumers may be contacting marketers to fulfill a range of data requests which can include the ability to access, correct, or delete data maintained about them. Entities should follow applicable state data privacy requirements. Entities should fulfill such consumer requests to the extent data is not exempted by applicable laws.

• Access: Upon request by a consumer, the entity should follow applicable state laws, which may include disclosing:
  • What categories of personal information have been collected, used, shared, or sold
  • Purposes for which the entity used such personal information
  • The categories or specific identities of third parties to or with which the entity receives, sells, discloses, or shares the personal information, if required
• Deletion: Upon request by a consumer, an entity should follow applicable state laws, including any exemptions, to fulfill consumer data deletion requests.
• Correction: Upon request by a consumer, an entity should follow applicable state laws to correct or delete inaccurate information it has about the consumer.

Article 8. Responsible Data Usage and Stewardship

Entities have an ethical responsibility to treat consumer data in a fair and appropriate manner depending on the need.

Entities that license, share, rent, or sell PI to third parties (“Data Providers, ” such as data owners, brokers, and managers), and those which receive the data (“Data Recipients”) should ascertain each of the materially different uses intended for the data prior to its rental, sale, exchange, transfer, or use.

• Data Providers and Data Recipients should establish written (or electronic) agreements to define each party’s role and responsibility with respect to the use of marketing data, including a requirement to comply with applicable laws and that establish the purpose for which Data Recipients use the data.
• Data Providers should not permit the rental, sale, exchange, or transfer of PI, nor should Data Recipients use any PI received from Data Providers, for an offer that is in violation of these guidelines.
• Data Recipients should limit their use of Data Provider PI to the uses permitted by the agreement with the Data Provider, and should ensure that the service(s) provided to the Data Recipient also comply with all data use restrictions agreed between the Data Provider and the Data Recipient.
• Mobile opt-in lists should not be rented or exchanged for the purpose of sending mobile marketing solicitations to those on the list without obtaining prior express consent from those on the list.
• Data Providers and Data Recipients should not use data for marketing where such use has been prohibited.
• Data Recipients should use marketing data only for marketing purposes.
• For sensitive marketing data (see Article 10. Sensitive Data), Data Providers should have procedures to help ensure that Data Recipients’ use of the data is fair, ethical, and appropriate, and in accordance with their stated purpose, such as review of materials to be used in the promotions, contractual requirements, limitations, and other methods, and in accordance with applicable state laws.
• If assembling third-party data for license or sale, Data Providers should make reasonable efforts to verify that the direct collector of data has provided appropriate notice and choice to consumers regarding the use of their data.
• Data Providers should not prohibit Data Recipients from divulging the Data Provider as the source of the consumer’s information, if applicable.
• Data Providers should ensure accountability measures are employed relative to use of PI shared with Data Recipients.
1. Randomly monitor, through seeding or other means, to ensure that Data Recipients use the PI in accordance with the stated purpose.
2. If a Data Provider becomes aware that a Data Recipient is using PI in a way that violates the law and/or ethical guidelines, it should contact the Data Recipient and require compliance for any continued data usage, refuse to sell or license the data, and/or refer the matter to the ANA and/or the appropriate law enforcement/regulatory agency.
• Data collected for marketing should be used only for marketing purposes. It should not be used to determine adverse terms and conditions or ineligibility for any of the following (except as permitted by law):
1. Employment, including promotion, reassignment, sanction, or retention as an employee
2. Credit
3. Housing
4. Health care, including treatment eligibility
5. Insurance, including eligibility, underwriting, and pricing for health insurance and other types of insurance coverage

Article 9. Sensitive Data

Some types of PI may be at a higher level of sensitivity to certain consumers and require special consideration under applicable U.S. state and federal laws, international laws, and general principles of ethical data use. Sensitive data may include personal data that reveals an individual’s racial or ethnic origin; political opinion/affiliation; citizenship or immigration status; religious or philosophical beliefs; trade union membership; genetic data, biometric data, mental or physical health condition or diagnosis, or other health data; sexual orientation; status as a victim of a crime; sexual activity or sex life; status as transgender or binary; personal data collected from a known minor; geolocation information; account logins; access codes; full date of birth; Social Security number; driver’s license information; credit and debit card numbers; and bank account numbers. Entities should consult applicable privacy laws to determine the full scope of relevant sensitive data/sensitive personal information.

Appropriate steps entities should take to treat and protect sensitive data:

• Evaluate their use of data types defined as sensitive under applicable law through a risk-based evaluation designed to ensure ethical use of data.
• Describe the collection, use, sale, and sharing of sensitive data in the privacy notice.
• Conduct risk-based evaluations that seek to weigh the benefits and risks of processing sensitive data, including the risks to the consumer (such as identity theft, embarrassment, or physical or psychological harm) and the benefits to various parties (such as to the individual, other individuals, the organization, or society at large) when determining whether and how to process sensitive personal data.
• Seek to find appropriate ways of mitigating the identified risks, where possible, in light of the potential benefits and goals of the processing. Mitigating factors might include:
• Data security measures
• Transparency and choice offered to individuals
• Contractual requirements among parties
• Data use limitations and associated physical, technical, and organizational controls
• Reduced data retention periods
• Appropriate review and verification standards of the marketing creative

Some of these types of sensitive data should be subject to specific processing conditions and should receive higher protection than other personal data due to a higher risk of identity theft or other significant risks to the individual. For instance, credit and debit card numbers, bank account numbers, driver’s license information, Social Security numbers, and full date of birth are considered to be types of sensitive personal data that should not be exchanged, rented, sold, allowed access to, or transferred for marketing when there is a reasonable expectation by the consumer that the data will be kept confidential.
Additionally, these types of sensitive data should not be publicly displayed on marketing promotions or otherwise made public.

Social Security Numbers

Use of Social Security numbers in connection with an extension of credit is subject to the requirements of federal laws and corresponding state laws. Use of Social Security numbers for marketing is prohibited, unless used for:

• Fraud detection
• Identity verification
• Data matching
• Data accuracy
• Data integrity

Article 10. Data Security

The protection of PI is the responsibility of all entities. Entities should assume the following responsibilities to help protect the security and integrity of PI:

• Written Policies and Procedures

  Establish written data security policies and procedures reflective of current business practices (including written policies and procedures related to personal devices and entity-provided devices, where applicable). Entities should ensure there are reasonable data security policies and practices that seek to ensure the uninterrupted security of data systems within their organizations.

  Entities should, as reasonable, within their organizations:

  • Periodically audit data retention and classification practices.
  • Employ appropriate data loss prevention technologies.
  • Employ an appropriate data minimization plan, including a data destruction and purge process.
  • Maintain an inventory of system access and credentials.
  • Segment and isolate networks based on business function to avoid compromising sensitive personal data that is used in a network.
  • Create a reasonable incident response plan, including vendor and law enforcement contacts as well as notification requirements.
  • Maintain a reasonable and ongoing employee training program.
  • Maintain a reasonable password policy, including maximum password age and minimum standards for complexity and changes.

• Data Security Training

  Provide data security training for relevant staff. Entities should create and implement reasonable staff procedures, training, and responsiveness measures to protect PI handled by relevant staff in the everyday performance of their duties.

• Personal Devices

  Train staff who use their own devices on steps designed to help prevent unauthorized access to the entity’ s data. Educate them about the inherent risks and ensure the entity has reasonable data security policies and safeguards in place for such devices.

• Monitoring

  Monitor and assess data security safeguards periodically. Entities should employ and routinely assess protective physical safeguards and technological measures, including data retention, destruction, deletion practices, and the monitoring and analysis of systems logs in support of data security.

• Contractual Safeguards

  Entities should contractually require all business partners and service providers that handle PI to ensure that their policies, procedures, and practices maintain a level of security consistent with or higher than the entity’ s applicable data security policies, including partners’ own employees and contractors accessing data through their own devices. In addition, entities should contractually require all business partners and service providers to handle data in accordance with applicable laws and regulations.

• Breach Plan

  Entities should develop and maintain a data security breach readiness plan reasonable for the size and nature of the entity, their level of data collection, and type of data collected.

• Notice

  If a data security breach occurs, immediately inform compliance or legal staff as identified in the data breach readiness plan. Entities should, in the event of a security breach, inform consumers as required by state and federal law.

• Email

  Entities should implement the appropriate email authentication protocol (SPF, DKIM, DMARC, or successor standards, as appropriate) to help reduce the risk of spoofed emails.

• Sensitive Data

  Entities collecting sensitive data must ensure appropriate data security measures are taken to protect such data. The appropriate digital certificate should be employed, meaning the Extended Validation Secure Socket Layer Certificates (“EV SSL” ), or successor standards, should be used on all relevant pages of sites requesting sensitive data.

• Data Transfers

  If PI is transferred from one entity to another for marketing as established by written agreement, the transferor should arrange the appropriate security measures to assure that unauthorized access to the data is not likely during the transfer process.

• Employee Use of Data

  Employees who have access to PI should follow industry security protocols to safeguard data. This can include but is not limited to:

  • Periodic mandatory security training
  • “ See Something, Say Something”
  • Effective physical security (including instructions to log off and shut down devices when they are not in use)
  • Use of only corporate equipment or personal devices conforming with corporate security controls
  • Open communication with the cybersecurity team
  • Agreements to use such data only in an authorized manner
  • Required multi-factor authentication
  • Rule-based access control to sensitive information
  • Established protocols for lost devices

Examples of Best Practices for Ethical Marketing

Digital/Online Advertising

• Example 1: When transferring or entering digital PI, such as customer data in the form of email addresses to a third party, the data should be protected via hashing or encryption before sharing. For example, if a customer sign-up list is being uploaded to a partner’s third-party platform for enrichment or activation, it should be done in a privacy-friendly manner (such as hashed or converted to other IDs) to protect and secure the data.
• Example 2: When collecting data for IBA (interest-based advertising) purposes on the entity’s own website (even if it serves as a third party for others), the entity should provide an enhanced link/footer that links visitors directly to the notice, opt-out, and adherence to IBA principles and choice. (Review these resources for additional tips and guidance: IBA Data Compliance Checklist | ANA and First Party On-Boarding Checklist | DAA.)

Key Tips for Marketers, Advertisers, and Third Parties (for any form of marketing) in Developing a Privacy Policy

High-level: Audit privacy practices and build a good privacy policy by answering these questions:

• How are notice and choice provided?
• Are your policies in line with your actual practices?
• Who is the data shared with, and for what purpose?
• What third-party data limitations should be in place?
• Is a clear point of contact provided prominently for consumer marketing choices?
• Review recent Federal Trade Commission’s enforcement activity to see which issues are of concern: Cases and Proceedings | Federal Trade Commission (ftc.gov)

Illustrative examples below and are not meant to endorse any specific company policy, practice, product, or service.

Examples:

Example 1: Provide a portal or tool for consumers to contact the company:

Specific Elements: Companies should provide notice and choice in a consumer-friendly way. Consider the placement, clarity, content, and timing, and cover the following elements as they pertains to the company’s business practices:

Example 2: A company should provide in its privacy policy direct and clear information
on how consumers can contact the company regarding their marketing choices. Sample copy:

How to Contact Us:
To submit a request with your marketing preferences or to contact us about our data collection or use practices, you can contact us using the methods provided below:

1. Email:
2. Online portal/contact form:
3. Mail:
4. Toll-free number:

Resources

ANA RESOURCES

• DMAchoice
• Center for Ethical Marketing | ANA
  • Join the Ethics Policy Committee | ANA
  • Join the ANA Center for Ethical Marketing LinkedIn Group
  • ANA DPF Dispute Resolution Business Services | ANA
  • Ethics and Compliance | ANA
  • Ethics Issue Alerts | Marketing Knowledge Center | ANA
  • Public Report of Non-Compliant Companies | ANA
  • Complaint/Case Handling Process | ANA
• ANA Addressability
• ANA Programmatic Media Supply Chain Transparency Study
• ANA Programmatic Benchmark Survey
• Media Transparency: Prescriptions, Principles, and Processes for Marketers Overview | ANA

INDUSTRY RESOURCES

• Digital Advertising Alliance (DAA) Self-Regulatory Principles
  • Self-Regulatory Principles for Political Advertising
  • Network Advertising Initiative (NAI)
• Seven Elements of an Effective Compliance Program: Institutional Compliance, Equity, and Title IX Initiatives | The University of Texas at Dallas (utdallas.edu)
• A Brief Introduction to Fair Information Practices | World Privacy Forum
• Privacy for America
• Code of Advertising | Better Business Bureau (bbb.org)
• Personally Identifiable Information (iapp.org)

GOVERNMENT, STATE AND REGULATORY RESOURCES

• National Do Not Call Registry
• California Consumer Privacy Act (CCPA) | State of California Department of Justice Office of the Attorney General
• General Data Protection Regulation (GDPR) Compliance Guidelines
• Data Privacy Framework Program (dataprivacyframework.gov)
• Privacy and Security | Federal Trade Commission (Children’s, Health, Consumer, Credit Reporting, Data Security, Gramm-Leach-Bliley Act, etc.)
  • Cases and Proceedings | Federal Trade Commission (ftc.gov)
  • FTC Amends Safeguards Rule to Require Non-Banking Financial Institutions to Report Data
  • Security Breaches | Federal Trade Commission
• Family Educational Rights and Privacy Act (FERPA)
• Consumer Financial Protection Bureau (consumerfinance.gov)
• Federal Communications Commission (fcc.gov)
• Summary of the HIPAA Security Rule | Guidance Portal (hhs.gov)
• Privacy and Security Information | Guidance Portal (hhs.gov)

---

5 // REGULATED PRODUCTS AND SERVICES

PURPOSE

This section provides guidelines for marketing and advertising products and services that are regulated, including, but not limited to, alcohol, cannabis, tobacco, non-prescription and prescription drugs, adult-oriented material, and sweepstakes. Please note that these guidelines apply to any marketer (not just those in the regulated industry) that markets a regulated product as set forth below.

Article 1. General Principles

1. Marketers should review the legal and regulatory requirements and ethical considerations for regulated products and services prior to a campaign.
2. Marketers should ensure ads are directed for the legal age for the product or service by law. This includes a consideration of limiting exposure of regulated product advertising for example, around certain venues such as schools and places of worship.
3. Websites that target adults or adults of the legal age for the product or service by law should include appropriate measures to prevent underage views and participation.
4. Where applicable, marketers should encourage the practice of moderation.
5. Marketers should focus on their target audience when developing campaigns and marketing for regulated products and should also ensure they provide examples of responsible practices.
1. Stakeholder review should be used to ensure each interest is considered with the degree of importance to the campaign or marketing practice:

1. Portrayals in Advertising
1. Marketers should ensure model/actor portrayals are accurate and responsible. Ads should not feature underage models, actors, and/or social media influencers using adult products.
2. Marketers should not portray any illegal activity or an activity that would require a high degree of alertness with a regulated product. For example, advertising should not depict an individual driving a vehicle after using alcohol, sleep-inducing medication, or cannabis in an advertising promotion.
2. Marketers should provide appropriate information and legal disclosures about the potential harms of the product or service to inform the adult audiences so that they can make appropriate choices for their health and well-being.

Article 2. Specific Products and Services

• Alcohol

  Alcohol beverage advertising must include mandatory disclosures depending on the type of product. For example, entities should disclose the name and address of the responsible advertiser and the alcohol content (percent alcohol by volume) of distilled spirits as required by law.

  Marketers should not make false or misleading claims about the health benefits of the alcohol product, or make false misleading claims about the identity, origin, or other characteristic of the product.

  Advertising and marketing materials for the alcohol variant of any non-alcohol product, including but not limited to packaging, should be readily distinguishable from the advertising and marketing materials of the non-alcohol product so as not to confuse consumers about the alcohol nature of the alcohol variant. Advertising and marketing materials, including but not limited to displays, signage, and sampling, should not feature both the non-alcohol product and the alcohol variant.

  Labels should follow required disclosures regarding health and safety risks as mandated by law.

• Adult-Oriented

  Adult-oriented materials should never be directed at children and must follow age restrictions regardless of media channel.

  Ratings regarding ages for such material should be provided as set forth in industry standards and regulations.

  Such materials should not be shown again if an individual seeks to prevent their digital display or seeks to opt out of the materials they have received due to the potentially offensive nature of such material.

  Note: Federal law prohibits the possession with intent to sell or distribute obscenity; to send, ship, or receive obscenity; to import obscenity; and to transport obscenity across state borders for purposes of distribution. Although the law does not criminalize the private possession of obscene matter, the act of receiving such matter could violate the statutes prohibiting the use of the U.S. Mails, common carriers, or interactive computer services for the purpose of transportation. (See 18 U.S.C. 1460; 18 U.S.C. 1461; 18 U.S.C. 1462; 18 U.S.C. 1463.
  See DOJ link below for additional information.)

  Obscenity is defined as when the average person, applying contemporary community standards, would find the work appeals on the whole to prurient interests; describes sexual conduct in a patently offensive way; and lacks any serious literary, artistic, political, or scientific value. (Miller v. California, 413 U.S. 15 [1973])

• Cannabis and Related Products

  This product has specific terminology (cannabis, hemp, marijuana, etc.) and appropriate uses as defined by legal requirements. Ads and creative content should portray uses with accuracy and dignity and avoid portrayals that disparage groups or uses such as for medicinal purposes.

  • Marketers should ensure they are working with legal operators of these products and services that are licensed and competent, and within legal bounds.
  • Ads and creative for cannabis should strive to be inclusive and diverse.
  • Packaging of cannabis products should not be created to seem as if the product is akin to non-cannabis products such as candy or baked goods without following appropriate labeling requirements, and to avoid potentially deceiving consumers.
  • Marketers should review state and local cannabis and related regulations ahead of their campaigns.
  • Marketers should not market these products and related services to individuals under the legal age as defined by state laws.

• Financial Products

  Emerging financial technologies that run on blockchains provide opportunities for consumers to invest and build their savings and provide new digital payment options.

  Cryptocurrency is a digital currency, powered by blockchain technology, that is used as an alternative payment method or investment. Cryptographic techniques enable their purchase, sale, and/or trade without the need for a controlling authority.

  Non-fungible tokens (“NFTs” ) are blockchain-based tokens (like collectible virtual characters CryptoPunks) that each represent a unique asset like a piece of art or digital content. An NFT can be thought of as an irrevocable digital certificate of ownership and authenticity for a given asset, whether digital or physical. NFTs may be sold to buyers as an asset that may gain or lose value. The market relies heavily on social proof.

  • Cryptocurrencies like Bitcoin should be marketed with truthfulness and transparency regarding these products and related services, and all applicable terms and conditions for consumers must be made available to them prior to purchase.
  • Marketers should not make claims or offers regarding cryptocurrency, NFTs, or other similar assets that could be deceptive or misleading.
  • Claims made regarding these financial products’ value should be substantiated to ensure the product or service delivers the expected results for the consumer.
  • Marketers should not acquire or share any sensitive financial information without advance affirmative individual consent.
  • These products and services should not be marketed to minors under the age of 18.

• Health Products

  • Article 1. Nonprescription Medicine

    The advertising of nonprescription, over-the-counter (OTC) medicines helps to inform consumers regarding these potentially beneficial products. Such ads must be truthful and not misleading, and should meet the standards reflecting the nature of the product advertised.

    • The package, label, and accompanying literature of a nonprescription medicine should comply with the pertinent provisions of the federal Food, Drug and Cosmetic Act, and advertising of a nonprescription medicine should comply with the pertinent provisions of the Federal Trade Commission Act.
    • Advertising for nonprescription medicines should be truthful and non-deceptive.
    • Advertisers of nonprescription medicines should have adequate substantiation for all product claims before an advertisement is disseminated.
    • Advertising of a nonprescription medicine should direct consumers to read and follow label directions.
    • A nonprescription medicine should not be advertised in a manner which is likely to lead to its use by young children without parental supervision. A nonprescription medicine should not be advertised on programs or in publications specifically directed toward young children.
    • Advertising of a nonprescription medicine should contain no reference to doctors, nurses, pharmacists, or hospitals unless the advertiser can substantiate the reasonable message conveyed by such representations.
    • Marketers should be aware of any local, state, or federal age restrictions applicable to the marketing of the product.

  • Article 2. Prescription Medicine

    New drugs and biological products for people should be approved by the U.S. Food and Drug Administration (FDA-approved) before they are marketed in interstate commerce. This means that a company must demonstrate that its drug or biological product is safe and effective for the intended use, and that it can manufacture the product to federal quality standards. It should note that compounded drugs prepared by a pharmacist or doctor are not FDA-approved.

    If the FDA grants an approval, it means the agency has determined that the benefits of the product outweigh the risks for the intended use. The FDA’ s drug advertising regulations require that advertisements for prescription drugs only promote them for medical uses that have been evaluated and approved by the agency.

    • Such ads should be truthful and not misleading, and should meet the standards reflecting the nature of the product advertised.
    • It should be clear who is sponsoring the advertisement.
    • These ads must present a fair balance between the benefits and risks of use.
    • Risks of use should not be diminished, and pre-campaign planning should be employed so that the risks are known and provided to consumers.
    • Product claim advertisements for prescription medications should include information on their major side effects and contraindications in the main body of the ad.
    • Age restrictions and other disclosures key to the product should be included.

• Games, Contests, and Sweepstakes

  Marketers seeking to use a sweepstakes or a game to promote their products or services must ensure they act with caution and limit their use appropriately, as this area is heavily regulated.

  Sweepstakes are promotional devices by which items of value (prizes) are awarded to participants by chance without the promoter requiring the participants to render something of value (consideration) to be eligible to participate.

  The co-existence of all three elements prize, chance, and consideration in the same promotion constitutes a lottery. It is illegal for any private enterprise to run a lottery without specific governmental authorization.

  Online gambling and placing bets (such as running sports betting) is not allowable at the federal level (Wire Act, 18 U.S.C. 1084 [2000]). Some states may allow casinos, and casino regulations should be examined state by state.

  When skill replaces chance, the promotion becomes a skill contest, such as an online game requiring skills to score points. When gifts (premiums or other items of value) are given to all participants independent of the element of chance, the promotion is not a sweepstakes. Promotions that are not sweepstakes should not be held out as such.

  Only those promotional devices that satisfy the definition stated above should be called or held out to be a sweepstakes. Principles and terms for sweepstakes promotions:

  • Article 1. No-Purchase Option

    Promotions should clearly state that no purchase (or payment) is required to win sweepstakes prizes. They should not represent that those who make a purchase or otherwise render consideration with their entry will have a better chance of winning or will be eligible to win more or larger prizes than those who do not make a purchase/ payment or otherwise render consideration. The method for entering without ordering/purchasing should be easy to find, read, and understand. When response devices used only for entering the sweepstakes without a purchase are provided, they should be as easy to find as those utilized for ordering/purchasing the product or service.

  • Article 2. Chances of Winning

    No sweepstakes promotion, or any of its parts, should represent that
    a recipient or entrant has won a prize or that any entry stands a greater chance of winning a prize than any other entry when this is not the case. Winners should be selected to ensure fair application of the laws of chance.

  • Article 3. Prizes

    Sweepstakes prizes should be advertised in a manner that is clear, honest, and complete so that the consumer may know the exact nature of what is being offered. For prizes paid over multiple years, the annual payment schedule and number of years should be clearly disclosed. Photographs, illustrations, artwork, and the situations they represent should be accurate portrayals of the prizes listed in the promotion. The value of the award or prize should not be misrepresented. The value of a non-cash prize should be stated at regular retail value, whether the actual cost to the sponsor is greater or less.

    All prizes should be awarded and delivered without cost to the participant. If there are certain conditions under which a prize or prizes will not be awarded, that fact should be disclosed in a manner that is easy to find, read, and understand before entrants enter the sweepstakes.

  • Article 4. Premiums

    Premiums should be advertised in a manner that is clear, honest, and complete so that the consumer may know the exact nature of what is being offered.

    A premium, gift, or item should not be called or held out to be a “ prize” if it is offered to every recipient of or participant in a promotion. If all participants (or almost all) will receive a premium, gift, or item, that fact should be clearly disclosed.

  • Article 5. Disclosures

    All terms and conditions of the sweepstakes, including entry procedures and rules, should be easy to find, read, and understand. Disclosures set out in the rules section concerning no-purchase option, prizes, and chances of winning should not contradict the overall impression created by the promotion.

    The following terms should be included, and marketers should check further legal requirements in each state:

    • No purchase is required to win a prize.
    • A purchase will not improve the chances of winning.
    • Procedures for entry.
    • If applicable, disclosure that alternate means (such as mailing a 3" x 5" card) may be used to enter the sweepstakes
    • The termination date for eligibility to enter the sweepstakes should specify whether it is a date of submission or receipt of entry deadline.
    • The number, retail value (of non-cash prizes), and complete description of all prizes offered. Specify any prize restrictions. If a cash prize is to be awarded by installment payments, that fact should be clearly disclosed, along with the nature and timing of the payments.
    • The estimated odds of winning each prize.
    • The method by which winners will be selected.
    • The geographic area covered by the sweepstakes and those areas in which the offer is void.
    • All eligibility requirements, if any.
    • Approximate dates when winners will be selected and notified.
    • Publicity rights regarding the use of the winner’ s name (where lawful).
    • Taxes are the responsibility of the winner.
    • Provision of a mailing address to allow consumers to receive a list of winners of prizes over $25.00 in value.

Unethical Marketing Examples

1. Placing an ad near an elementary, middle, or high school advertising how cool and exciting it is to smoke menthol cigarettes would violate Article 1. General Principles, sections 2 and 3.
2. Having a social media influencer smoke cannabis while driving their new Tesla car would violate Article 1. General Principles, sections 4 and 5.
3. Hosting a beer-tasting at a local high school with coupons for a free six-pack of beer would violate Article 1. General Principles, sections 3 and 5.
4. Promoting a “get rich quick” scheme involving cryptocurrency sales within a limited time and no terms beyond “invest in 24 hours and earn a 10 percent return, ” would violate Article 2. Specific Products and Services, Financial Products section.

Resources

ADULT ENTERTAINMENT

1. Federal Laws Against Obscenity | DOJ

ALCOHOL INDUSTRY

1. Beer/Spirits Industry Code
2. DISCUS Code of Responsible Practices 2023 | distilledspirits.org
3. Diageo Marketing Code 2023
4. Alcohol and Tobacco Tax and Trade Bureau
5. TTBGov: Market Compliance Office: Alcohol and Tobacco Tax and Trade Bureau
6. eCFR :: 27 CFR Part 16: Alcoholic Beverage Health Warning Statement

CANNABIS INDUSTRY

1. Full Spectrum Guidelines | Cannabis Media Council

CRYPTOCURRENCY: BITCOIN MINING

1. How Bitcoin Mining Works: Explanation and Examples | NerdWallet

OVER-THE-COUNTER MEDICINE

1. Advertising Practices for Nonprescription Medicines | Consumer Healthcare Products Association (chpa.org)
2. Health Claims | Federal Trade Commission

PHARMACEUTICALS INDUSTRY

1. Is It Really “FDA Approved” ? | FDA

TOBACCO AND VAPING

1. Advertising and Promotion | FDA
2. Smokeless Tobacco Labeling and Warning Statement Requirements | FDA
3. E-Cigarettes (Vapes) | Smoking and Tobacco Use | CDC

---

6 // DIGITAL INNOVATION

PURPOSE

This section is intended to set forth ethical principles for the deployment of automated systems for marketing and advertising purposes, including, but not limited to, the use of artificial intelligence (AI) and machine learning (ML). It includes a set of AI-specific principles that are evolving and forward-looking.

General Digital Innovation Principles

AI is the development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages. Generative AI focuses on uses to create new or significantly modified content and is further defined below in the AI Principles section. The term “machine learning” (ML) means a set of techniques that can be used to train AI algorithms to improve performance at a task based on data.

When using artificial intelligence, Generative AI, machine learning, automated processing, computing, or other technologies that perform automated tasks related to marketing and advertising, marketers should consider the following Principles and Guidelines:

Article 1. Ensuring Safe and Effective Automated Systems

AI, Generative AI, and ML systems that ordinarily require human intelligence should be developed and deployed with consultation from diverse stakeholders to identify the risks and impacts of such systems.

• Such systems should not be designed with the intent to deceive or harm consumers.
• Automated systems should undergo pre-deployment testing risk assessment and mitigation, and ongoing human monitoring.
• Marketers should protect against the use of inappropriate or irrelevant data in the design, development, and deployment of automated systems for marketing purposes, and should prevent the compounding of harm from repetition and reuse.
• Marketers should undergo training and review safety measures as appropriate for the automated systems used in marketing and advertising, and as they relate to data processing and protection of marketing data.

Article 2. Marketers Should Mitigate Against Potential Bias

Automated systems may become biased if they arise from biased data input or are trained on biased data and there is no human corrective action taken. Having a diverse development team will help protect against this potential bias.

Marketers and organizations should take steps to mitigate against bias (to minimize algorithmic decisions that create unfair outcomes that unjustifiably and arbitrarily privilege certain groups over others) as follows:

• Marketers should provide transparency and accountability by using tools and techniques like algorithmic impact assessments and/or data audits to test for bias by evaluating the automated decision systems and their impact on fairness, justice, and bias. (See Diversity and Inclusion section for additional guidance.)
• Automated systems used for marketing, advertising, and advertising selection should not be used to determine ineligibility for, or to impose adverse terms and conditions of, employment, credit, housing, health care, education admissions, financial aid, or insurance.
• Marketers should designate human oversight to review these systems for negative discriminatory bias through oversight and periodic testing, with the goal of safeguarding against unplanned or unforeseen bias brought on by model training.
• Training data for algorithms should be as diverse as possible to ensure the resulting applications developed are as free from bias as possible.

Article 3. Ensuring Data Privacy for Automated Systems

Marketers should take reasonable steps to ensure that consumers are provided with appropriate transparency, notice, and choice over how their PI may be used by automated processing. (See Part 4: Data Privacy, Stewardship, and Security for additional data privacy guidance.) Automated systems should ensure:

• They do not employ user experiences and design decisions that may hide user choices or burden users with defaults that change privacy settings without user permission.
• Consumer instruction should be brief, be understandable in plain language, and give individual control over relevant data collection and the specific context of use for such data.
• In sensitive domains, sensitive data (such as children’s data, financial account data, or an individual’s health data) and related inferences should only be used for necessary functions and with affirmative user consent.

Article 4. Transparency, Notice, and Explanation

• Designers and deployers of systems and products that enable the use of AI to create or alter image, video, or audio content should offer, and advertisers should make use of, techniques such as but not limited to watermarking and/or metadata to enable identification of the origin and authenticity of the content being generated or altered.
• Such labeling and disclosure should be kept up to date, and individuals affected by the system should be notified of significant use case or key functionality changes.

Article 5. Providing Human Oversight and Review for Sensitive and High-Risk Scenarios

Marketers using these automated systems should have a fallback process for human review for high-risk sensitive uses, products, and/or services as follows:

• Individuals should be able to choose to opt out of automated systems in favor of a human alternative. Appropriateness should be determined based on context and with a focus on ensuring oversight, such as a consumer inquiry regarding a product or service that may be sensitive and/or private in nature.
• Consumers should have access to timely human consideration and remedies by a fallback and escalation process. If an automated system fails or produces an error, a remedy for the issue for the individual should be available through human intervention.
• An intended use within sensitive domains, including criminal justice, employment, education, and health, should be reviewed for necessary precautions to protect consumers. They should be tailored to fit the purpose, provide meaningful access for oversight, include training for those interacting with the system, and incorporate human consideration for adverse, sensitive, or high-risk decisions.
• If requested, an organization should describe its human governance processes and assess their timeliness, accessibility, outcomes, and effectiveness.

Generative AI in Advertising Policy Principles

Generative artificial intelligence provides opportunities to promote innovation and competition while also presenting new challenges.

The Biden administration has called on regulators and industry actors to develop safeguards for the deployment of Generative AI systems, which it has referred to as AI systems or algorithms that significantly modify or generate new “synthetic” content. The Federal Trade Commission has similarly taken an interest in Generative AI systems that create new content, which distinguishes such systems from other AI systems that simply analyze or use existing data. The ANA has developed these principles for our industry to aspire to when deploying Generative AI systems for marketing and advertising purposes.

Article 1. Transparency

1. Advertising Generally. Consumers should be given clear or easily accessible notice of the use of Generative AI in audio and/or visual advertisements when the failure to disclose the use of a Generative AI system to create new content or significantly modify existing content is likely to materially mislead a reasonable consumer as to the creation of the advertisement.
   
   Commentary: Failure to disclose the use of a Generative AI system is not materially misleading if the system is used to create or modify content in ways that do not materially affect the weight or credibility a reasonable consumer would give to the advertisement. Such notice should be provided using means such as, but not limited to, a watermarking system, standard icon, or visual or audio disclaimer within the advertisement.
2. Political Advertising. Consumers should be given clear or easily accessible notice that a political advertisement includes AI-generated content if a Generative AI system was used to: (1) create content, if a reasonable person would believe the content depicts speech, conduct, or an event that did not actually happen; or (2) significantly modify speech, conduct, or an event, if a reasonable person would have a different understanding of the message conveyed than if the person viewed the original unmodified version.
   
   Commentary:Apoliticaladvertisementisapaid-forcommunication that unmistakably urges the election or defeat of one or more clearly identified candidate(s) for federal or statewide election, where a candidate for statewide election means a candidate for governor, lieutenant governor, secretary of state, treasurer, or state attorney general. Such notice should be provided using means such as, but not limited to, a watermarking system or standard icon.

Article 2. Elimination of Bias

Except as permitted under applicable law, Generative AI used for marketing should not be used to determine if an individual is ineligible for, or to impose adverse terms and conditions of, employment, credit, health care, housing, education admissions, financial aid, or insurance. Entities should operate in accordance with applicable laws and regulations, including those governing advertising, marketing practices, fundraising, and the transaction of business.

Article 3. Protection of Intellectual Property Rights

AI-generated content should not be used for marketing if an entity’s review process identifies that AI-generated content produced by a Generative AI system infringes on the intellectual property rights of others.

Article 4. Responsible Uses

Generative AI systems should be used to support and improve responsible marketing data uses, including, but not limited to, safety and security, fulfillment, reporting and analytics, market research, product development, advertising, and legal compliance.

Unethical Examples Related to Digital Innovation Principles

A marketer employs a deep fake of a “celebrity” encouraging individuals to sign up for a brain supplement they are selling and states it is provided at a low cost through the Affordable Care Act. This would violate Article 1. Ensuring Safe and Effective Automated Systems, section 1, and Article 4. Transparency, Notice, and Explanation, section 2.

A chatbot is employed by a sexual wellness brand that offers the consumer a very limited range of choices for a product seen by the consumer in a catalog and does not enable a live operator upon request. This would violate Article 5. Providing Human Oversight and Review for Sensitive and High-Risk Scenarios, section 1.

A computer-generated AI nurse is created to help aid the elderly take their medications but also includes emotional manipulation to forge ties and seek additional purchases based on the patient’s trust in their new “friend.” This would violate Article 1. Ensuring Safe and Effective Automated Systems and Article 4. Transparency, Notice, and Explanation.

A family-friendly brand learns after the fact that their ad appears on a website promoting the use of illegal substances and has videos of
abusive behavior towards women. This would violate Article 3. Ensuring Data Privacy for Automated Systems, Article 4. Transparency, Notice, and Explanation, and Article 5. Providing Human Oversight and Review for Sensitive and High-Risk Scenarios.

Resources

WHITE HOUSE

• Blueprint for an AI Bill of Rights | OSTP | The White House
• Joint Statement: Equal Employment Opportunity Commission, Federal Trade Commission, the Justice Department’s Civil Rights Division, and Consumer Financial Protection Bureau

FTC AND DIGITAL OWNERSHIP CLAIMS

• Can’ t Lose What You Never Had: Claims About Digital Ownership and Creation in the Age of Generative AI | FTC

AI AND ANTI-COMPETITIVE PRACTICES

• Generative AI Raises Competition Concerns | FTC

GLOBAL POLICIES

• The European Union Artificial Intelligence Act
• Global Partnership on Artificial Intelligence

GOOGLE

• Google AI Principles
• Why We Focus on AI

OPEN AI

• Planning for AGI and Beyond | openai.com

ANA AI RESOURCES

• AI for Marketers | ANA

INDUSTRY RESOURCES

• 2024 Edelman Trust Barometer | Edelman

---

7 // GENERAL BEST PRACTICES

Laws, Codes, and Regulations

Marketers should operate in accordance with laws and regulations of the United States Postal Service, the Federal Trade Commission, the Federal Communications Commission, the Consumer Financial Protection Bureau, the U.S. Food and Drug Administration, the Federal Reserve Board, and other applicable federal, state, and local laws governing advertising, marketing practices, and the transaction of business.

In Summary

Establishing and adhering to ethical marketing practices helps marketers build trust for consumers, their brands, and the industry. Please contact us at ethics@ana.net if you have questions about the Code; if you need more information about ANA resources, compliance tools, or guidance material; or you wish to get more involved.

---