Many observers are watching Groupon with hawk eyes as the daily deals player continues to grow. Among them is the Congressional Privacy Caucus (CPC), in particular, Massachusetts Democrat representative Ed Markey and Texas Republican representative Joe Barton. Lately, these two congressmen are perhaps best known for introducing the Do Not Track Kids bill to Congress, a proposed law aimed at providing better online protection for children.

Markey and Barton inquired within Groupon regarding changes made to its privacy policy back in July, to which it responded with a letter that seemed to satisfy the group’s curiosity. At least for now. From the looks of it, the CPC is concerned that Groupon could get careless in the privacy department as it carries on its evolution as the fastest growing company in history.

The CPC inquiry into Groupon got us thinking about the parallels the deal-a-day giant has with email marketing in terms of privacy. Following is a brief overview of how they compare and contrast:

Driven by Permission

When done right, email marketing sees the marketer getting explicit permission from their audience members before sending them anything. It is a best practice that helps keeps you compliant with CAN-SPAM and various data protection laws while also keeping the complaints from your subscribers to the absolute minimum. Using email marketing to power its increasingly popular service, Groupon also lives by an opt-in policy and, according to Congressman Markey, this is what the CPC likes to see in privacy policies and practices.

Location-Based Targeting

An email marketer collects location data on their subscribers, which is considered nothing but basic demographic information that may come in handy for email segmentation purposes. A company like Groupon does it and it becomes a bigger deal because of the privacy concerns associated with geolocation technology. In fact, Groupon’s use of location-based targeting is one of the main reasons the CPC has the company in its crosshair. While the firm said it currently does not collect location data when the app is not being used, it told the CPC that it plans to do so, and will gather that information on a permission basis when it does.

Third-Party Data Sharing

Another interesting component of the recent Groupon inquiry relates to its sharing of personal data with third-party partners. In response to the CPC’s probing, Groupon says that it requires its merchants to contractually agree to only use the customer’s information to fulfill the offer at hand, though in some cases the company itself shares email addresses and transactions with select partners for the purpose of personalizing offers. The sharing of data with third-parties is a controversial issue in the email marketing industry in general, but as we have seen with data breaches suffered by SilverPop and Epsilon, this greatly increases liability.

Looking into Groupon’s privacy policies and practices is proof of just how serious the CPC is about protecting consumers on the internet. The deals company appears to be doing all the right things, but if history has shown us anything, it is that slacking up just a bit could have some pretty dire consequences.