October 26, 2012 by dannybishopcreative
Today the ACMA (the Australian Communications and Media Authority) fined Tiger Airways $110,000.00 for repeatedly spamming email addresses that had requested to be removed from further communication.
I’m sure we’ve all experienced it. You get an email from an organisation and decide you no longer want to get emails from them. Either you’ve gotten too many from them, or you no longer care about what they’re offering. Either way, you hit the unsubscribe link (if there is one) and go through the process of removing your name from their database.
A week later, you get another email from them. Okay, some systems aren’t very clever. You cut them some slack, but hit the unsubscribe again. Maybe, you tell yourself, you didn’t really unsubscribe, you just wanted to but didn’t actually do it.
A week later, yet another email comes in. Right about now, you’re probably annoyed. Maybe even very annoyed. You’re probably thinking some very unflattering things about them, and the married status of their mothers at the time of childbirth. Worse though, they’ve broken the law.
The annoyance they’ve created is enough to outweigh any possible commercial return at this point. No one who has unsubscribed a couple of times is going to think “Hey, I know I didn’t want these emails before, but NOW I’ll buy what they’re spruiking!”
The Spam Act of 2003 is pretty explicit, and simple enough to understand. Broken down, the Act requires three key things from companies performing email communication;
- Unsubscribe facility
Unless you’re a government agency, a registered political party, a charity, a religious organisation or an education institution (sending emails to current or former students) you must have consent. Consent can be express (such as a tick box beside text saying “I want to get emails all the time!”) or inferred.
Inferred consent is a bit of a grey area, and some companies have been known to push the boundaries. The terminology used in the act is “Through an existing business or other relationship, where there is a reasonable expectation of receiving those commercial electronic messages.” or “Through conspicuous publication of a work-related electronic address.”
In basic terms, either you’ve got to have dealt with the organisation before in a way that you could assume they might communicate with you again, or you’ve put your email address up somewhere (like on LinkedIn for example.)
Consent is all well and good, and inferred consent means companies can send emails to people who haven’t ever ticked a box saying “Send me stuff every day!” Inferred consent is possibly open to abuse, but with Identification and Unsubscribe activities available, there should be no problem.
Identification is required to ensure an email being sent reveals precisely who sent it. Without this, it would be possible for spammers to just keep sending from different accounts, and never face the wrath of the courts.
The final component is ensuring that recipients of any commercial emails can unsubscribe.
- it must remain functional for at least 30 days after the original message was sent
- it must allow the unsubscribe message to be sent to whoever authorised the sending of the message, not necessarily any third party that sent it on their behalf
- unsubscribe instructions must be presented in a clear and conspicuous way
- a request to unsubscribe must be honoured within five working days
- unsubscribing must be at low cost, or no cost, to the user (for example, in the case of SMS unsubscribe facilities, a 1800- telephone number would be acceptable).
The one I’ve highlighted, the section saying you must honour unsubscribes within five working days is the one that Tiger Airways forgot to comply with. It’s all well and good to have a “click to unsubscribe” link in your email, but unless you actually remove people from future communications you’re breaking the law.
I’m certainly no lawyer, but here’s what I tell clients to keep it simple, and keep it legal;
- Make sure you have a tick box that people have to click on for them to sign up for emails (not something they have to tick in order to not get emails)
- If a customer has had a commercial interaction with you before and supplied their email with you at that time, you can probably infer consent
- Every email you send commercially must have an unsubscribe link, and information on the fact it was you sending it
- Make sure your email unsubscribe link works. This is automated on IMG Sports Technology Group‘s system, with backup processes for manual removal should someone contact you directly.
- Don’t hand out your email database to third parties. If a sponsor wants to email your database, get them to send you the creative and send it yourself to ensure you comply with the points above. If you don’t think it’s a good idea to send a third party email to your customers yourself, you probably shouldn’t be contemplating letting them have access to your database.
This is the advice I provide to clients with the caveat that I’m not a lawyer. ACMA aren’t trigger happy and even in the case of Tiger Airways warned them about breaches several times before taking the matter to court, so any honest mistakes you make are unlikely to see you wind up behind bars!
If you’re not an IMG STG client I thoroughly recommend Campaign Monitor as a solution to sending your commercial emails. The system is robust, relatively inexpensive, and has a lot of inbuilt systems to ensure you don’t break the Spam Act, not even accidentally.