Copyright © 2004-2010 Jigsaw
Direct Marketing: Following the Rules in a Global Economy
David S. AlmeidaMichael Best & Friedrich LLP September 30, 2010
David S. Almeida
@almeidagedavidsalmeida
Two Prudential Plaza180 N. Stetson Ave., Suite 2000
Chicago, Illinois 60601(t) 312.596.5832(f) 312.222.0818(c) 312-576-3024
Partner, Michael Best & Friedrich LLPChair, Social Media & Digital Technology Focus
GroupMember, Class Action/Multi-District Litigation
Team
Focus & Representative Clients Primarily, a litigator; I defend companies faced
with class action litigation over direct marketing practices
Also, counsel clients on best practices for direct, mobile and other forms of marketing, as well as on use of social media and e-commerce
• Provide information on laws and best practices to foster goodwill with recipients & to be compliant with myriad laws and regulations regulating direct marketing
• Provide tools to inform C-level executives that direct marketing is incredibly beneficial, cost-effective and legal (i.e., will not subject company to investigations, fines, lawsuits, loss of goodwill, etc…)
Overview/Agenda
Best practices generally
It is crucial that any company engaged in direct marketing familiarize itself with the laws and tools through which marketing practices are – either directly or indirectly – regulated
Not only must the company adjust its practices to deal with these issues, but it must require all of its marketing partners to comply as well
Good practice is to ensure affiliate marketers adhere to the same exacting standards you do
Overview of Laws re Direct Marketing (DM)
Impt parameters:1. The type of subscription – Opt-in & Opt-out
2. The sender and recipient type – laws may target specific types of senders and recipients to which they apply, such as private users, minors and/or organizations Eg, EU Directive limits its opt-in requirement to recipients
who are natural persons
3. Who has standing to complain? Eg, under CAN-SPAM – FTC and ISPs; others broader Scope
4. Scope Manner - UCEs, texts, phone, fax, direct mail, etc. Content
Subscription Type: Opt-out
OK to send UCE without prior approval provided certain procedures followed
Provide mechanism for declining receipt of further e-mails from a particular sender
Recipients must take affirmative steps to remove themselves Opting-out must be easy to do and requests must be timely
honored
Good example of opt-out language
From DMA:
To ensure that an e-mail address can be accurately matched and suppressed, a marketer should include the consumer's e-mail address in the unsubscribe instructions. For example, "You are currently subscribed as [email protected]. Please reply with "unsubscribe" in the subject line if you no longer wish to receive your weekly updates."
Sender & Recipient
The types of senders and recipients that legislation addresses determine applicability to a large extent E.g., EU: opt-in requirements limited to recipients who are
“natural persons” E.g., US: less restrictive; recipients broadly defined to include
both natural persons and organizations: “The term ‘recipient’ when used with respect to a
commercial [e-mail] means an authorized user of the [e-mail] address to which the message was sent or delivered”
Thus, CAN-SPAM broader def of recipient + opt-out = less restrictions
Subscription Type (cont’d): Opt-in: 2 Kinds
Basic – recipient takes first action by agreeing to receive DM from you or from company that compiled list
“Double,” “Confirmed,” “Verified” or “Closed-Loop” – all mean (more or less) the same thing; recipients take 2 actions to get onto a list; recipient requests to be added to list and confirms assent Added protection; ensures recipient not mistakenly
request inclusion or that someone else provided their info
Sender & Recipient
The types of senders and recipients that legislation addresses determine applicability to a large extent E.g., EU: opt-in requirements limited to recipients who are
“natural persons” E.g., US: less restrictive; recipients broadly defined to include
both natural persons and organizations: “The term ‘recipient’ when used with respect to a
commercial [e-mail] means an authorized user of the [e-mail] address to which the message was sent or delivered”
Thus, CAN-SPAM broader def of recipient + opt-out = less restrictions
Scope
DM laws either explicitly or implicitly regulate particular channels of marketing
Prohibitions may include:1. Bulk e-mails
2. Unsolicited Commercial e-mails only (UCEs)
3. Direct Mail
4. Phone
5. SMS & MMS
6. Fax (yes, people are still faxing)
US’ laws are channel specific (TCPA, CAN-SPAM, etc…,) whereas many other countries’ laws are broader and cover many forms
Scope (cont’d)
31 countries have explicit law(s) regulating DM Put in context, United Nations – 191 member states
Some examples of Implicitly covered areas: USA: if e-mail is fraudulent in some way, other laws (other than
CAN-SPAM) could apply – Computer Fraud and Abuse Act, RICO & The Electronic Communications Privacy Act, for examples; moreover, if deceptive, various consumer protective statutes
Germany: the Strafgesetzbuch (Penal Code) covers a broad range of delicts which may be committed if unsolicited e-mails are sent
India: no explicit law governing DM, but arguably its Information Technology Act could apply
Standing
Laws vary widely as to who may seek redress for alleged violations US: CAN-SPAM – FTC, state agency and ISPs; TCPA –
individuals and companies may file class actions (the real pressure point)
EU Directive – when rights not respected, the member states’ laws should provide for judicial remedies
Germany – only certain “qualified” organizations Australia – the Australian Communications & Media Authority
Some Homogeneity to Various Countries’ DM LawsAlthough the variants can be considerable, DM laws
typically converge on a couple of things:1. A focus on commercial content
2. Mandatory disclosure of sender/advertiser/routing info
3. Bans on fraudulent, deceptive or misleading content
4. Bans on automatic collection or generation of recipient addresses (harvesting)
5. Implied permission to contact where EBR exists (although defined differently)
6. Ability to opt-out if so desired; timely honoring of opt-out requests
Issues Presented by International Aspect of DM
Advances in technology present increasingly complex questions of subject matter and personal jurisdiction
Many UCEs (particularly in Europe) may cross international boundaries Jurisdictional question – which law(s) applies? Which countries
have jurisdiction to enforce its laws? Domestic provisions likely to have little effect on messages of
extra-territorial origin Standing: whether a national authority or even private user in
country B is allowed to initiate litigation marketing in country A? Typically, a foreign national cannot avail itself of another
country’s court system
European Union
Privacy and Electronic Communications Directive of 2002 Regulates transmission of UCE EU directives not law; Member states are obliged to
implement directives in their own countries
EU countries do not share common email marketing laws Each EU country free to choose preferred approach; countries
also differ in how they interpret the wording of the directive Thus, EU Directive provides overview of standard in Europe,
still need to check each country's own marketing laws
Privacy and Electronic Communication Directive (cont’d) Generally speaking, opt-in; prohibit the sending of unsolicited commercial
communications by fax or e-mail or other electronic messaging systems such as SMS and MMS “unless the prior express consent of the addresses has been obtained.” Soft opt-in: exception to general rule; applies in cases where contact details for sending e-
mail or SMS messages (but not faxes) have been obtained in the context of a sale. Similar to US’ EBR: products or services must be similar to those previously sold make clear from the first time of collecting the data, that info may be used for direct
marketing and should offer the right to object. Each and every marketing message should include an easy way for the customer to
stop further messages (opt-out). Opt-in is mandatory for any e-mail, SMS or fax addressed to natural persons for direct
marketing. Opt-in is optional with regard to legal persons. For the latter category Member States
may choose between an opt-in or an opt-out system. For all categories of addressees, legal and natural persons, Article 13(4) of the Directive
prohibits direct marketing messages by e-mail or SMS which conceal or disguise the identity of the sender and which do not include a valid address to which recipients can send a request to cease such messages.
Some overarching observations
Differing treatment of B2C compared to B2B Generally speaking, most EU countries – as well as Japan
and China – are opt-in for natural persons, but more accurately categorized as “Soft opt-in” allowing for implied permission if provided in context of sale, EBR, etc…
In UK, though, it is opt-out for legal persons – if in public directory, unsolicited business e-mail is allowed
No clear guidance on distinction b/t natural and legal, but commentaries suggest the former is personal, relationship based emails, whereas the latter is commercial or business related An individual at a business would likely be considered a legal person
International Direct Marketing Best Practices Top 10 List1. Only partner with knowledgeable, reputable and trustworthy marketing experts2. Carefully review all contracts w/ mktg partners & affiliates3. Do not reveal any personally identifying information in any DM4. Seek professional (incl. legal) advice in all jurisdictions where you DM5. Be accurate – avoid deception or anything potentially misleading6. Audit all existing databases to determine where current recipients/subscribers
are7. Personalize/Segment communities to the extent possible8. Technical requirements
Labeling: “ADV,” for example Easy unsubscribe option Timely honor opt-outs
9. Get involved with local marketing associations: many have info on mktg laws & also best practices and other guidelines (AMA, DMA etc…)
10. Carefully review insurance policies
Don’t …
Assume because you are complying with your country’s legislation that all will be OK.
U.S. Laws Governing Direct Marketing by E-Mail Federal Law – CAN-SPAM Act of 2003,15 U.S.C. §
7701, et seq. Controlling the Assault of Non-Solicited Pornography and
Marketing Act of 2003 Effective since January 1, 2004 The most important U.S. law regarding UCEs
Biggest misconception
For whatever reason, many believe that
CAN-SPAM is opt-in or that it requires the prior express permission of recipients
It does not!
CAN-SPAM is opt-out
U.S. Generally speaking, CAN-SPAM. . .
Applies to "commercial messages" (advertisements or promotions)
Applies to messages sent to cell phones and pagers if sent using an Internet provider.
Is Opt-out; May send UCEs if email contains: Identification – accurate header information identifying sender and
recipient; clearly marking email as solicitation or advertisement; CAN-SPAM prohibits practices which could deceive recipients as to the sender of the message (incl. false headers or subject lines, for example)
Return Address – Provide valid return email address and sender’s physical postal address.
Subject Lines – Must be accurate. Misleading subject lines designed to trick readers into opening the email is prohibited.
Opt-out – Provide easily-accessible ways to opt-out of receiving future email from sender; and to process opt-out requests within 10 business days
CAN-SPAM: Key Takeaways
Information must be accurate – Headers, routing info (incl. email address and originating domain name)
Subject matter must not be deceptive Senders should authenticate their return address and include a
valid physical address One-click (and easy) unsubscribe feature Honor opt-out requests within 10 days if not sooner Do not sell or transfer addresses of those who opt-out
State Laws Governing Email Marketing
States can enforce CAN-SPAM pursuant to § 7706(f)(1). Several states have enacted legislation regulating UCEs
Most opt-out – mktrs can send UCEs provided certain procedures are followed
may be pre-empted by CAN-SPAM
State requirements vary, but generally require marketers to include “ADV:” or, in the case of adult-related material, “ADV:ADLT” in the subject line.
In addition, laws generally prohibit falsification of the sender’s contact information and require certain disclosures and opt-out notices
An ex, Illinois - Electronic Mail Act – 815 ILCS 511/10 No individual or entity can send unsolicited email advertisement if email:
Uses a 3rd party’s internet domain name w/o permission; Misrepresents where the email originated from; or Contains false or misleading information in the subject line.
Subject Line: MUST include "ADV;" as its first 4 characters if a normal ad; MUST include "ADV:ADLT" as first 8 characters if ad has adult content
Opt-out: Sender of unsolicited email must also provide toll-free phone number or valid return
email address to allow recipient the opportunity to opt-out
Penalties: PRA for recipients; choose between recovering actual damages or the lesser of $10 for
each illegal email received or $25,000 per day; may also recover attorney’s fees No cause of action allowed against the ISP transmitting the email Act only applies if email is delivered to Ill. resident w/ email service located in Illinois
Telephone Consumer Protection Act (TCPA)
Originally passed in 1991 4 year statute of limitations Broadly applicable to direct marketing via calls,
faxes and texts Amended by 2005 Junk Fax Prevention Act:
Permit class action lawsuits for violations absent an "established business relationship" (EBR)
Require prominent opt-out language Leniency towards non-profits and higher education institutions Critics call it the "Junk Fax Protection Act of 2005"
Laws Governing Direct Marketing by Fax
Most TCPA lawsuits over fax (surprisingly enough) Person cannot send unsolicited
fax advertising the commercial availability of goods or service UNLESS:
Sender obtains fax number from recipient voluntarily and directly or sender obtains the number from a public directory; AND
Sender has EBR with recipient;
Sender provides comprehensive notice on first page with opt-out information
Laws Governing Direct Marketing by Telephone
Federal Law Telephone Consumer Protection Act - 47 U.S.C. § 227(b) Telemarketing & Consumer Fraud Abuse Prevention Act – 15 U.S.C.
§ 6101-6108 State Law
Every state has a consumer fraud statute that could apply Many have state equivalents of the TCPA
Telephone Consumer Protection Act – 47 U.S.C. § 227 If the recipient is within the United States, it is unlawful to use an
automatic telephone dialing system (ATDS) or an automated voice to: Make a call using an automatic telephone dialing system or automated voice
to an emergency phone line, guest or patient line in a health care facility, or paging, cellular or any service for which the recipient is charged for the call.
Initiate a phone call to a residential phone line w/o prior express consent, unless it’s for emergency purposes.
Engage two or more phone lines of a multi-line business simultaneously.
There is a PRA – person or entity can seek greater of actual monetary loss or statutory damages of between $500 and $1,500 per violation.
Telemarketing & Consumer Fraud Abuse Prevention Act – 15 U.S.C. § 6101-6108
Telemarketers must: Disclose seller’s name and purpose of call. Have a clearly written policy available to anyone upon
request. Initiate calls only between 8am – 9pm in recipient’s time zone. Maintain records, including records of advertisements, sales
records and employee records.
National Do Not Call Registry
Marketers who engage in telemarketing must: Register Purchase access to Registry for any area codes to which calls will be
made Refrain from callings numbers in the Registry unless there is an EBR
The Telemarketing Sales Rule does not apply to certain forms of telemarketing, including most business-to-business sales calls, telemarketing by banks, federal financial institutions, common carriers (phone companies and airlines), insurance companies, and non-profit organizations.
Mobile Marketing: The TCPA’s Next Frontier
Recent explosion in amount of marketing dollars spent on mobile marketing campaigns, including:
Text messaging (SMS, MMS) Mobile Websites Applications Location Based QR Codes
Canada: Fighting Internet and Wireless Spam Act (“FISA”)
Recently reintroduced as Bill C-28, the "Fighting Internet and Wireless Spam Act"
Legislation (C-29) is also being proposed to amend Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), which covers online privacy in detail and contains many provisions relevant to email marketing
Canada: FISA: § 7 - Commercial Electronic Messages (CEM)
CEM broadly defined to include any message with any semblance of commercial activity
More than email: IM; SMS; social media; voice, etc. General rule: Consent (opt-in) required to send CEM
Such consent can be express or implied Subject to reasonable use requirement
Other requirements: identification; contact information; unsubscribe mechanism
Certain messages exempted altogether: family or personal relationship; business inquiry
No minimum # to be classified as spam Message to request consent deemed to be CEM
Canada: FISA: § 7 - CEMs where no consent required Quotes or estimates, if requested Facilitates commercial transaction Warranty or safety information Information regarding continuing ongoing subscription,
membership etc. Information related to employment relationship or
benefit plan Delivers good or service
Canada: FISA: Labeling & Identification Requirements All messages being sent must;
• Clearly identify the person who sent the message
• Include physical postal address and company name on all emails
The messages must provide a method where the recipient can readily contact the person(s) responsible for sending the message
• Set replies to go to customer service, do not use [email protected]
MUST be active for 60 days after the messages was sent Provide a working unsubscribe mechanism that removes an
address within 10 days
FISA vs. CAN-SPAM: Similarities
Requirement to accurately identify sender Prohibitions against false and misleading transmission
data/subject lines Requirement for unsubscribe mechanism Liability for brands who knowingly allow spam to be
sent on their behalf
FISA vs. CAN-SPAM: Key Differences
FISA Addresses broad range of Internet issues (spam, spyware,
pharming, etc.) Applies to all forms of electronic messaging (email, SMS, IM,
etc.) Primarily opt-in PRA availableCAN-SPAM Applies only to email Opt-out PRA available only to ISPs
United Kingdom: The Data Protection Act 1998 (“DPA”) Defines UK law on the processing of data The main piece of legislation that governs the protection of
personal data in the UK Enacted to bring UK law into line with the European Directive
of 1995 provides a way for individuals to control information about them
Does not apply to domestic use, for example keeping a personal address book
Anyone holding personal data for other purposes is legally obliged to comply with the DPA, subject to certain exemptions
UK: DPA: Main Features
Opt-in for emails to individual subscribers (B2C)
Soft opt-in OK for sales negotiations (EBR)
If email addresses are to be used for mkting, need to be stated at time of collection of information
Same if email addresses to be shared/sold/leased to third party
Never disguise identity of sender
Simple and easy opt-out
Timely honor opt-out requests
UK: E-Commerce Directive
The Regulations contain provisions on commercial e-commerce communications and include a requirement that all UCE (unsolicited commercial email) should be easily identifiable as soon as it is received (thereby enabling automatic deletion/filtering). It also states that all websites should have full postal and telephone contact details.
Netherlands: The Telecommunications Act
No advertisement can be sent via email without explicit previous permission by the recipient
Recipients that feel their rights have been violated can forward their complaints to a special website, www.spamklacht.nl
The Dutch Independent Post and Telecommunications Authority is an independent organization in charge of investigations and fine violators for up to 450.000 EUR per case
Austria: § 107 of the new Telecom-Law 2003 (TKG 2003) § 107(2) - The practice of sending electronic mail - including SMS -
to consumers without prior consent is prohibited if the electronic mail was sent for purposes of direct marketing, or the electronic mail was sent to more than 50 recipients. (3) Prior consent according to Article 2 is not required if the sender has obtained the electronic contact details of its
customers in the context of the sale of a product or a service, and these electronic contact details are used for direct marketing of its
own similar products or services, and provided that customers clearly and distinctly are given the
opportunity to object, free of charge and in an easy manner, to such use of electronic contact details when they are collected and on the occasion of each message
Austria: § 107 of the new Telecom-Law 2003 (cont’d) (4) The practice of sending electronic mail - including SMS - without
prior consent to other recipients than those defined in Article 2 is allowed if the electronic mail or SMS explicitly provides the recipient with the opportunity to object to any further messages
(5) The practice of sending electronic mail for purposes of direct marketing disguising or concealing the identity of the sender on whose behalf the communication is made, or without a valid address to which the recipient may send a request that such communications cease, is prohibited even if Article 2, 3 or 4 apply.
§ 109(3) An infraction subject to a fine of up to EUR 37000 is committed by anyone who
20. sends electronic mail contrary to § 107 Art. 2 and 4. 21. sends electronic mail for purposes of direct marketing contrary to § 107 Art. 5
France
Specific spam law: Loi du 21 juin 2004 pour la confiance dans l'économie numérique (in French only)
Article 22 of this law prohibits the sending of e-mail without specific prior consent from the addressee
Databases of legally collected details (i.e., those obtained directly from the addressee at some point in the past) may be used to send promotional materials, but in all cases a clear option to cease all further correspondence must be provided
Ireland
Ireland passed the self-titled European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations 2003. Regulation 13 is about spam, and it starts strong with mandatory opt-in for unsolicited spamming
The law gives effect to new EU regulations banning the sending of unsolicited e-mails or text messages to the general public
Violators reportedly face fines of up to 250,000 euros See office of the Data Protection Commissioner for overview
of regulations, including a guide for direct marketing: http://www.dataprotection.ie/ViewDoc.asp?fn=/documents/responsibilities/DMGuidance.htm&CatID=57&m=y
Germany: The Act for the Use of Tele-Services
Under the law, email marketers will have to provide their correct address and also make email content clear in the header
Falsification of IP addresses will also be made illegal The proposal has been approved by both the Greens and
the Social Democrats (the two halves of Germany's ruling coalition) and will have its first reading in the German parliament (Bundestag) on February 17th
The German anti-spam policy follows recent legislation in both the US and UK
China: Measures for the Administration of Internet E-Mails In June 2007, on China's mainland, there were 162 million Internet
users, 1.31 million websites and 67 million online computers, and the total bandwidth at the international gate reaching 305Gbps
The Ministry of Information Industry issued "Internet Email Service Regulations" on February 21, 2006, with an effective date of March 30, 2006
Makes it a crime to own an unregistered mail server Businesses and Internet service providers must inform the
government at least 20 days before an email server is built and must make provisions for keeping all email for a minimum of 60 days. The law also makes it illegal to discuss information security via email, along with any other subject outlawed in China
Critics say that while the law may have started as an anti-spam law, it is a freedom-limiting gesture by a government known for keeping a tight hold on its portion of the Internet
China: Measures for the Administration of Internet E-Mails Apply to e-mail service providers and to any person operating e-mail service
for Internet users in Mainland China. The main provisions in the regulation are:
A provider is defined as any person in the service supply chain involved in delivering or helping users to receive e-mail;
Service providers must register with the government and obtain a license before providing e-mail services;
Violators face warnings or penalties of up to 30,000 yuan (approx. $3,700 US) and risk losing their license;
Firms are barred from sending unsolicited commercial messages without prior consent from recipients;
All commercial e-mail must have a subject header of "AD" or the Chinese character for advertisement;
The rules only apply to email containing commercial advertisements; and The rules state that providers must stop delivery of any messages
containing commercial advertisements even if a recipient first consents, but later changes his or her mind.
Japan: The New Anti-Spam Law (2008) Under the New Anti-Spam Law, senders may only distribute CEMs if the
recipients fall into one of the following categories: Individuals who have notified the Sender in advance that they request or agree
to receive commercial email; Individuals who have provided the Sender with their own email addresses; Individuals who have a preexisting business relationship with the Sender; and Individuals (limited to those engaged in for-profit activities) or groups that publicly
announce their own email addresses. Because all of these categories require affirmative acts by the recipient before a
Sender is permitted to transmit commercial email, Japan has essentially adopted a modified opt-in system for commercial email regulation.
The New Anti-Spam Law does not describe how individuals must notify Senders of their email addresses for the opt-in to be valid.
Nor does it indicate what constitutes a “business relationship” or how an individual or group “publicly announces their own email address” for opt-in purposes.
Japan: Additional Requirements
In addition to requiring opt-in consent; there are four further requirements under the New Anti-Spam Law that Senders must fulfill:
Senders must keep records which prove that the recipients requested the emails;
Senders must honor opt-out requests received from individuals; Senders must include certain information in the commercial email
sent; and Senders are prohibited from sending email using programs that
generate email addresses and from falsifying information about themselves.
New Zealand: The Unsolicited Electronic Messages Act (“UEM”) Administered by New Zealand Department of Internal Affairs
The UEM provides that implied consent exists if:an electronic address has been conspicuously published by a person in a business or official capacity, andit is not accompanied by a statement requesting that no unsolicited messages be sent to that address, andthe message is relevant to the recipient’s business, role, function or duties in a business or official capacity.
If a sender is unable to satisfy the Department that they have consent to send a CEM, then a breach of the Act may be found
Penalties under the Act range from written warnings, through to infringement notices and pecuniary penalties.
Guide for businesses (from New Zealand’s Department of Internal Affairs): http://www.dia.govt.nz/diawebsite.nsf/wpg_URL/Services-Anti-Spam-Business-Info?OpenDocument
New Zealand: UEM (cont’d)
UEM intended to encourage good direct marketing practice by:
Requiring electronic messages to contain a functioning unsubscribe facility
Ensuring electronic messages are sent only to customers who have consented to receiving it
Restricting the use of address-harvesting software. The UEM covers email, instant messaging, SMS and MMS
(text and image-based mobile phone messaging) of a commercial nature. It does NOT cover faxes, Internet pop-ups or voice telemarketing.
India: The Information Technology Act (“ITA”)
As of today, the Indian government has yet to promulgate legislation that squarely addresses direct marketing
The ITA does not contain any provision regulating direct marketing
The ITA does regulate obscenity, which covers publishing, transmitting or causing to be published in electronic form any material which is lascivious or appeals to the prurient interest
http://knol.google.com/k/direct-marketing-association-india/electronic-direct-mail-edm-in-india/275cg0astabrk/84# (article published by Direct Marketing Association India)
Australia
Australia's Spam Act became law on December 12th, 2003 and became enforceable on the 12th April 2004. The requirements of this legislation are extremely strict and have provided for daily fines for repeat offenders of over $750,000.
Australia’s legislation is opt-in based, however, there are provisions made for soft opt-in, where permission is inferred.
The Spam Act 2003 (Cth): Main Features CEM must be commercial in nature – either offering a commercial
transaction or directing the recipient to a location where a commercial transaction may occur
There is no reference to bulk messaging – a single unsolicited CEM could be construed as spam, although enforcement would be unlikely
The Act prohibits sending unsolicited commercial electronic messages that have an “Australian link” (originating in Australia or originating overseas sent to an address accessed in Australia).
Must contain accurate information about the person or organization that authorized the message.
Requires that all CEM must contain a functional “unsubscribe” facility to allow people to opt out from receiving messages from that source in the future. Such requests must be honored within five working days
The Act prohibits the supply, acquisition or use of address lists, as well as software that “harvests” electronic addresses from the internet, for the purpose of sending spam
The Spam Act applies to more than e-mails: mobile text messaging and other electronic messaging are also covered
Brazil Anti-spam legislation has been introduced in several separate bills None have reached a final vote A bill, proposed in 2002, would create criminal penalties for disseminating or selling
personal data without the data subject's permission. In 2003, three separate bills were introduced to regulate the telemarketing activities, and
two in 2004 – mainly, a reflection of the US "do-not-call list.“ In general, the intent is to create such lists under the control of either telemarketing
companies or the Brazilian Ministry of Communications The Brazil Anti-Spam Group created a market-oriented self-regulation initiative to
encourage advertisers to provide accurate information about themselves to recipients, to observe truth-in-advertising norms, and to let recipients opt-out of future mailings, thus aiming at promoting consumer confidence in the use of e-mails
However, the effectiveness of the Anti-Spam Code of Ethics has been questioned, because there are no proposed sanctions for the breach of its terms other than the listing of the spammers on the Brazil Anti-Spam Group's website and because the Code of Ethics allows the sending of unsolicited e-mails as long as some conditions have been met
A ruling by a court of Florianópolis considered receiving unsolicited e-mail something perfectly normal in the "cybernetic age" and unable to result in either moral or actual damages
Key Takeaways
Be sensitive to potential applicability of many laws (of potentially different countries)
Get legal counsel in each jurisdiction Compliance should be seen as part of business
strategy; optimizing ROI by using good information from trusted sources
By doing this, avoid the loss of goodwill and exposure attendant with …
Spam!
Questions?
Disclaimer
This presentation is for general informational purposes only and is not legal advice. The evaluation of legal issues always depends on specific facts and circumstances. This presentation should not be used as a substitute for competent legal advice from a licensed attorney.
Your use of this presentation does not create an attorney-client relationship. Please do not send me any confidential information by email or otherwise as your communication will not be privileged and may be subject to compelled disclosed to other persons.