Copyright © 2004-2010 Jigsaw

Direct Marketing: Following the Rules in a Global Economy

David S. AlmeidaMichael Best & Friedrich LLP September 30, 2010

David S. Almeida

@almeidagedavidsalmeida

Two Prudential Plaza180 N. Stetson Ave., Suite 2000

Chicago, Illinois 60601(t) 312.596.5832(f) 312.222.0818(c) 312-576-3024

dsalmeida@michaelbest.com

Partner, Michael Best & Friedrich LLPChair, Social Media & Digital Technology Focus

GroupMember, Class Action/Multi-District Litigation

Team

Focus & Representative Clients Primarily, a litigator; I defend companies faced

with class action litigation over direct marketing practices

Also, counsel clients on best practices for direct, mobile and other forms of marketing, as well as on use of social media and e-commerce

• Provide information on laws and best practices to foster goodwill with recipients & to be compliant with myriad laws and regulations regulating direct marketing

• Provide tools to inform C-level executives that direct marketing is incredibly beneficial, cost-effective and legal (i.e., will not subject company to investigations, fines, lawsuits, loss of goodwill, etc…)

Overview/Agenda

Best practices generally

It is crucial that any company engaged in direct marketing familiarize itself with the laws and tools through which marketing practices are – either directly or indirectly – regulated

Not only must the company adjust its practices to deal with these issues, but it must require all of its marketing partners to comply as well

Good practice is to ensure affiliate marketers adhere to the same exacting standards you do

Overview of Laws re Direct Marketing (DM)

Impt parameters:1. The type of subscription – Opt-in & Opt-out

2. The sender and recipient type – laws may target specific types of senders and recipients to which they apply, such as private users, minors and/or organizations Eg, EU Directive limits its opt-in requirement to recipients

who are natural persons

3. Who has standing to complain? Eg, under CAN-SPAM – FTC and ISPs; others broader Scope

4. Scope Manner - UCEs, texts, phone, fax, direct mail, etc. Content

Subscription Type: Opt-out

OK to send UCE without prior approval provided certain procedures followed

Provide mechanism for declining receipt of further e-mails from a particular sender

Recipients must take affirmative steps to remove themselves Opting-out must be easy to do and requests must be timely

honored

Good example of opt-out language

From DMA:

To ensure that an e-mail address can be accurately matched and suppressed, a marketer should include the consumer's e-mail address in the unsubscribe instructions. For example, "You are currently subscribed as name@domain.com. Please reply with "unsubscribe" in the subject line if you no longer wish to receive your weekly updates."

Sender & Recipient

The types of senders and recipients that legislation addresses determine applicability to a large extent E.g., EU: opt-in requirements limited to recipients who are

“natural persons” E.g., US: less restrictive; recipients broadly defined to include

both natural persons and organizations: “The term ‘recipient’ when used with respect to a

commercial [e-mail] means an authorized user of the [e-mail] address to which the message was sent or delivered”

Thus, CAN-SPAM broader def of recipient + opt-out = less restrictions

Subscription Type (cont’d): Opt-in: 2 Kinds

Basic – recipient takes first action by agreeing to receive DM from you or from company that compiled list

“Double,” “Confirmed,” “Verified” or “Closed-Loop” – all mean (more or less) the same thing; recipients take 2 actions to get onto a list; recipient requests to be added to list and confirms assent Added protection; ensures recipient not mistakenly

request inclusion or that someone else provided their info

Sender & Recipient

The types of senders and recipients that legislation addresses determine applicability to a large extent E.g., EU: opt-in requirements limited to recipients who are

“natural persons” E.g., US: less restrictive; recipients broadly defined to include

both natural persons and organizations: “The term ‘recipient’ when used with respect to a

commercial [e-mail] means an authorized user of the [e-mail] address to which the message was sent or delivered”

Thus, CAN-SPAM broader def of recipient + opt-out = less restrictions

Scope

DM laws either explicitly or implicitly regulate particular channels of marketing

Prohibitions may include:1. Bulk e-mails

2. Unsolicited Commercial e-mails only (UCEs)

3. Direct Mail

4. Phone

5. SMS & MMS

6. Fax (yes, people are still faxing)

US’ laws are channel specific (TCPA, CAN-SPAM, etc…,) whereas many other countries’ laws are broader and cover many forms

Scope (cont’d)

31 countries have explicit law(s) regulating DM Put in context, United Nations – 191 member states

Some examples of Implicitly covered areas: USA: if e-mail is fraudulent in some way, other laws (other than

CAN-SPAM) could apply – Computer Fraud and Abuse Act, RICO & The Electronic Communications Privacy Act, for examples; moreover, if deceptive, various consumer protective statutes

Germany: the Strafgesetzbuch (Penal Code) covers a broad range of delicts which may be committed if unsolicited e-mails are sent

India: no explicit law governing DM, but arguably its Information Technology Act could apply

Standing

Laws vary widely as to who may seek redress for alleged violations US: CAN-SPAM – FTC, state agency and ISPs; TCPA –

individuals and companies may file class actions (the real pressure point)

EU Directive – when rights not respected, the member states’ laws should provide for judicial remedies

Germany – only certain “qualified” organizations Australia – the Australian Communications & Media Authority

Some Homogeneity to Various Countries’ DM LawsAlthough the variants can be considerable, DM laws

typically converge on a couple of things:1. A focus on commercial content

2. Mandatory disclosure of sender/advertiser/routing info

3. Bans on fraudulent, deceptive or misleading content

4. Bans on automatic collection or generation of recipient addresses (harvesting)

5. Implied permission to contact where EBR exists (although defined differently)

6. Ability to opt-out if so desired; timely honoring of opt-out requests

Issues Presented by International Aspect of DM

Advances in technology present increasingly complex questions of subject matter and personal jurisdiction

Many UCEs (particularly in Europe) may cross international boundaries Jurisdictional question – which law(s) applies? Which countries

have jurisdiction to enforce its laws? Domestic provisions likely to have little effect on messages of

extra-territorial origin Standing: whether a national authority or even private user in

country B is allowed to initiate litigation marketing in country A? Typically, a foreign national cannot avail itself of another

country’s court system

European Union

Privacy and Electronic Communications Directive of 2002 Regulates transmission of UCE EU directives not law; Member states are obliged to

implement directives in their own countries

EU countries do not share common email marketing laws Each EU country free to choose preferred approach; countries

also differ in how they interpret the wording of the directive Thus, EU Directive provides overview of standard in Europe,

still need to check each country's own marketing laws

Privacy and Electronic Communication Directive (cont’d) Generally speaking, opt-in; prohibit the sending of unsolicited commercial

communications by fax or e-mail or other electronic messaging systems such as SMS and MMS “unless the prior express consent of the addresses has been obtained.” Soft opt-in: exception to general rule; applies in cases where contact details for sending e-

mail or SMS messages (but not faxes) have been obtained in the context of a sale. Similar to US’ EBR: products or services must be similar to those previously sold make clear from the first time of collecting the data, that info may be used for direct

marketing and should offer the right to object. Each and every marketing message should include an easy way for the customer to

stop further messages (opt-out). Opt-in is mandatory for any e-mail, SMS or fax addressed to natural persons for direct

marketing. Opt-in is optional with regard to legal persons. For the latter category Member States

may choose between an opt-in or an opt-out system. For all categories of addressees, legal and natural persons, Article 13(4) of the Directive

prohibits direct marketing messages by e-mail or SMS which conceal or disguise the identity of the sender and which do not include a valid address to which recipients can send a request to cease such messages.

Some overarching observations

Differing treatment of B2C compared to B2B Generally speaking, most EU countries – as well as Japan

and China – are opt-in for natural persons, but more accurately categorized as “Soft opt-in” allowing for implied permission if provided in context of sale, EBR, etc…

In UK, though, it is opt-out for legal persons – if in public directory, unsolicited business e-mail is allowed

No clear guidance on distinction b/t natural and legal, but commentaries suggest the former is personal, relationship based emails, whereas the latter is commercial or business related An individual at a business would likely be considered a legal person

International Direct Marketing Best Practices Top 10 List1. Only partner with knowledgeable, reputable and trustworthy marketing experts2. Carefully review all contracts w/ mktg partners & affiliates3. Do not reveal any personally identifying information in any DM4. Seek professional (incl. legal) advice in all jurisdictions where you DM5. Be accurate – avoid deception or anything potentially misleading6. Audit all existing databases to determine where current recipients/subscribers

are7. Personalize/Segment communities to the extent possible8. Technical requirements

Labeling: “ADV,” for example Easy unsubscribe option Timely honor opt-outs

9. Get involved with local marketing associations: many have info on mktg laws & also best practices and other guidelines (AMA, DMA etc…)

10. Carefully review insurance policies

Don’t …

Assume because you are complying with your country’s legislation that all will be OK.

U.S. Laws Governing Direct Marketing by E-Mail Federal Law – CAN-SPAM Act of 2003,15 U.S.C. §

7701, et seq. Controlling the Assault of Non-Solicited Pornography and

Marketing Act of 2003 Effective since January 1, 2004 The most important U.S. law regarding UCEs

Biggest misconception

For whatever reason, many believe that

CAN-SPAM is opt-in or that it requires the prior express permission of recipients

It does not!

CAN-SPAM is opt-out

U.S. Generally speaking, CAN-SPAM. . .

Applies to "commercial messages" (advertisements or promotions)

Applies to messages sent to cell phones and pagers if sent using an Internet provider.

Is Opt-out; May send UCEs if email contains: Identification – accurate header information identifying sender and

recipient; clearly marking email as solicitation or advertisement; CAN-SPAM prohibits practices which could deceive recipients as to the sender of the message (incl. false headers or subject lines, for example)

Return Address – Provide valid return email address and sender’s physical postal address.

Subject Lines – Must be accurate. Misleading subject lines designed to trick readers into opening the email is prohibited.

Opt-out – Provide easily-accessible ways to opt-out of receiving future email from sender; and to process opt-out requests within 10 business days

CAN-SPAM: Key Takeaways

Information must be accurate – Headers, routing info (incl. email address and originating domain name)

Subject matter must not be deceptive Senders should authenticate their return address and include a

valid physical address One-click (and easy) unsubscribe feature Honor opt-out requests within 10 days if not sooner Do not sell or transfer addresses of those who opt-out

State Laws Governing Email Marketing

States can enforce CAN-SPAM pursuant to § 7706(f)(1). Several states have enacted legislation regulating UCEs

Most opt-out – mktrs can send UCEs provided certain procedures are followed

may be pre-empted by CAN-SPAM

State requirements vary, but generally require marketers to include “ADV:” or, in the case of adult-related material, “ADV:ADLT” in the subject line.

In addition, laws generally prohibit falsification of the sender’s contact information and require certain disclosures and opt-out notices

An ex, Illinois - Electronic Mail Act – 815 ILCS 511/10 No individual or entity can send unsolicited email advertisement if email:

Uses a 3rd party’s internet domain name w/o permission; Misrepresents where the email originated from; or Contains false or misleading information in the subject line.

Subject Line: MUST include "ADV;" as its first 4 characters if a normal ad; MUST include "ADV:ADLT" as first 8 characters if ad has adult content

Opt-out: Sender of unsolicited email must also provide toll-free phone number or valid return

email address to allow recipient the opportunity to opt-out

Penalties: PRA for recipients; choose between recovering actual damages or the lesser of $10 for

each illegal email received or $25,000 per day; may also recover attorney’s fees No cause of action allowed against the ISP transmitting the email Act only applies if email is delivered to Ill. resident w/ email service located in Illinois

Telephone Consumer Protection Act (TCPA)

Originally passed in 1991 4 year statute of limitations Broadly applicable to direct marketing via calls,

faxes and texts Amended by 2005 Junk Fax Prevention Act:

Permit class action lawsuits for violations absent an "established business relationship" (EBR)

Require prominent opt-out language Leniency towards non-profits and higher education institutions Critics call it the "Junk Fax Protection Act of 2005"

Laws Governing Direct Marketing by Fax

Most TCPA lawsuits over fax (surprisingly enough) Person cannot send unsolicited

fax advertising the commercial availability of goods or service UNLESS:

Sender obtains fax number from recipient voluntarily and directly or sender obtains the number from a public directory; AND

Sender has EBR with recipient;

Sender provides comprehensive notice on first page with opt-out information

Laws Governing Direct Marketing by Telephone

Federal Law Telephone Consumer Protection Act - 47 U.S.C. § 227(b) Telemarketing & Consumer Fraud Abuse Prevention Act – 15 U.S.C.

§ 6101-6108 State Law

Every state has a consumer fraud statute that could apply Many have state equivalents of the TCPA

Telephone Consumer Protection Act – 47 U.S.C. § 227 If the recipient is within the United States, it is unlawful to use an

automatic telephone dialing system (ATDS) or an automated voice to: Make a call using an automatic telephone dialing system or automated voice

to an emergency phone line, guest or patient line in a health care facility, or paging, cellular or any service for which the recipient is charged for the call.

Initiate a phone call to a residential phone line w/o prior express consent, unless it’s for emergency purposes.

Engage two or more phone lines of a multi-line business simultaneously.

There is a PRA – person or entity can seek greater of actual monetary loss or statutory damages of between $500 and $1,500 per violation.

Telemarketing & Consumer Fraud Abuse Prevention Act – 15 U.S.C. § 6101-6108

Telemarketers must: Disclose seller’s name and purpose of call. Have a clearly written policy available to anyone upon

request. Initiate calls only between 8am – 9pm in recipient’s time zone. Maintain records, including records of advertisements, sales

records and employee records.

National Do Not Call Registry

Marketers who engage in telemarketing must: Register Purchase access to Registry for any area codes to which calls will be

made Refrain from callings numbers in the Registry unless there is an EBR

The Telemarketing Sales Rule does not apply to certain forms of telemarketing, including most business-to-business sales calls, telemarketing by banks, federal financial institutions, common carriers (phone companies and airlines), insurance companies, and non-profit organizations.

Mobile Marketing: The TCPA’s Next Frontier

Recent explosion in amount of marketing dollars spent on mobile marketing campaigns, including:

Text messaging (SMS, MMS) Mobile Websites Applications Location Based QR Codes

Canada: Fighting Internet and Wireless Spam Act (“FISA”)

Recently reintroduced as Bill C-28, the "Fighting Internet and Wireless Spam Act"

Legislation (C-29) is also being proposed to amend Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), which covers online privacy in detail and contains many provisions relevant to email marketing

Canada: FISA: § 7 - Commercial Electronic Messages (CEM)

CEM broadly defined to include any message with any semblance of commercial activity

More than email: IM; SMS; social media; voice, etc. General rule: Consent (opt-in) required to send CEM

Such consent can be express or implied Subject to reasonable use requirement

Other requirements: identification; contact information; unsubscribe mechanism

Certain messages exempted altogether: family or personal relationship; business inquiry

No minimum # to be classified as spam Message to request consent deemed to be CEM

Canada: FISA: § 7 - CEMs where no consent required Quotes or estimates, if requested Facilitates commercial transaction Warranty or safety information Information regarding continuing ongoing subscription,

membership etc. Information related to employment relationship or

benefit plan Delivers good or service

Canada: FISA: Labeling & Identification Requirements All messages being sent must;

• Clearly identify the person who sent the message

• Include physical postal address and company name on all emails

The messages must provide a method where the recipient can readily contact the person(s) responsible for sending the message

• Set replies to go to customer service, do not use NoReply@client.com

MUST be active for 60 days after the messages was sent Provide a working unsubscribe mechanism that removes an

address within 10 days

FISA vs. CAN-SPAM: Similarities

Requirement to accurately identify sender Prohibitions against false and misleading transmission

data/subject lines Requirement for unsubscribe mechanism Liability for brands who knowingly allow spam to be

sent on their behalf

FISA vs. CAN-SPAM: Key Differences

FISA Addresses broad range of Internet issues (spam, spyware,

pharming, etc.) Applies to all forms of electronic messaging (email, SMS, IM,

etc.) Primarily opt-in PRA availableCAN-SPAM Applies only to email Opt-out PRA available only to ISPs

United Kingdom: The Data Protection Act 1998 (“DPA”) Defines UK law on the processing of data The main piece of legislation that governs the protection of

personal data in the UK Enacted to bring UK law into line with the European Directive

of 1995 provides a way for individuals to control information about them

Does not apply to domestic use, for example keeping a personal address book

Anyone holding personal data for other purposes is legally obliged to comply with the DPA, subject to certain exemptions

UK: DPA: Main Features

Opt-in for emails to individual subscribers (B2C)

Soft opt-in OK for sales negotiations (EBR)

If email addresses are to be used for mkting, need to be stated at time of collection of information

Same if email addresses to be shared/sold/leased to third party

Never disguise identity of sender

Simple and easy opt-out

Timely honor opt-out requests

UK: E-Commerce Directive

The Regulations contain provisions on commercial e-commerce communications and include a requirement that all UCE (unsolicited commercial email) should be easily identifiable as soon as it is received (thereby enabling automatic deletion/filtering). It also states that all websites should have full postal and telephone contact details.

Netherlands: The Telecommunications Act

No advertisement can be sent via email without explicit previous permission by the recipient

Recipients that feel their rights have been violated can forward their complaints to a special website, www.spamklacht.nl

The Dutch Independent Post and Telecommunications Authority is an independent organization in charge of investigations and fine violators for up to 450.000 EUR per case

Austria: § 107 of the new Telecom-Law 2003 (TKG 2003) § 107(2) - The practice of sending electronic mail - including SMS -

to consumers without prior consent is prohibited if the electronic mail was sent for purposes of direct marketing, or the electronic mail was sent to more than 50 recipients. (3) Prior consent according to Article 2 is not required if the sender has obtained the electronic contact details of its

customers in the context of the sale of a product or a service, and these electronic contact details are used for direct marketing of its

own similar products or services, and provided that customers clearly and distinctly are given the

opportunity to object, free of charge and in an easy manner, to such use of electronic contact details when they are collected and on the occasion of each message

Austria: § 107 of the new Telecom-Law 2003 (cont’d) (4) The practice of sending electronic mail - including SMS - without

prior consent to other recipients than those defined in Article 2 is allowed if the electronic mail or SMS explicitly provides the recipient with the opportunity to object to any further messages

(5) The practice of sending electronic mail for purposes of direct marketing disguising or concealing the identity of the sender on whose behalf the communication is made, or without a valid address to which the recipient may send a request that such communications cease, is prohibited even if Article 2, 3 or 4 apply.

§ 109(3) An infraction subject to a fine of up to EUR 37000 is committed by anyone who

  20. sends electronic mail contrary to § 107 Art. 2 and 4.    21. sends electronic mail for purposes of direct marketing contrary to § 107 Art. 5

France

Specific spam law: Loi du 21 juin 2004 pour la confiance dans l'économie numérique (in French only)

Article 22 of this law prohibits the sending of e-mail without specific prior consent from the addressee

Databases of legally collected details (i.e., those obtained directly from the addressee at some point in the past) may be used to send promotional materials, but in all cases a clear option to cease all further correspondence must be provided

Ireland

Ireland passed the self-titled European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations 2003. Regulation 13 is about spam, and it starts strong with mandatory opt-in for unsolicited spamming

The law gives effect to new EU regulations banning the sending of unsolicited e-mails or text messages to the general public

Violators reportedly face fines of up to 250,000 euros See office of the Data Protection Commissioner for overview

of regulations, including a guide for direct marketing: http://www.dataprotection.ie/ViewDoc.asp?fn=/documents/responsibilities/DMGuidance.htm&CatID=57&m=y

Germany: The Act for the Use of Tele-Services

Under the law, email marketers will have to provide their correct address and also make email content clear in the header

Falsification of IP addresses will also be made illegal The proposal has been approved by both the Greens and

the Social Democrats (the two halves of Germany's ruling coalition) and will have its first reading in the German parliament (Bundestag) on February 17th

The German anti-spam policy follows recent legislation in both the US and UK

China: Measures for the Administration of Internet E-Mails In June 2007, on China's mainland, there were 162 million Internet

users, 1.31 million websites and 67 million online computers, and the total bandwidth at the international gate reaching 305Gbps

The Ministry of Information Industry issued "Internet Email Service Regulations" on February 21, 2006, with an effective date of March 30, 2006

Makes it a crime to own an unregistered mail server Businesses and Internet service providers must inform the

government at least 20 days before an email server is built and must make provisions for keeping all email for a minimum of 60 days. The law also makes it illegal to discuss information security via email, along with any other subject outlawed in China

Critics say that while the law may have started as an anti-spam law, it is a freedom-limiting gesture by a government known for keeping a tight hold on its portion of the Internet

China: Measures for the Administration of Internet E-Mails Apply to e-mail service providers and to any person operating e-mail service

for Internet users in Mainland China. The main provisions in the regulation are:

A provider is defined as any person in the service supply chain involved in delivering or helping users to receive e-mail;

Service providers must register with the government and obtain a license before providing e-mail services;

Violators face warnings or penalties of up to 30,000 yuan (approx. $3,700 US) and risk losing their license;

Firms are barred from sending unsolicited commercial messages without prior consent from recipients;

All commercial e-mail must have a subject header of "AD" or the Chinese character for advertisement;

The rules only apply to email containing commercial advertisements; and The rules state that providers must stop delivery of any messages

containing commercial advertisements even if a recipient first consents, but later changes his or her mind.

Japan: The New Anti-Spam Law (2008) Under the New Anti-Spam Law, senders may only distribute CEMs if the

recipients fall into one of the following categories: Individuals who have notified the Sender in advance that they request or agree

to receive commercial email; Individuals who have provided the Sender with their own email addresses; Individuals who have a preexisting business relationship with the Sender; and Individuals (limited to those engaged in for-profit activities) or groups that publicly

announce their own email addresses. Because all of these categories require affirmative acts by the recipient before a

Sender is permitted to transmit commercial email, Japan has essentially adopted a modified opt-in system for commercial email regulation. 

The New Anti-Spam Law does not describe how individuals must notify Senders of their email addresses for the opt-in to be valid. 

Nor does it indicate what constitutes a “business relationship” or how an individual or group “publicly announces their own email address” for opt-in purposes. 

Japan: Additional Requirements

In addition to requiring opt-in consent; there are four further requirements under the New Anti-Spam Law that Senders must fulfill:

Senders must keep records which prove that the recipients requested the emails;

Senders must honor opt-out requests received from individuals; Senders must include certain information in the commercial email

sent; and Senders are prohibited from sending email using programs that

generate email addresses and from falsifying information about themselves.

New Zealand: The Unsolicited Electronic Messages Act (“UEM”) Administered by New Zealand Department of Internal Affairs

The UEM provides that implied consent exists if:an electronic address has been conspicuously published by a person in a business or official capacity, andit is not accompanied by a statement requesting that no unsolicited messages be sent to that address, andthe message is relevant to the recipient’s business, role, function or duties in a business or official capacity.

If a sender is unable to satisfy the Department that they have consent to send a CEM, then a breach of the Act may be found

Penalties under the Act range from written warnings, through to infringement notices and pecuniary penalties.

Guide for businesses (from New Zealand’s Department of Internal Affairs): http://www.dia.govt.nz/diawebsite.nsf/wpg_URL/Services-Anti-Spam-Business-Info?OpenDocument

New Zealand: UEM (cont’d)

UEM intended to encourage good direct marketing practice by:

Requiring electronic messages to contain a functioning unsubscribe facility

Ensuring electronic messages are sent only to customers who have consented to receiving it

Restricting the use of address-harvesting software. The UEM covers email, instant messaging, SMS and MMS

(text and image-based mobile phone messaging) of a commercial nature. It does NOT cover faxes, Internet pop-ups or voice telemarketing.

India: The Information Technology Act (“ITA”)

As of today, the Indian government has yet to promulgate legislation that squarely addresses direct marketing

The ITA does not contain any provision regulating direct marketing

The ITA does regulate obscenity, which covers publishing, transmitting or causing to be published in electronic form any material which is lascivious or appeals to the prurient interest

http://knol.google.com/k/direct-marketing-association-india/electronic-direct-mail-edm-in-india/275cg0astabrk/84# (article published by Direct Marketing Association India)

Australia

Australia's Spam Act became law on December 12th, 2003 and became enforceable on the 12th April 2004. The requirements of this legislation are extremely strict and have provided for daily fines for repeat offenders of over $750,000.

Australia’s legislation is opt-in based, however, there are provisions made for soft opt-in, where permission is inferred.

The Spam Act 2003 (Cth): Main Features CEM must be commercial in nature – either offering a commercial

transaction or directing the recipient to a location where a commercial transaction may occur

There is no reference to bulk messaging – a single unsolicited CEM could be construed as spam, although enforcement would be unlikely

The Act prohibits sending unsolicited commercial electronic messages that have an “Australian link” (originating in Australia or originating overseas sent to an address accessed in Australia).

Must contain accurate information about the person or organization that authorized the message.

Requires that all CEM must contain a functional “unsubscribe” facility to allow people to opt out from receiving messages from that source in the future. Such requests must be honored within five working days

The Act prohibits the supply, acquisition or use of address lists, as well as software that “harvests” electronic addresses from the internet, for the purpose of sending spam

The Spam Act applies to more than e-mails: mobile text messaging and other electronic messaging are also covered

Brazil Anti-spam legislation has been introduced in several separate bills None have reached a final vote A bill, proposed in 2002, would create criminal penalties for disseminating or selling

personal data without the data subject's permission. In 2003, three separate bills were introduced to regulate the telemarketing activities, and

two in 2004 – mainly, a reflection of the US "do-not-call list.“ In general, the intent is to create such lists under the control of either telemarketing

companies or the Brazilian Ministry of Communications The Brazil Anti-Spam Group created a market-oriented self-regulation initiative to

encourage advertisers to provide accurate information about themselves to recipients, to observe truth-in-advertising norms, and to let recipients opt-out of future mailings, thus aiming at promoting consumer confidence in the use of e-mails

However, the effectiveness of the Anti-Spam Code of Ethics has been questioned, because there are no proposed sanctions for the breach of its terms other than the listing of the spammers on the Brazil Anti-Spam Group's website and because the Code of Ethics allows the sending of unsolicited e-mails as long as some conditions have been met

A ruling by a court of Florianópolis considered receiving unsolicited e-mail something perfectly normal in the "cybernetic age" and unable to result in either moral or actual damages

Key Takeaways

Be sensitive to potential applicability of many laws (of potentially different countries)

Get legal counsel in each jurisdiction Compliance should be seen as part of business

strategy; optimizing ROI by using good information from trusted sources

By doing this, avoid the loss of goodwill and exposure attendant with …

Spam!

Questions?

Disclaimer

This presentation is for general informational purposes only and is not legal advice. The evaluation of legal issues always depends on specific facts and circumstances. This presentation should not be used as a substitute for competent legal advice from a licensed attorney.

Your use of this presentation does not create an attorney-client relationship. Please do not send me any confidential information by email or otherwise as your communication will not be privileged and may be subject to compelled disclosed to other persons.

Thank You

David S. AlmeidaMichael Best & Friedrich LLPDsalmeida@michaelbest.com