collaborative compliance

 

Spam Act

Page history last edited by DJ 2 yrs ago

The Spam Act 2003 bans the sending of unsolicited commercial electronic messages including email and SMS. It also bans the supply, acquisition or use of email harvesting software and lists produced by such software.

 

 

Commercial electronic messages can only be sent with the consent of the recipient, they must contain information about the originator and must incorporate a functional ‘unsubscribe’ facility. The Act does not apply to non-commercial organisations, including political, religious or charitable organisations, and factual material.

 

 

The Australian Communications and Media Authority (ACMA) is Australia’s spam watchdog. The legislation gives the ACA an investigative and regulatory role with the electronic marketing industry that is similar to its role with the telecommunications industry.

 

 

ACMA also has power to:

 

•    enforce undertakings by originators of commercial messages

•    issue formal warnings and court injunctions

•    issue infringement notices and fines in lieu of court proceedings, and

•    seek court imposed penalties.

 

 

What is “spam”?

 

“Spam” is not defined. The Act prohibits unsolicited “commercial electronic messages” with an “Australian link”.

 

Electronic messages are messages sent using an Internet or other carriage service to an electronic address (and include emails, SMS and MMS, but exclude voice calls from a standard telephone service).

 

 

Commercial electronic messages are electronic messages sent for one of the commercial purposes set out in section 6 of the Act (such as offering to supply goods, services, land, business or investment opportunities or advertising or promoting such services or to dishonestly obtain a financial advantage from a person).

 

 

A commercial electronic message will be regarded as having an Australian link if the message originates in Australia or is received in Australia.

 

 

When can a commercial electronic message that has an Australian link be sent?

 

 

It cannot be sent unless:

 

•    the relevant account-holder consented to the message;

•    the sender did not know and could not, with reasonable diligence, have ascertained that the message had an Australian link (eg which may occur if the Australian recipient has an address that ends with '.com' rather than '.com.au');

•    the message was sent by mistake (eg where a virus on the sender's computer results in the message being sent); or

•    the message falls within the definition of a designated commercial electronic message.

 

 

When does a person “consent” to receiving emails?

 

 

The Act states that consent can be expressly given or can be reasonably inferred from the conduct, business and other relationships of the individual or organisation concerned. Consent is not to be inferred from the publication of the recipient's electronic address. It can, however, be inferred if the electronic address was conspicuously published and it would be reasonable to assume that that address was published with the addressee's consent and the publication does not specifically exclude consent.

 

 

What is an exempt designated commercial electronic message?

 

 

The general prohibition does not apply to designated commercial electronic messages, which are defined in Schedule 1 of the Act as:

 

•    messages that consist of no more than factual information, with or without comment, and some form of information that identifies the source of the information (for instance, name, logo and contact details of the person who authorised the sending of the message); or

•    messages sent, subject to certain conditions, by a government body, a registered political party, a religious organisation, a charity or an educational institution.

 

Requirements for commercial electronic messages

 

All commercial electronic messages (including designated commercial electronic messages), whether solicited or unsolicited, that have an Australian link, must:

 

•    clearly and accurately identify the individual or organisation that authorised the sending of the message (eg by including a correct company name and ABN); and

•    include accurate information about how the recipient can readily contact that individual or organisation.

 

All commercial electronic messages (except designated commercial electronic messages), whether solicited or unsolicited, that have an Australian link, must contain a 'functional unsubscribe facility'.  

 

 

A functional unsubscribe facility is statement to the effect that the recipient may use an  electronic address set out in the message to unsubscribe from receiving any further messages from the individual or organisation who authorised the sending of the message.

 

 

Prohibition on electronic address-harvesting software and address lists generated using such software

 

Address-harvesting software means software that is specifically designed for searching the Internet for electronic addresses and for collecting and compiling those addresses. A harvested address list includes a list that was produced prior to the commencement of the Act.

 

 

To fall within the prohibition, there must be some link to Australia, so that either the supplier or the customer is physically present or carries on business in Australia.

 

 

The defences to the above prohibitions include:

 

•    the supplier had no reason to suspect that the address harvesting-software or harvested-address list would be used in connection with sending unsolicited commercial electronic messages;

•    the supplier did not know (and could not, with reasonable diligence, have ascertained) that the customer had a relevant Australian connection;

•    the acquirer of the software or list did not intend to use them in connection with sending unsolicited commercial electronic messages; or

•    the address harvesting-software or harvested-address list is not used in connection with sending unsolicited commercial electronic messages.

 

 

Penalties.

 

Enforcement of the legislation will be undertaken by the ACA under a multi-tiered scheme. The ACA will be able to issue formal warnings, seek injunctions and seek investigative and monitoring warrants from the courts. The financial penalties faced by spammers will be significant, with organisations liable to pay $220,000 (individuals up to $44,000) for the first contravention on a single day. Repeat offenders will be more severely penalised, with organisations liable to pay up to $1.1 million per day (individuals up to $220,000).

 

 

Compliance issues

 

All businesses need to review existing privacy policies and procedures or risk large fines.

 

In particular they will need to manage employees’ use of email and train them.

 

 

Internet Industry Spam Code Of Practice - A Code For Internet And Email Service Providers(pdf)

 

Australian eMarketing Code of Practice.

 

Clarity1 decision

 

 

Comments (0)

You don't have permission to comment on this page.

Printable version
 
Anonymous Create an account or Log in