Complying With Spam Laws (Australia)
Over time the number of commercial electronic messages has increased drastically. In response to the problems caused by the growing volume of unsolicited commercial electronic messages (or spam), the Australian Spam Act 2003 (cth) "Spam Act", was developed. This article aims to provide practical information about the Spam Act, and guidance on steps that may be taken to assist with compliance.
The 3 Steps to Compliance
Do you have consent to send an e-mail marketing campaign?
When reviewing your business practices and the content of your commercial messages to ensure you comply with the Spam Act, you should consider the following three steps:
Consent - Only send commercial electronic messages with the addressee’s consent - either through expressed or inferred consent.
Identify - Include clear and accurate information about the person or business that is responsible for sending the commercial electronic message.
Unsubscribe - Ensure that a functional unsubscribe facility is included in all your commercial electronic messages. Deal with unsubscribe requests promptly.
Step 1: Consent
Your commercial messages should only be sent when you have consent. This may be express consent from the person you wish to contact – a direct indication that it is okay to send the message, or messages of that nature. It is also possible to infer consent based on a business or other relationship with the person, and their conduct.
You have received expressed consent from an addressee if that person has specifically requested to receive messages from you. Examples of this include when:the addressee has subscribed to your electronic advertising mailing list;the addressee has deliberately ticked a box consenting to receive messages or advertisements from you; or the addressee has specifically requested such material from you over the telephone.
Consent may be inferred when the person you wish to contact has not directly instructed you to send them a message, but it is still clear that there is a reasonable expectation that messages will be sent.You may be able to reasonably infer consent after considering both the conduct of the addressee and their relationship with you. For example, if the addressee has an existing relationship with you and has previously provided their address then it would be reasonable to infer that consent has been provided. Other examples of where consent may be inferred are:
- When purchasing goods or services an addressee has provided their electronic address in the general expectation that there will be follow-up communications;
- When an addressee has provided their address with the understanding that it would be used in day-to-day transactions (such as online banking or business), and may be used for additional communications (for example notification of related services or products);
- Online registration of a product or a warranty;
- When an addressee has conspicuously published their electronic address. In such a case the Spam Act permits commercial electronic messages to be sent to the addressee, if the message relates to the addressee’s published employment function or role. If a plumber advertises their email address, it is okay to send them offers of work or of plumbing supplies, but not to send an offer unrelated to their work, such as cheap pharmaceuticals. If the published address is accompanied by a statement saying that it should not be used for such messages, such as the words “no spam”, then it cannot be used to infer consent to a message being sent;
- Similarly, when an addressee has provided a business card containing their electronic address, it would be a reasonable expectation on both sides that relevant messages would be sent to that electronic address. For example, if the business card was provided for work purposes then it would not be reasonable to infer that the addressee consented to receiving messages from you which are unrelated to their work.
Oncord provides 3 subscription statuses:
- Pending: These users do not have your consent for you to send to them. They will not receive your messages.
- Subscribed: These users have your consent (either expressed or inferred). They will receive your messages.
- Unsubscribed: These users were once subscribed and have chosen to opt-out. They will not receive your messages.
You must ensure the subscription status of your contacts is kept accurate.
Step 2: Identity
Your commercial messages should always contain clear and accurate identification of who is responsible for sending the message, and how they can be contacted. It is important for people to know who is contacting them, and how they can get in touch in return. This will generally be the organisation that authorises the sending of the message, rather than the name of the person who actually hits the “send” button. Identification details that are provided must be reasonably likely to be accurate for a period of 30 days after the message is sent. This would be a consideration if the business was about to change address.
Oncord will default your "From / Sender Name" to your business name. You must ensure that your messages clearly identify your organisation as the sender.
Step 3: Unsubscribe
Your commercial messages should contain an unsubscribe facility, allowing people to indicate that such messages should not be sent to them in future. All commercial electronic messages must contain a functional unsubscribe facility, allowing people to opt-out from receiving future messages. Such a request must be honoured.
The Spam Act specifies that the person’s consent has been withdrawn within five working days from the date that the unsubscribe request was sent (in the case of electronic unsubscribe messages) or delivered (in the case of unsubscribe messages sent by post or other means).
Similar to the identification of the message’s sender (step 2, above) the unsubscribe facility must be reasonably likely to remain accurate and functional for a 30 day period.
Oncord provides an automated unsubscribe facility. You can create a link to the unsubscribe form by linking to /community/email/unsubscribe/. You must manually act on any unsubscribe request from your database that comes from outside of this channel.
More Information on Australian Spam Compliance
This article provides an explanation of the main requirements of the Spam Act 2003 (the Spam Act), and outlines business practices that comply with the legislation: Spam Act 2003: A Practical Guide for Business
Additional information in relation to the Spam Act and preventative measures is available from the ACMA website located at the following addresses:
While every effort has been made to ensure that the article is accurate, no warranty, guarantee or undertaking is given regarding the accuracy, completeness or currency of this article. This guide should not be relied upon as legal advice. Users are encouraged to seek independent advice relevant to their own particular circumstances.