How E-Mail Spam Regulations
Differ Around the World
E-mail marketing continues to be the most efficient and effective marketing tool for businesses to use in communicating with their clients. Compared to other mediums, it also continues to deliver the lowest cost per thousand and provides an excellent return on investment.
The global rise in use of e-mail for marketing purposes, however, has resulted in increasingly restrictive laws governing such communications. In this report, we'll examine these laws in the United States and abroad.
The United States
The CAN-SPAM Act of 2003 provides U.S. marketers with the legal parameters for distributing electronic messages. At its core, compliance with these laws is a matter of following a few simple rules. It is interesting to note that even though the CAN-SPAM Act has been in force for more than eight years, a recent survey by WebSurveyor.com found that 81% of marketing executives still don't know what the act requires.
1 It is important to note that the CAN-SPAM Act only applies to commercial e-mail whose purpose is primarily the advertising or promotion of a business product or service. The act does not restrict "transactional or relationship" e-mail, which is defined as:
- E-mail that confirms a transaction the recipient has already agreed to with the sender.
- Information about the delivery of goods that the recipient has already agreed to with the sender.
- Warranty information, recalls and other notifications related to a product that the recipient purchased from the sender.
- Information about changes to the recipient's pre-established account or status with the sender.
2 Some Simple Guidelines for Complying with CAN-SPAM
Don't use false or deceptive header information. Senders of commercial messages must identify themselves with a valid, accurate domain name and e-mail address. "Reply-to" information must lead the recipient back to the sender of the message.
Do not use deceptive subject lines.The subject line of an electronic message must accurately reflect the content of the message in the body of the e-mail.
Identify the purpose of the message. If the e-mail contains advertising material, the sender must disclose this in easy-to-understand language.
Divulge your location. All messages must contain either a physical address of operation or a valid postal box registered to the business sending the message.
Understand that you alone are responsible for your e-mail marketing messages. Using hired companies to create and deliver commercial messages does not exempt you from complying with these directives. It is the responsibility of each company to ensure its messages are being sent in compliance with the law.
Obtain permission of recipients who are not customers before delivering any commercial electronic communication. Note that existing customers who have not "opted out" of previous commercial e-messages are considered to have granted permission to their vendor to send them commercial e-mail messages.
3 There are several ways for a non-client recipient to give permission to be sent commercial e-mails:
- The recipient may, on their own initiative, request commercial e-mail messages from the sender.
- The recipient may give affirmative consent in response to a clear request from the sender. (An example of this might be an option on the sender's Web site that says, "Sign me up to receive our monthly newsletter.")
- The sender's request must be "clear and conspicuous." In other words, it must be obvious to the recipient exactly what it is they are opting in to receive.
- The sender may not distribute the recipient's e-mail address to another party (who would also send commercial e-mail to the recipient) unless the recipient has given explicit consent to this effect.
Give the recipient a way out. All commercial messages delivered to a U.S. e-mail address must provide the recipient a way to opt out of further communications from that sender. The method with which to refuse further communications must be clearly displayed or stated and must be easy to understand and execute.4 This can be accomplished with a "reply-to" e-mail address that is regularly monitored in order to promptly comply with user requests, or by providing a link giving the recipient choices about what type of messages, if any, that they would like to continue to receive from the sender. A 2008 FTC Update says 5 an e-mail recipient needs only to provide his or her e-mail address when opting out from receiving commercial e-mail communications.
Honor "opt-out" requests promptly. CAN-SPAM allows 10 business days for senders of commercial messages to comply with a recipient's request to be removed from future electronic communications. Honoring the request means also removing that person from any list that may be transferred or sold to other marketers.
For an expanded look at how to ensure compliance with U.S. law, visit The CAN-SPAM Act and What You Need to Know. Also review our February 2004 MarketScope, which discusses in simplified terms the requirements of the CAN SPAM Act.
The European Market
The European Union's Directive on Privacy and Electronic Communications sets forth laws similar to those cited in the CAN-SPAM Act for electronic messaging recipients that reside in any of the European Union member states. In fact, all guidelines set forth by the CAN-SPAM Act apply in Europe as well. There are, however, notable additions, particularly regarding conduct pertaining to data capture.
Rules Concerning Data Capture
Data capture is permission-based in the European Union. With the exception of transactional or billing communications, the online behavior of individuals sending electronic communications is prohibited without obtaining the recipient's prior consent. Even "cookies" that simply place an invisible, electronic recognition device on a Web site visitor's computer are regulated by Europe's privacy directive in Article 6, which states:
- Users should be made aware that a cookie is being placed on their computer.
- The methods for offering consent and offering refusal should be made clear and user friendly.
- The user of a Web site may be restricted from accessing specific Web site content unless the user gives well-informed consent to the acceptance of cookies.
- When requesting that a user volunteer information such as name and e-mail address, the user must be made aware of how this information will be used and must agree to those terms.
- The directive recognizes that 6 data capture can be a legitimate and useful tool for businesses to analyze effectiveness of Web site design and advertising and in verifying the identity of users engaged in online transactions.
- Traffic data used for marketing communications services or for the provision of value-added services should also be erased or made anonymous after the provision of the service. Service providers should always keep subscribers informed of the types of data they are processing and the purposes and duration for which this is done.
- Any activities related to the provision of the electronic communications service that go beyond the transmission of a communication and the billing thereof should be based on aggregated, traffic data that cannot be related to subscribers or users. Where such activities cannot be based on aggregated data, they should be considered as value-added services for which the consent of the subscriber is required.
To explore the EU Directive on Privacy and Electronic Communications and stay informed on laws governing individual member states, visit The Federation of European Direct and Interactive Marketing.
The Asian Market
Laws governing commercial e-mail communications in Asia tend to have far fewer restrictions than American and European laws. Most currently simply require marketers to provide an "opt out" of electronic messaging. They also require senders to be truthful with sender information, subject lines and content.
But as was the case in the U.S. and Europe, the growing popularity of electronic messaging and the issues that arise from such growth are causing some to re-examine the rules. The government of Hong Kong, for instance, issued this more restrictive mandate in 2007:
Unsolicited Electronic Messages Ordinance
According to the Unsolicited Electronic Messages Ordinance ("the UEMO"), senders of commercial electronic messages are required:
- to provide clear and accurate sender information in the message;
- to provide an unsubscribe facility and an unsubscribe facility statement in the message;
- to honor unsubscribe requests within 10 working days after the request has been sent;
- not to send commercial electronic messages to any telephone or fax number registered in the Do-not-call Registers starting from the 10th working day of its registration, unless consent has been given by the registered user of the relevant telephone or fax number;
- not to hide the calling line identification information when sending messages from telephone or fax numbers; and
- not to send e-mail messages with misleading subject headings.
In addition, the UEMO prohibits the use of unscrupulous techniques to expand the reach of commercial electronic messages, and fraud and other illicit activities related to the sending of multiple commercial electronic messages.
To review the complete legislation, visit Office of the Telecommunications Authority. China is also planning to add restrictions to its current policy that are expected to ban unsolicited e-mails and introduce opt-in requirements. ClickZ Asia offers marketers to China the following best practices: The Golden Rules of Marketing in China
Meanwhile, Singapore has implemented the following spam control, requiring:
- If a message has a subject field, that subject title cannot be misleading.
- Insertion of <ADV> (advertisement) before the title of the message, or in a case where there is no subject field, before the actual content of the message.
- That the message contains an accurate and functional e-mail address or telephone number through which the sender can readily be contacted.
For details on compliance, visit Singapore spam control.
Though there are differences in the levels and types of laws governing e-communications globally, the principles at the root of these laws generally serve a common purpose: the protection of privacy and fair practice. For information on electronic marketing and communications in other parts of the world, visit spamlaws.com.
. . .
FPS regularly works with financial services companies to maximize the impact of their client communications, including e-mail and online communications. To find out how we can help you develop effective strategies for communicating with corporate financial executives, contact FPS President Vince DiPaolo at 847-501-4120 x3 or [email protected].
If you are not already a MarketScope subscriber, please request your own free monthly edition.