International E-mail Marketing Legislation

International E-marketing legislation

When it comes to digital marketing, there is access to infinite amounts of data about our prospects and customers through a myriad of different tools and across many channels. It’s exciting knowing that you are able to utilise that data to market to your target customer base and create fantastic opportunities, but you have to keep in mind that by doing so you have to be held accountable for how you use the information.

E-mail and digital marketing legislation varies from country to country, which makes compliance difficult to achieve. Before starting your e-mail or digital marketing campaign, it’s your responsibility to fully understand the anti-spam laws and marketing regulations for all of the regions where you do business.

Let’s give you a brief guide to laws that govern several countries’ you may do business with, and review what we as marketers need to know to remain in compliance:

United Kingdom

If you are targeting customers in the United Kingdom, it’s important to know the detail of the Privacy and Electronic Communications (EC Directive).  Signed in 2003, this directive was brought in to legislate against sending unsolicited automated recorded messages for direct marketing purposes via a telephone, without prior consent from the subscriber.  This directive also includes all electronic communications, such as email or SMS mobile phone messages.

One important aspect covered by this regulation is that it is unlawful to send someone direct marketing who has not specifically granted their permission (via an opt-in agreement), unless there is a previous relationship between the parties. As a marketer, you aren’t allowed to add people’s details to your marketing database and offer an “opt-out” after they have started sending direct marketing.

This law can be enforced against any offending companies or person anywhere in the European Union. The UK Information Commissioner‘s Office holds responsibility for the enforcement of unsolicited e-mails and considers complaints about breaches. A breach of an enforcement notice is a criminal offence subject to a fine of up to £500,000 depending on the circumstances.

The UK Information Commissioners office does provide details on exceptions to this ruling though as follows:

Currently there are still allowances made for what is known as the ‘soft opt-in’ if the following conditions are met;

  • If you or your company has obtained a person’s details in the course of a sale or negotiations for a sale of a product or service;
  • If the content you are sending relates only to marketing similar products or services
  • If the contact is given a simple opportunity to refuse marketing when their details are collected, and if they don’t opt out at this point, are given a simple way to do so in future communications

It’s a fine line though and you must be careful not to cross into unsolicited territory. Services such as the EPS, Email Preference Service whereby people can register their details to ensure they are not contacted. This is particularly important if you are purchasing data lists from external sources that the data is cleansed and deduped against services such as the EPS.

All emails sent must indicate clearly, who you are, what you are selling and the clearly defined terms of the promotion or offers that you are advertising.

You must also ensure that you provide a valid contact address for the recipient. The rules on emailing organisations are not as robust but you must still identify yourself, and if you are emailing a generic company email address it is unlikely to get passed on if it’s deemed as junk or spam, the more articulate your communication is the more likely it is to yield a response.

Useful sources for United Kingdom marketing regulations and legislation

https://www.gov.uk/marketing-advertising-law/direct-marketing

http://www.legislation.gov.uk/uksi/2003/2426/contents/made

https://ico.org.uk/for-organisations/guide-to-pecr/electronic-and-telephone-marketing/

Important Update: In 2018 the European Union plan to roll out the new ‘General Data Protection Regulation’ this will increase the privacy rules and responsibilities for data providers and all companies marketing to individuals. The ICO provides a useful overview on this below.

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

 

 United States

For email marketers targeting customers in the United States, it’s important to have a full understanding of the CAN-SPAM Act. This act is regulated and enforced by The Federal Trade Commission who are a bipartisan federal agency their main aim is to protect consumers whilst promoting competition. CAN-SPAM legislation covers all commercial messages, which means any email with the goal of advertising and/or promoting a product or service. Penalties for failing to comply with this law can result in fines of up to $16,000 per email sent.

The headline requirements of CAN-SPAM are;

  1. Don’t use false or misleading header information.
  2. Don’t use deceptive subject lines.
  3. Identify the message as an ad
  4. Tell recipients where you’re located.
  5. Tell recipients how to opt out of receiving future email from you.
  6. Honor opt-out requests promptly.
  7. Monitor what others are doing on your behalf.

According to the USA Federal Trade Commission, marketers can’t use false or misleading header information or use deceptive subject lines.  Recipients must be able to identify the message they have received as an advertisement, and they must also be informed of your business’s actual physical address.  Marketers have to explicitly inform recipients how to opt-out of receiving future emails from you (unsubscribe), as well as honour opt-out requests promptly and keep an eye on what others are doing on your behest.

https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business

 

Canada

Canada has one of the strictest anti-spam laws in the world, if you are sending email to prospects in Canada, you must have full knowledge of Canada’s Anti-Spam Legislation (CASL). This legislation covers all the requirements of the US’s CAN-SPAM Act with some added points.  To be fully compliant with CASL, you will need full permission from the recipient to send emails to them, as well as proof of them opting-in to receive emails from your business.  Your full business information identification is required to send emails, and marketers are barred from collecting and using email addresses without permission.

Both laws must be followed if you are sending across North America, so even if you’re only sending messages within the US, following CASL regulations is strongly advised.

New laws passed in 2014 with a three year transitional period to fully realise the provisions. The detail is tricky but the following links identify the key FAQs very clearly. It is highly recommended that you familiarise yourself with this before marketing in Canada or associated regions.

The proposed 2018 General Data Protection Regulation (GDPR), mentioned under the UK piece, follows in the footsteps of the CASL.

https://www.the-cma.org/regulatory/resource-links

http://fightspam.gc.ca/eic/site/030.nsf/eng/00304.html

https://www2.deloitte.com/ca/en/pages/risk/articles/canada-anti-spam-law-casl-faq.html

 

Europe

There isn’t a single anti-spam law or legislation that covers all of Europe, but there are anti-spam laws in place for a number of countries.  Some law similarities:  opt-in permission is required before you can send someone your data; a functional opt-out process with required notice must be provided; and people who opt out must be withdrawn from your lists forever.

If you are planning a European email marketing campaign, it’s not only important to segment each country for your campaign, but also to be fully aware of how anti-spam laws are applied in those specific countries.  Painting all European countries with a broad brush increases the risk of overlooking compliance issues in some countries. Utilising geographic segmentation and creating per-country anti-spam law checklists protects you from major stumbling blocks while also executing email marketing best practice.

In 2018 the European Union plan to roll out the new ‘General Data Protection Regulation’ this will increase the privacy rules and responsibilities for data providers and all companies marketing to individuals.

The full text of the GDPR can be read here..

http://data.consilium.europa.eu/doc/document/ST-5419-2016-REV-1/en/pdf

Asia/South America/Africa

At this time, there are all inclusive email regulations in place that circumscribe an entire continent and the many countries within them. While many countries in Asia, South America, and Africa have less rigorous requirements, they all still require that ever important opt-out notice. Nevertheless, it’s still important to have a full understanding of which countries have measures in place and how to oblige them despite the lack of firm anti-spam laws in each area. The list below provides the relevant links to the relevant requirements in each country – be warned some of them are lengthy!

 

Argentina

http://unpan1.un.org/intradoc/groups/public/documents/un-dpadm/unpan044147.pdf

 

Brazil

http://antispam.br/en/

 

China Regulations on Telecommunications of the People’s Republic of China

The long and short of it with China is check check and double check. Most of the laws seem to be around content and you will see from the first link below – the act is long and the regulations, around what content is deemed ok to communicate, are lengthy. It is probably sensible to source a local marketing provider.

http://www.china.org.cn/business/laws_regulations/2010-01/20/content_19273945.htm

http://www.benchmarkemail.com/blogs/detail/maintaining-compliance-with-chinas-severe-email-marketing-laws

http://sampi.co/email-marketing-and-chinas-anti-spam-laws/

 

Hong Kong’s Personal Data Protection Ordinance (PDPO) and UEMO

http://ofca.gov.hk/en/consumer_focus/uemo/index.html

 

Japan Act on Regulation of Transmission of Specified Electronic Mail

http://www.japaneselawtranslation.go.jp/law/detail_main?re=&vm=2&id=120

 

Malaysia

http://www.skmm.gov.my/Legal/Acts/Communications-and-Multimedia-Act-1998-Reprint-200.aspx

 

Mexico

https://www.itu.int/osg/spu/spam/legislation/MexicoLegislation-paper.pdf

 

Singapore Spam Control Act of 2007

http://statutes.agc.gov.sg/aol/search/display/view.w3p;page=0;query=Id%3A%22b81d86b6-20e4-4467-93ed-9c3901c55e73%22%20Status%3Ainforce;rec=0

 

South Africa Electronic Communications and Transactions Act 2002

http://www.internet.org.za/ect_act.html

 

South Korea (PIPA) Act on Information Protection

http://unpan1.un.org/intradoc/groups/public/documents/APCITY/UNPAN025694.pdf

 

Thailand

https://www.lexology.com/library/detail.aspx?g=a817a4c1-5f6b-472b-8b8a-264a37990808

 

Australia and New Zealand

For those sending to Australian recipients, it’s important to understand its Spam Act of 2003.  Similar to Canada’s CASL law, permission is required and the gathering of em

ails is prohibited. The only messages that can be sent legally without permission are messages from government bodies, registered charities, registered political parties, and messages from educational institutions to former or current students. While this law doesn’t apply in New Zealand, consent and the ability to unsubscribe are still required under the UEMA Unsolicited Electronics Act 2007.

https://www.legislation.gov.au/Details/C2016C00614

http://www.legislation.govt.nz/act/public/2007/0007/latest/DLM405134.html

 

Need more information?

Keeping up with international email regulations is difficult, but hopefully our quick overview will help give you a general guide.  If you still need more information, here are some helpful links to get you started:

 

Local Associations:

 

Remember: as a marketer, it is your responsibility to comply with the laws of the countries you mail to. Being an ethical digital marketer is not only the right thing to be—it can also save you a lot of time, money and headaches in the long run!

 

Disclaimer:  Please note that this blog only contains general information and insights about legal matters.  The information is not advice, and should not be treated as such. Kompass.com

Share Button