Navigation

Privacy? What about Spam?

Posted on July 10, 2020

Most organisations know that when they are reaching out to customers or potential customers using their personal information (name, email address, etc), they must take care with the Australian Privacy Principles as laid down by the Privacy Act.

Many are not so aware of the Spam Act 2003. Earlier this month, Woolworths was fined more than A$1 million for 5 million breaches of the Spam Act. This followed on the heels of a fine slapped on Optus earlier this year for $504,000 for similar Spam Act breaches. The fines are levied by the regulator, the Australian Communications and Media Authority (ACMA).

The Woolworths breaches came about because they continued to send marketing emails to customers after those customers had already tried several times to unsubscribe. In the Optus case, they were sending SMS and email marketing messages after customers had unsubscribed, and they also sent commercial ‘billing notices’ that did not include an ‘unsubscribe’ function.

The Spam Act contains a prohibition on sending unsolicited ‘commercial electronic messages’. These includes email, SMS (and MMS), and instant messaging. Only messages with an ‘Australian link’ are caught, including if the messages are accessible in Australia even though sent from overseas.

‘Commercial’ here simply means that the messages are sent for business purposes, eg an offer or advertisement of goods or services, or to promote a business, or to advertise or promote a business opportunity or investment, etc.

‘Consent’ by the person receiving the message is the touchstone here. Consent can be express (ticking a box, or agreeing in a phone call or in person); or implied (eg. failing to tick an opt-out box, or based on the conduct between the organisation and the message recipient, or their business or other relationship).

It is also critical that the commercial electronic messages provide an ‘opt-out’ facility. This must be in easy to understand language, and no fee can be required for its use.

In many industries it is the practice to ‘purchase’ lists of customers or potential customers, which are then used for the sending of DM (direct marketing) or more likely, eDM messages. Businesses have to be careful in this area.

In all of this, one good pointer is - ‘Don’t be creepy’: as well as strict legal compliance, always consider the ‘annoyance factor’ for potential or actual customers. If you use telemarketing, be aware of the way in which the ‘Do not call’ Register works. And If you have any doubts about the legitimacy of your customer contact practices, or need advice in this area, please do not hesitate to contact us.

[*SPAM is of course a registered trade mark owned and registered by Hormel Foods Corporation in 1943]

View all articles