When anti-spam campaigner Mark Mumma of Oklahoma got fed up with receiving successive unsolicited emails from Omega World Travel, he posted a report on his website and threatened to sue Omega. But perhaps the last thing Mumma expected was a US$3.8-million defamation claim from Omega.
Late last year Omega won an appeal against Mumma on the issue whether in fact Omega had breached the US Controlling the Assault of Non-Solicited Pornography and Marketing Act 2003 (the “CAN-SPAM Act”). In the United States, the case has prompted considerable commentary on whether this federal legislation is indeed effective in the war against spam.
In addition to causing frustration and annoyance, spam undermines confidence in dealing with business and other online communications, clogs and threatens the integrity of network and computing resources, and reduces work productivity.
New Zealand’s attempt to address the exponential growth of spam comes in the form of the Unsolicited Electronic Messages Act, which will be in force on and from 5 September 2007.
The New Zealand Act will require senders of “commercial electronic messages” first to have the consent of the recipient before the message is sent. This approach (known as an “opt-in” regime) contrasts with the approach adopted in the United States under the CAN-SPAM Act, which allows the sender to keep sending commercial electronic messages until the recipient tells the sender to stop (known as an “opt-out” regime).
The New Zealand law regulates “commercial electronic messages”. These include electronic messages (email, SMS text, instant messages, but not voice calls or faxes) that market goods, services, land, or business and investment opportunities. A number of message types are excepted from the legislation, including messages that respond to a request for a quote or estimate; messages that confirm commercial transactions; and messages that provide information directly related to an employment relationship or a related benefit plan. Messages that provide information about goods and services offered or supplied by a government body or a court or tribunal are also not caught.
However, an email that provides a link or directs a recipient to a marketing message will be classed as a “commercial electronic message”. This means that an email that includes content unrelated to marketing may become a “commercial electronic message” if it includes a link to the company’s website which promotes or markets goods, services, land or business or investment opportunities.
There are four key requirements for compliance with the Unsolicited Electronic Messages Act:
- Consent. The sender of the “commercial electronic message” must have consent of the recipient before they send the message. For marketers, this means electronic message marketing lists must be checked to ensure they have either the recipient’s:
- express consent – a direct indication that the recipient consents to the sending of the message
- inferred consent – which can arise from conduct and a business or other relationship of the sender and the recipient; or
- deemed consent – which only arises where the recipient’s electronic address has been published in a business or official capacity; the publication is not accompanied by a “no spam” type statement; and the message being sent to the recipient is relevant to the recipient in a business or official capacity.
- Unsubscribe facility. All commercial electronic messages must include a functional unsubscribe facility which allows the recipient to respond (at no cost) to inform the sender that such messages should not be sent to them in the future at that address.
- Contact details. All commercial electronic messages must include information which clearly identifies the person who authorises the sending of the message and how that person can be contacted.
- Address-harvesting software and related lists. This type of software, and lists compiled by use of this software (whether before or after the coming in to force of the Act), must not be used in connection with the sending of unsolicited commercial electronic messages. Address-harvesting software is computer software which searches the Internet for email addresses and then collects or compiles those addresses.
Aiding, abetting, inducing or knowingly being concerned in or a party to breaches of the above provisions will also attract liability.
The Act sets out an enforcement regime, which includes a process for formal warnings from the “enforcement officer” (appointed by the Department of Internal Affairs); rights to seek injunctions, compensation and damages; and penalties for individuals of up to $200,000, and for organisations of up to $500,000.
The Act covers electronic messages that originate from or are received in New Zealand. This means for example that senders who arrange for messages to be sent from an overseas Internet Service Provider are caught. The Government does hope that the Act will eventually assist in minimising the level of spam entering New Zealand by providing a basis for New Zealand to approach anti-spam enforcement agencies in foreign jurisdictions about breaches of the New Zealand legislation.
The Act at least prevents New Zealand from becoming a “safe haven” for spammers (which was becoming a risk, given that New Zealand was one of the last OECD countries to enact an anti-spam law).