Feeds

First UK ruling under new email marketing regime

Explicit consent confirmed

  • alert
  • submit to reddit

The Power of One Infographic

A landmark decision published today confirms that you need to check for explicit consent before using a marketing list for an email campaign, even if you believe in good faith that the list comprises only those who opted to receive marketing.

That is the view of the UK's Advertising Standards Authority, which today published its first public decision based on new requirements for consent before marketing by email. It clarified another important point: what is necessary to identify a marketing communication as such.

Southampton seminar provider The Training Guild lost a key part of its case before the ASA over a recent e-mail campaign. It sent messages headed "Business Seminars – Telesales & Selling Skills Made Easy" which, when opened, promoted "a selling sales course for non-aggressive people". One recipient complained.

This was not a court case, and no laws were referred to. However, marketers in the UK are obliged to follow what is known as the CAP Code – and the complaint was made under two new provisions of the Code, introduced in March this year.

The complaint was, firstly, that the email did not make clear in its subject field that it was a marketing communication; and secondly that The Training Guild did not get explicit consent to send e-mail to the complainant.

The CAP Code is a set of rules produced by the UK’s Committee of Advertising Practice which are administered by the ASA, governing the content of UK non-broadcast marketing communications. Although lacking the force of legislation, the Code should be followed by all businesses and there are penalties available for non-compliance.

The Code states that marketers, "should ensure that marketing communications are designed and presented in such a way that it is clear that they are marketing communications. Unsolicited email marketing communications should be clearly identifiable as marketing communications without the need to open them."

This echoes a legal requirement introduced by the E-commerce Regulations of 2002. However, there has been little or no guidance under either the CAP Code or the Ecommerce Regulations on how to identify marketing communications as such.

Some suggest adding "ADV" to the start of a subject line, to indicate an advert, as is a requirement under Californian and other anti-spam laws. But until today, there has been no guidance from an authoritative source. The ASA's adjudication takes a more forgiving approach than California: its decision says that the words in subject field of The Training Guild's e-mail - "Business Seminars – Telesales & Selling Skills Made Easy" - made clear that the email was a marketing communication.

Unfortunately for e-marketers, the ASA was less forgiving on the second ground of complaint.

The most controversial addition to the CAP Code in March 2003 was that "the explicit consent of consumers is required" before "marketing by email or SMS text transmission, save that marketers may market their similar products to their existing customers without explicit consent so long as an opportunity to object to further such marketing is given on each occasion."

This reflects another legal requirement, found in the Directive on Privacy and Electronic Communications, which is due to be implemented in the UK by the end of October 2003. That requirement refers to unsolicited communications; the CAP Code does not, but this CAP Code provision only applies to marketing to consumers.

The Training Guild argued that over the past nine years it had built up a list of customers who wished to receive its promotional emails. It said that although one person in an office may have asked to be kept informed of its products by email, another person in that office may be unaware of that request and would also have received emails.

The Training Guild explained that it had bought a list of email addresses it thought were for businesses, not for individuals, which it believed had opted to receive information about training and business development topics by email. The company added that it had a strict policy of immediately removing someone from its mailing list if requested.

The ASA noted the complainant's email address was a personal one and not a business address. Claire Forbes, a spokesperson for the ASA, confirmed to OUT-LAW.COM that the issue would not have been adjudicated had it concerned a work email account.

In its decision, the ASA also acknowledged that the advertisers had bought a list of email addresses of people who had opted to receive information about business development topics by email in good faith.

But the ASA nevertheless considered that "it was the advertisers' responsibility to ensure that recipients on the list had given their explicit consent to receive such emails."

The ASA considered that The Training Guild "had not got explicit consent to send the email to the complainant."

Ultimately, the ASA was lenient in its punishment, simply advising the organisation to take more care in its targeting of marketing emails in the future. The ASA's Claire Forbes said that failure to comply would likely result in sanctions.

The case will resonate among e-marketers who face a major consent problem when trying to exchange email address lists.

OUT-LAW.COM's Louise Townsend, a specialist in data protection, comments: "If buying email lists, companies can get warranties that the lists are 'clean' and indemnities to support these warranties. But this will not give the company any protection against the ASA, just a come-back against the provider of the list.

"If your business has its own lists, make sure that you know what information was given when the details were collected. You need to check whether you fall within the exemption for similar products. You need to check if someone opted-in."

These are difficult and serious issues for marketers, and the CAP Code must not be overlooked: it is increasingly apparent that it goes further on the issue of consent than the forthcoming regulations implementing the EU Directive.

© OUT-LAW.COM

Mobile application security vulnerability report

More from The Register

next story
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.