unsubscribe laws

ACMA clarifies e-marketing unsubscribe laws, warns it is actively monitoring non-compliance

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp

The ACMA has further clarified the law setting out how businesses must action unsubscribe or opt-out messages on their commercial email and SMS marketing, warning that if breaches are found penalties of up to $222,000 per day may be enforced.

The Australian Communications and Media Authority (ACMA) has clarified its unsubscribe laws, stating that businesses must not require consumers to do either of the following:

  • provide personal information (other than the electronic address to which a marketing message was sent)
  • create or log-in to an account.

The rules are set out in the updated Spam Regulations 2021 that commenced on 1 April 2021 after being reviewed by the Department of Infrastructure, Transport, Regional Development and Communications.

The ACMA said it is actively monitoring for indications of non-compliance. 

If breaches of the spam laws are found, those responsible for sending or authorising the messages may face penalties of up to $222,000 per day and/or action in the Federal Court of Australia.

ACMA said businesses must generally:

  • provide a clear and working unsubscribe message in each marketing email or SMS
  • action unsubscribe requests within five business days of receiving them for consumers.

Examples of clear unsubscribe messages 

Under the Spam Act 2003, every commercial message must contain an ‘unsubscribe’ option that:

  • presents unsubscribe instructions clearly
  • honours a request to unsubscribe within five working days
  • does not require the payment of a fee
  • does not cost more than the usual amount for using the address (such as a standard text charge)
  • is functional for at least 30 days after you sent the message
  • doesn’t force people to give extra personal information or make them create or log into an account to unsubscribe from marketing messages. 

ACMA details the following unsubscribe examples that are clearly worded:

Email:

To stop receiving messages from us, simply reply to this email with ‘unsubscribe’ in the subject line.

If you no longer wish to receive these messages, please click the ‘unsubscribe’ button below.

SMS:

Reply STOP

Unsub: (1800-number)

Understanding express and inferred permission 

The Spam Act prevents businesses from using or supplying a list that has been created with “address-harvesting software”. 

The contact must provide their permission to be added to your marketing list. On its website, AMCA says that this can be:

  • Express permission: a contact knows and accepts that they will receive marketing emails or messages from you, e.g. by filling a form, ticking a box, over the phone, face to face. Note: you cannot send an electronic message to ask for permission because it is classified as a marketing message. 
  • Inferred permission: a contact has knowingly and directly given their email address or phone number; the contact has a provable, ongoing relationship with your business, and the marketing is directly related to that relationship, e.g. if a contact has subscribed to a publication and the marketing is relevant to that service. 

The Spam Act prevents businesses from using or supplying a list that has been created with “address-harvesting software”. 

The Spam Regulations and the Spam Act protect people from unwanted intrusions on their privacy and ensure that they can easily unsubscribe from marketing messages. 

Australians have a right not to be sent commercial messages unless the business has their consent. They also have a right to unsubscribe from e-marketing at any time.

Under the Spam Act, some limited exceptions may apply to the obligations to provide a functional unsubscribe facility, including where it may be inconsistent with the terms of a contract or agreement between a business and an e-marketing recipient.

Last year, ACMA issued $1.5 million in penalties to businesses that failed to comply with the Spam Act, warning businesses not to ‘set and forget’ their compliance systems or outsource their risk to third parties.

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp

Leave a Reply

Your email address will not be published. Required fields are marked *

YOU MAY ALSO LIKE