Electronic communications are a key communication method for most organisations. It's important to know whether the Spam Act 2003 (Cth) (Act) applies to each communication and, if it does, make sure the communication doesn't amount to a breach of that Act. Otherwise, your organisation might face significant fines and other consequences. This article explains what kinds of communications are regulated by the Act and what your organisation needs to do to not be a spammer.
The Spam Act 2003 (Cth)
Certain electronic messages are regulated by the Act. Before sending an electronic message, your organisation should determine whether the Act applies by answering the following questions:
- Is the message a "commercial electronic message" as that term is defined by the Act?
The definition is broad and includes any electronic message sent by email, SMS, MMS, or instant message that:
- offers, promotes, or advertises goods, services, land or business or investment opportunities;
- advertises or promotes a supplier of goods, services, land or business or investment opportunities; or
- assists a person to dishonestly obtain property, commercial advantage, or other gain from another person.
Most messages about goods, services, property, business, and investments fall within this definition, but there are exceptions. For example, a message which only confirms a genuine purchase may fall outside the definition.
2. Does the message have an "Australian link" as that term is defined by the Act?
To have an "Australian link", messages must:
- originate in Australia;
- the person sending or authorising the sending of the messages must be physically in Australia or have its central management or control in Australia; or
- the messages must be accessible in Australia.
If your organisation is located in Australia, authorises an Australian entity to send the messages, or sends the messages to people located in Australia, it has an "Australian link".
If the answer to both questions is "yes", the message is regulated by the Act.
Complying with the Act
If the message is regulated by the Act, your organisation must at minimum do the following:
- Do not send the message without the recipient's express or inferred consent unless the message is a "designated commercial electronic message" as defined by the Act. If you are unsure whether consent is required, you should seek legal advice before sending the message. Your organisation should also take care when buying customer lists, and make sure valid consents have been obtained before sending any messages to the list.
- Tell the recipient who sent the message. At minimum your organisation should disclose its legal name, ABN, and contact information, and that information must be reasonably likely to be accurate for at least 30 days after the date the message is sent.
- Include a clear and fully functional unsubscribe option in the message. For example, a prominent unsubscribe link in an email or option to 'opt-out' by reply email or SMS.
- Make sure the unsubscribe option is functional for at least 30 days after the date the message is sent.
- Action any unsubscribe requests within 5 business days.
Consequences of non-compliance
If your organisation breaches the Act, the consequences may eclipse any actual or perceived benefit from the non-compliant message. The Australian Communications and Media Authority has broad regulatory powers and might respond by:
- imposing financial penalties - including infringement notices, compensation, and recovery of financial benefits;
- issuing formal warnings;
- issuing enforceable undertakings;
- seeking injunctions; and
- prosecuting your organisation in the Federal Court (which will be costly to defend).
Resources allocated to ensuring compliance with the Act are a wise investment.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.