Internet Newsletter for Lawyers
Except in the circumstances referred to in paragraph (3), a person shall neither transmit, nor instigate the transmission of, unsolicited communications for the purposes of direct marketing by means of electronic mail unless the recipient of the electronic mail has previously notified the sender that he consents for the time being to such communications being sent by, or at the instigation of, the sender.
(3) A person may send or instigate the sending of electronic mail for the purposes of direct marketing where -
(a) that person has obtained the contact details of the recipient of that electronic mail in the course of the sale or negotiations for the sale of a product or service to that recipient;
(b) the direct marketing is in respect of that person's similar products and services only; and
(c) the recipient has been given a simple means of refusing.... the use of his contact details for the purposes of such direct marketing, at the time that the details were initially collected, and, where he did not initially refuse the use of the details, at the time of each subsequent communication.
The effect of Regulation 22 is that it is unlawful to send an email for direct marketing purposes unless the recipient has consented to receive it. The giving of consent would seem to require a positive action in that the recipient has to have "previously notified the sender" of their consent. The need for a positive action was plainly set out in the Directive which the Regulation implements, referring to obtaining "prior explicit consent".
Sub-section (3) deals with "existing relationship" cases where the recipient is either a customer or potential customer. Initially sub-section (3) appears as a qualification to the general rule that consent is required before a direct marketing email can be sent to them. However, upon closer analysis this is not the case. There are 2 essential requirements to send direct marketing emails lawfully to existing relationship persons:
Firstly, the recipient still needs to have been given "a simple means of refusing" the use of his contact details for the purpose of such direct marketing, at the time the details were initially collected...". If the details are collected via a web site enquiry form, this is dealt with by a simple check box which the user can tick to indicate their consent. However, if the recipient's email address is captured during a telephone conversation it seems that the user will have to be asked if they consent to their email being used for direct marketing purposes. Sales teams handling such enquiries need a way of recording this.
Secondly, even if the user consents to receive email for direct marketing purposes it is not permissible to then send an email to them marketing a dissimilar type of product - so solicitors firms and barristers chambers cannot market non-legal services to their clients or potential clients.
Consent is therefore the key to sending direct marketing emails legitimately. Recipients must have the opportunity to withdraw their consent at any time.
Regulation 23 makes it unlawful to send out direct marketing emails without showing the valid email address of the sender or without providing a valid email address to which the recipient can send a request to unsubscribe from receiving such emails in future.
Although the regulations require consent, there are no restrictions under sub-section (2) on the content of the email - so if you have the recipient's consent to receive marketing emails there are no restrictions on the products you can market or on who is actually selling the products. This means you can send out emails on behalf of third parties, promoting their products. Under sub-section (3) you can only send emails about your own products and services, so this clearly excludes sending emails on behalf of third parties.
The position on a business obtaining a mailing list or selling a mailing list to third parties is not all that clear. Consider a hypothetical example. A recipient has consented to receive emails from Company X. Also, they have ticked a checkbox to indicate they consent to receiving emails from any third parties selected by company X. Company X has, as a result, a mailing list of people who consent to receiving emails from any third parties selected by Company X. Company X is approached by Company Y to market Company Y's products to Company X's mailing list. In this scenario, Company X can clearly send out the email itself to its mailing list promoting Company Y's products. But can Company X hand over the mailing list to Company Y and allow Company Y to actually send out the email? The reference in Sub-section (2) to emails being sent "at the instigation of the sender" seems to imply that this is permissible. However, the consent has to have been notified to the sender, which in the scenario under consideration is Company Y. It is submitted that as consent is the key issue, provided the recipient has informed Company X that they are happy to receive emails from third parties then it is permissible.
* ensure that any marketing emails are sent only to users who have positively consented;
* when capturing enquiries from potential clients via your web site, ensure the enquiry form gives the opportunity for the user to consent to receiving further marketing emails from you by providing a check box which they can tick; this information should automatically be stored in the database used for your mailing list;
* when capturing enquiries via the telephone ensure a way of recording that the user has been asked for their consent and for whether or not this is granted;
* ensure any marketing email you send out enables the recipient to easily unsubscribe at any time;
* ensure any email that is sent out shows the sender's email address (e.g. "firstname.lastname@example.org");
* ensure that a valid email address is provided to which the recipient can send an email requesting that they be taken off your mailing list.
With the new Privacy Regulations in mind, my own company, Nasstar, has developed an online mailing application which a number of barristers chambers are using to market their services by email. The mailing application is easily managed via an online management system. With an infrastructure that can handle over 4 millions messages a day, Nasstar's mailing application ensures that each email sent has an unsubscribe link at the bottom enabling the user to unsubscribe easily.
The application also enables an authorised user on behalf of the sender to manually unsubscribe a particular recipient if they choose to telephone or email the sender requesting that they be removed (rather than following the unsubscribe link). The mailing application also ensures that the email address of the sender is shown.
In my opinion, the new law is unlikely to have any major impact in the battle against spam. Over 90% of junk email comes from the USA, and so the UK must wait to see what legal measures they take to tackle spam. At present the federal government is considering an opt-out law i.e. all spam is legal unless you have expressly opted out from receiving it. To combat spam, it seems that governmental co-operation on an international level may be required to create and police a standardized legal framework across the globe. Without such a legal framework it is technology rather than law that is providing effective solutions in the war against spam.
Charles Black is the founder and Managing Director of
Nasstar a business ISP which provides web sites, content
management systems, hosting, email solutions, broadband and networks to a
large number of businesses including chambers and solicitor firms. Charles is
also a qualified barrister having been called to the Bar in 1996 and having
undertaken pupillage in 1997.
Back to Contents.