Email Marketing Compliance Outside of the U.S.
Listrak Chief Privacy Officer James Koons followed up his Multichannel Merchant article on CAN-SPAM with another focusing on email outside of the country:
I recently wrote on article on the importance and key features of the US CAN-SPAM act. Crossing international boundaries with email is easy, however, other nations have different – and often stricter – laws.
Canadian Anti-SPAM Legislation (CASL)
Last July, Canada began enforcing CASL, which establishes rules for sending commercial electronic messages (CEMs) and prohibits the unauthorized alteration of data during transmission.
Most importantly, the legislation requires that consent be obtained before sending a commercial email.
CASL applies to every CEM sent from or accessed by a computer located in Canada, so compliance could be problematic for senders who don’t have an opt-in audit trail.
CASL and the CAN-SPAM Act differ in several key areas:
- CAN-SPAM is “opt-out”; CASL is “opt-in”
- Implied consent under CASL expires in two years; CAN-SPAM has no consent expirations
- When obtaining consent under CASL, the specific purpose must be provided upfront
- To be CASL-compliant, in addition to a working unsubscribe mechanism, messages must include a statement that the recipient can withdraw consent at any time
- An unsubscribe link under the CAN-SPAM Act must function for 30 days after the sending of the message and for 60 days under CASL
- Under CASL, transactional messages must also include a working unsubscribe mechanism
And these are just a few things to be aware of. CASL has been called the “world’s toughest anti-SPAM law” both for its scope and associated penalties, so if doing business in Canada, make sure you develop a compliance strategy.
Anti-SPAM laws in Europe fall under one European Union directive, which in theory, would make email marketers in all EU countries subject to the same expectations. In practice, however, the 2002 EU Directive set guidelines, but each member state has had to enact its own unique laws for electronic communications.
Taking an opt-in stance on commercial email communications, the Directive stipulates that prior explicit consent is required before sending a commercial electronic message (including email, SMS, voice, fax and other electronic forms of messaging) and that an opt-out option must be clear and conspicuous.
While not an all-inclusive list, here are some other key notable items for sending commercial email campaigns to global recipients:
- Opt-in is required for remarketing (shopping cart abandonment) messages sent to the EU. Again, the Directive is implemented by each member state independently, so you’ll want to check individual country laws for details.
- The “Send-To-A-Friend” function is not legal in Germany.
- In Russia, there are federal laws pertaining to advertising and to personal data, both to protect Internet users from SPAM. Both clearly indicate that sending bulk mail is only allowed with the recipient’s consent, adhering to the opt-in principle.
- Private rights of action are available in a number of jurisdictions, including the UK, South Korea, Singapore, Mexico, Germany and France. Starting in 2017, in Canada CASL will permit any private party to bring an action not only for compensation for losses suffered and expenses incurred, but also for statutory penalties of up to $1 million per day.
- When sending to recipients in China, either the word “AD” for English language emails or the Chinese word for “advertisement” is required in the subject line.
- Australia’s 2003 Spam Act not only applies to email, but also to SMS and MMS messages of a commercial nature. There are three basic steps to follow to ensure compliancy with the act – Consent, Identification and Unsubscribe.
Compliance with email marketing laws ensures that your emails are welcome and legal, but also provides a host of other benefits, including higher open and other engagement rates. If you make unsubscribing easy, the recipients that remain are those who really enjoy reading your emails and engaging with your brand and who have a positive sentiment towards your brand, which ultimately leads to more sales and referrals.
James Koons is Chief Privacy Officer of Listrak