Email Marketing Law: The Basics
We understand that law can be confusing, especially when you’re trying to compare law from one country to another. To combat that problem, we aim to solve any issues you may have surrounding email marketing law.
What law applies?
Here in the UK, email marketing law derives from one source: European Commission Directive 2002/58/EC. This European law is then implemented in the UK under the Privacy and Electronics Communications Regulations 2003. It’s a mouthful, but it’s known as PECR.
Why is the law in place?
The law is in place to stop the spreading of spam or fraudulent messages. There are three things to remember about the law before you send:
1. The law allows you to do more than you think.
2. It’s there to protect yourself, and your customers.
3. It’s black and white, and doesn’t constantly change.
The EU law is applied differently in each country, so we’ll be focusing on UK law.
- The commercial nature of your message must be clear to the recipient.
- You must not lie about the sender, or the content of the message.
- You must include a valid unsubscribe link.
- Recipients must have opted in – This is a sticking point, see below.
In reference to the last point, you can send commercial emails to businesses who have not opted in, but only if they are a Limited company.
Secondly, if an email address has been given for the purposes of a sale, you can send emails related to that product. Note: The sale does not have to be completed for you to use the email address.
Why should I follow the law?
The UK is currently the only European country not to have experienced a significant case of DPA (Data Protection Act) non-compliance, but as marketing techniques become more popular they are likely to increase.
Here are 8 reasons you should comply:
- £50,000 fine under the ‘persistent abuse of telecoms system’ under the Communications Act 2003.
- 10 years maximum imprisonment or £5000 fine under the Computer Misuse Act 1990.
- £5000 (per record) fine under the Data Protection Act.
- Unlimited damages awarded in civil courts.
- 6 figure fines in other EU states – Remember: it’s the law of the country that receives the email which applies, and not the country it was sent from.
- Complaint upheld by the Advertising Standards Agency
- Avoid negative PR
- Keep customers, clients and prospects happy.
Forward to a Friend and viral emails
You must only forward emails, if you know the recipient will be happy to receive correspondence. If you offer an incentive for people to forward your mail, and then the recipients are unhappy about receiving it, then it will be YOU who is responsible. And NOT the person who forwarded the mail.
Due to Data Protection laws, we will not give you the names of those who have received the ‘forwarded’ mail.
Main things to avoid doing
- Do not use competitions etc. as a way to gather email addresses, unless you specify that the email can be used for sales and marketing purposes, and the user gives their permission.
- Do not use email addresses if you cannot prove that they have opted-in. Note: If you have bought data, it is YOUR responsibility to check the source.
Bought data or cold lists
Here in the UK, bought or cold lists can be used as part of your email marketing. This is a grey area of the law.
As mentioned, your recipient must have opted-in to receive commercial messages; however, at one point or another, they DID opt to receive commercial messages. Your data house (who you buy the data from) will know where the data originally came from. It’s important to check the source. Only use a data house that is DMA approved.
Cold lists cannot be used in the US
US law is different to the UK. Cold data cannot be imported into a US system.
Main differences in US law
In the US, the CAN-SPAM Act covers email marketing. This law states that commercial emails can be sent to recipients.
Emails can be sent within America, even without permission, until the recipient opts out. However, this does not apply to purchased lists, as the recipients may not have given valid permission.
Remember: you must include an unsubscribe link, and remove the email address within 10 days.
Purchased lists are not allowed in US systems.
Law in practice
Let’s look at some examples (as we know law is not easy to digest!):
Mary owns a shoe shop in the UK, and she wants to use email marketing to promote her shop. However, she doesn’t have many email addresses. She doesn’t have an ecommerce store on her site, so collects email addresses manually at the till when she makes a sale. She wants to send to a lot more people, and needs to gather email addresses quickly.
Mary decides she will buy some data. She finds a DMA approved data house, finds her list, researches the source of the data, gives it a clean, and imports it into her Email Service Provider (ESP or email marketing provider). She can then send her emails to her bought list, and to those email addresses she has collected. Mary is in the UK, so she sends emails to UK residents, and stores her data with a UK based ESP. Mary isn’t breaking the law.
Simon has an insurance company, and he sells emails for a variety of reasons: to promote his business, for lead generation and to send newsletters to existing customers. But as he spends a lot of time and effort making his campaigns, he hates it when someone unsubscribes. So he leaves the email address in the address book. Watch out Simon! You’re breaking the law.
First, Simon MUST include an unsubscribe link in EVERY email he sends. Second, if someone wants to unsubscribe, Simon must remove them. Check with your ESP, as some systems will do it automatically, but if not, unfortunately those contacts will need to be removed. If Simon does not remove the email address, the recipient may report his to the ISP, meaning his deliverability rate and reputation could be affected, halting future campaigns. If the recipient reports Simon to the Information Commissioner’s Office, he may be liable to pay fines up to £500,000.
NB, this information is intended to provide guidance only, and does not constitute professional advice.