I recently presented a webinar on the anti-spam law that was hosted by Andrew Schiestel of TBK Creative.
A number of questions came up on the webinar that we did not have time to answer. Some of those questions are answered below, and are also available on the TBK Creative site.
Attendee: Is this new law in effect? If not, when do you think it will be?
David: The law is not yet in effect. We are still waiting for some regulations to be finalized. It is not known when it will be in effect, but expectations are late 2013.
Attendee: Can you contact people as a result of info they provided on a raffle ballot or a survey?
David: That would not amount to consent unless there was an explicit, clear statement to that effect when the address was provided.
Attendee: Do opt-ins apply for “life”, unless they opt-out at a later date? Or does the two year term apply to opt-ins?
David: Opt-ins have no automatic expiry date. The two year concept applies only to certain implied consents.
Attendee: Are there any exceptions for educational institutions? eg. Universities.
David: The Act focuses on the commercial nature of the message, not the nature of the person or entity sending it.
Attendee: I work for a non-profit that sells training programs and learning products. When someone buys or attends training, is there an implied permission that we can contact them about future related trainings?
David: The Act refers to the nature of the activity rather than the nature of the organization. So if someone buys training, it is considered an “existing business relationship” for the purposes of implied consent, and the 2 year rule applies. If they attend but have not purchased it, it is not considered an “existing business relationship”. If the training is free, it may be that it is not of a “commercial character”, and thus not considered spam. But what is and is not included in “commercial activity” is not clear at this point, and may be broader than one might think.
Attendee: Will the 2 years be retroactive from the law taking effect? Or only moving forward?
David: The various 2 year implied consent rules relate to when the activity triggering the start of the 2 year rule happens. So for that purpose the date the Act comes into force is not relevant, and such activities occurring before the Act comes into force would apply.
Attendee: What about member associations and member lists. As a member association, is the association responsible for communication from one member to another, or is the sender accountable?
David: The person responsible is the person sending the message (or the person on whose behalf the message is sent). So if members email each other, the association is not responsible under the Act.
Attendee: Is “liking” or “following” someone on Facebook and Twitter a form of consent?
David: The Act’s application to social media is not totally clear. Any messages that are received by whomever is following you ought not to be caught by the Act. But a direct message sent from one user to another does seem to fall into the definitions. Since consent has to be for an explicit purpose, it is unlikely that “liking” or “following” someone would suffice as consent.
Attendee: Just got a monthly report email from my MP. Would this fall into the definition of a spam email?
David: It would probably not be considered to be commercial activity, and thus not considered spam.
Attendee: How are RSS feeds handled under this Act? Most require a sign-up to receive them.
David: RSS feeds are not caught. An RSS feed is just a way to follow what someone publishes. The “sender” has no control over who receives it, and it would not be a message “…sent to an electronic address…”
Attendee: You say to get compliant consents now. Given the uncertainty of how the law will be implemented, would it not be appropriate to wait until the regulations are published and then get the consents during the ‘grace period’ before the regulations are enforced?
David: Yes. In the meantime, you can sort out the nature of your messages, how you got the email addresses in the first place, and how you will record consents.