Can-Spam Highlights New Laws for 2004
As direct marketers look to the new year, they face an increasingly regulated marketplace in which consumers and lawmakers remain focused on privacy. The most critical of these measures is the federal anti-spam law.
In addition, two important provisions relating to telemarketing take effect early in the year.
Federal spam law. Congress finally passed the California Anti-Spam Disaster Relief Act — formally known as the CAN-SPAM Act of 2003. This sweeping federal law is slated to take effect Jan. 1, the same day as the California law that threatened to essentially bar unsolicited commercial e-mail nationwide with its opt-in requirement.
The federal law is complex and re-quires careful re-view. Most critically, unlike the Federal Trade Commission's no-call list, this anti-spam law pre-empts the hodgepodge of three dozen state spam laws.
Perhaps this is because the states have not found a way to make "do-not-e-mail" lists a source of revenue the way they have with telemarketing lists and, therefore, have not sought to eliminate the pre-emption provision. Or maybe Congress finally realized that national marketing begs for uniformity.
Marketers must be elated that the federal law pre-empts state spam laws except to the extent such laws prohibit false or deceptive representations in any electronic mail message or attachment. Therefore, uniformity will exist with respect to non-content-based restrictions (like message headings, opt-in/opt-out), and state laws that regulate commercial e-mail solicitations will be pre-empted unless the laws are content-based.
What is spam? Just because state laws are pre-empted does not mean that marketers are out of the fire. In creating a national standard, the federal law has important restrictions coupled with powerful enforcement mechanisms.
The definition is much broader than many state laws as it does not exclude solicitations where an established business relationship exists. Also, unlike the telemarketing laws, the law covers nonprofits to the extent that they are involved in a commercial activity.
Affirmative disclosures and opt out. With a narrow exemption for express consent from recipients, the federal law will require marketers to include a clear notice that the e-mail is an ad, though the law does not specify any particular format (such as the popular state requirement "ADV:"). The sender also must include a valid postal address. Pornographic e-mails must contain additional identifying information and are restricted from including content that appears when the e-mail is initially viewed.
Like most federal privacy-type laws, the law is premised on providing the recipient with notice of the mailer's opt-out procedures. These procedures should be contained in the mail message, such as providing a link to an opt-out Web page. Opt-out requests must be honored within 10 days.
Further reporting by the FTC and FCC. The current version of the law requires the FTC to report to Congress a plan for establishing a national do-not-e-mail registry and whether such a registry is practicable. The law does not require the FTC to establish such a registry, only to investigate. It also requires the Federal Communications Commission to promulgate regulations to protect consumers from receiving unsolicited commercial e-mails to commercial wireless services. Expect to hear much more as to these provisions.
Enforcement. The law grants the FTC and state regulators enforcement authority. Though it gives no private enforcement right to consumers, ISPs also may sue for injunctive relief and damages. Multimillion-dollar penalty assessments are authorized, but can be reduced if the marketer has established procedures in place to ensure compliance.
Criminal enforcement also is authorized. Such enforcement will be premised on false message headers, engaging in hacking, falsifying registration information and other abusive tactics.
Given the overwhelming support for this type of legislation by consumers and industry alike, this new law makes it clear that marketers will be able to use unsolicited commercial e-mail in the future, as long as they act responsibly and incorporate the statute's mandatory procedures and disclosures.
Telemarketing updates. Effective Jan. 1, telemarketers of "free to pay" conversions (i.e., trial offers that result in automatic billing unless the consumer affirmatively cancels) to Illinois consumers must also send the consumer an invoice that the consumer can use to indicate his agreement to pay the post-trial fee or to choose to no longer receive the free goods or services by contacting an included address. This law applies only to Illinois consumers, but is likely a sign of things to come for free-to-pay conversions, the apparent bane of regulators.
Also, the remaining provision of the FTC's Telemarketing Sales Rule - caller-ID compliance — is to take effect Jan. 29. This requires telemarketers to transmit their or their service bureau's phone number, as well as their respective name, if technologically feasible.
What else can we expect in 2004? Given the increasing concern over privacy and identity theft, expect refinements in the laws to protect consumer interests. And as technology continues to create new marketing opportunities, new laws designed for these emerging channels undoubtedly will develop.
Andrew B. Lustigman is a partner at Olshan, New York. He can be reached at firstname.lastname@example.org.