It is not often that one can accuse lawmakers of coming up with a bit of legislation that seems to attack a perceived problem without causing too much collateral damage but every now and again comes a law that confounds.
Mind you, the title is not too reassuring: The Privacy and Electronic Communications Regulations, 2003, which is normally, and understandably, shortened to The PECR. Paragraphs 22 and 23 are the ones which those involved in direct marketing need to get a grip on.
Section 22(1) uses the phrase ‘individual subscribers’ which is notable not so much for what it includes as what it might not. It means customers, tending to indicate that business-to-business (B2B) marketing is not included. However, it is suggested that it is not quite the free-for-all that it might appear on first reading. Sole traders and limited liability partnerships are included in customers so distinguishing between what is and is not a customer will be extremely difficult. Some might consider it best to take a more all encompassing interpretation of the definition of customers.
The intent of the law is to reduce the all-pervading irritation of spam, it being directed specifically at ‘unsolicited communications’ which includes SMS texts as well as emails. To fall outside the definition the recipient must have opted in to email marketing or, as 22(2) says it: ‘previously notified the sender that he consents’. This is generally known as the hard opt-in.
There is the requirement to include a route for the person to unsubscribe, the opt-out procedure, in all communications. There is a qualification that the method must be a ‘simple means of refusing’. This has been generously interpreted by some household names in the on-line community to include a rather protracted, albeit simple, procedure. In one instance whilst it is limited to two clicks, the actual button is entitled Confirm changes, suggesting that there are alternatives to a straight opt-out, such as remaining on the newsletter list.
But in a change from restrictions, Section 22(3) comes up with what is generally known as the ‘soft opt-in’ by excluding existing customers when marketing similar products and services by bulk email. No definition is given for ‘similar’ and one wonders if a loan for a small business would prohibit an email on product liability insurance. Time will, of course, tell. There is one condition though. At the time of the initial contact the customer must have been given a ‘simple means of refusing’ these further contacts and ‘at the time of each subsequent communication’.
Section 23 of The PECR then drops back into directive mode and requires that a full contact address must be provided to allow the recipient to contact the sender. So there must be a name, address and/or phone number on each bulk email. It also states that the originator’s identity must not be disguised nor concealed.
Interestingly though, the headings for both Section 22 and 23 restricts the application to ‘Use of electronic mail for direct marketing purposes’. One must assume that this wording is not an oversight and that the legislators did not intend it to be applied to other email contacts, such as invoices, statements etc. Care should be exercised and it would not do to give cause for an additional, and very restrictive additional section to be added at a later date.
The PECR strikes a very fair balance between the needs of the responsible business and that of the public’s right to control over their inbox.