Anti-spam law restricts the sending of unsolicited emails (spam) to individuals. The restrictions on spamming individual subscribers apply not just to consumers, but also sole traders and partnerships because they are still individuals, despite the fact they run a business (even if your email is within their business capacity).

It is still possible for unsolicited emails to be sent to corporate subscribers or a business if the emails are relevant to their work. However, in practice, the distinction between individual and corporate subscribers is not straightforward to apply. In many cases, it will not be clear to a marketing dept/company whether an SMS or email address belongs to an individual or corporate subscriber, or whether individual contact details have been obtained as a result of negotiating the sale of ‘similar goods and services’.

Some businesses might sub-contract their e-marketing campaigns out to other companies, but the Information Commissioner will proceed against the business first if the rules of anti-spam law are breached, as they will be the ‘instigator’ of the email marketing communication.

What are the implications of GDPR on anti-spam law?

The anti-spam law is changing and will be further enhanced under a new set of rules called the General Data Protection Regulation (GDPR) which will be introduced in May 2018. These new rules will affect all UK businesses and email marketers who send emails to people within Europe. Businesses need to take steps to ensure compliance and adjustments to these new regulations to avoid hefty fines.

Under the new GDPR rules, potential fines can be in excess of 20 million euros, or 4% of the business’s gross annual international income. So, it is vitally important to comply to these new regulations in view of the penalties put in place.

Protecting young people’s in-boxes

GDPR will also take a stronger stance on protecting young persons’ emails, and how marketers approach them. Once GDPR is enforced in May 2018, businesses will need parental consent to send email messages to consumers who are 13 years or younger. More transparency will be needed about the data that they are collecting from their email recipients.

What you need to do to get your business ready for GDPR email marketing laws

These new and stricter rules specify that you must:

• Make sure you get clear and informed consent from the customer before sending emailsYou will need prior consent when sending unsolicited marketing emails, texts and faxes to individual subscribers, unless (in the case of emails and texts) they are an existing customer of similar goods and services.

• Not use a business / person’s email address without their consentBusinesses are no longer permitted to use harvested email lists bought through marketing agencies.

• Not use pre-checked boxes on forms to get consentSpecific consent given by the individual must involve some ‘positive action’. For example, if there is the option to tick an opt-in box or enter an email address in a field, they are opting-in.  These would be positive acts for this purpose, rather than a default pre-ticked box on your website or an email address taken from a business card received whilst networking.

• Provide the option for subscribers to ‘unsubscribe’ from receiving further messages

How a business stores its data

GDPR takes privacy and data storage into account, forcing marketers to ensure they have the proper permissions to send emails to potential consumers. Many businesses are already targeting members on their mailing list to ‘re-opt-in’ (asking for consent) in order for them to stay in touch. As you collect new subscribers going forward, another criteria is to make sure new subscribers specify their geographic location.

This article was provided by Max Tebbitts, Commercial Solicitor at Tebbitts & Co

DISCLAIMER: This article should not be regarded as constituting legal advice in relation to particular circumstances. This article is merely a general comment on the relevant topic. If specific advice is required in connection with any of the matters covered in this article, please speak to Tebbitts & Co directly.