Announcements | White Papers | Blog

The tangled web of e-mail

OTOi, Executive Team | One To One Interactive
August 29, 2002

E-mail is becoming one the most used forms of communication for both consumer and business direct marketers. However, a recent survey showed that 80% of e-mail messages received today are Unsolicited Commercial E-Mail ("UCE," a.k.a. Spam). As with any large movement involving commerce and large amounts of money, regulatory and legislative bodies have taken note of e-mail and have begun to create an increasingly complicated landscape of laws and regulations that marketers will continue to grapple with until a uniform standard is applied through Federal pre-emption.

This article is intended to provide you, the current or prospective user of e-mail, with a snapshot of the relevant regulatory and legal landscape today, as well as links to relevant resources for more information. This article is not intended to provide legal advice, so should you find yourself on either side of a dispute in need of representation, please seek legal counsel. (Sorry, I have to say that since I am a member of the Bar of Massachusetts...). Further, this article is focused on the United States. The European Union is an organization with e-mail policy that is about as confused as our own. Another future article will look at International e-mail.

OK — so what is the legal landscape today? Presently there are no federal laws that govern e-mail communications. This is not to say that the federal government isn't involved. The Federal Trade Commission ("FTC", http://www.ftc.gov) has been active in regulating e-mail using its broad powers under its authority concerning deceptive and unfair trade practices. It is mostly targeted at particularly offensive UCE including chain letters, ponzi schemes and pornography. While the commission has broad authority, its authority under deceptive trade practices reaches mostly to cases concerning consumers and less to business to business cases. While there have been several bills introduced, Congress is not moving swiftly to pre-empt current state legislation. And this is the number one headache that e-mail marketers must deal with today.

There are 18 states that have enacted laws concerning the use of e-mail. These laws primarily deal with:

  1. When it is permissible to send e-mail to someone
  2. How that e-mail may be sent, and
  3. What information the e-mail must contain.
We'll look at these issues in a moment. The very fact that all states have different legal requirements makes the job of the national or international marketer very challenging. It now becomes necessary to "localize" your e-mail. One of the great promises of e-mail was that it was very easy to communicate with large numbers of individuals, regardless of geography. This is no longer the case. And while it may now be somewhat harder to jump through the necessary legal hoops to communicate with individuals depending on the laws in their local jurisdiction, e-mail remains the most effective form of direct response communication.

What I have observed throughout large companies, however, is a reaction, particularly among legal staff, similar to "throwing the baby out with the bath water". I have observed attorneys in some large organizations adopt rules/policies that require e-mail marketers to adhere to the lowest common denominator (meaning that marketers must adhere to the laws of the most restrictive or constraining jurisdiction). While this may be the "safest" route for staff attorneys to take, it makes e-mail marketing more difficult and less responsive. With only some additional effort, policies and tools can be developed to enable e-mail marketers to localize e-mail and comply with the different legal requirements.

Let's discuss the three issues above.

1. When is it permissible to send e-mail to someone?

Most states say that it is acceptable to e-mail individuals with whom an e-mail sender has a "prior business relationship".

California represents a different (and so far unique) take on the subject. California requires that there be an existing business relationship AND express consent for the message in question by the recipient (see California Business and Professions Code section 17538.4(e) at http://www.spamlaws.com/state/ca1.html). Some recent cases are beginning to explore what "express consent" means, but using plain language it would appear that a sender should at least have express consent for the type of communication being sent (e.g. don't send an offer for an upgrade if the customer hasn't signed up to receive offers and promotions).

For example, I subscribe to IBM's iSource e-mail profile (a good example of how to build e-mail profiles). The profile allows me to select all types of categories and topics of e-mail, as well as frequency. I know that when I receive e-mail from IBM it is because I have specifically asked for it. Because California is such a large and important state in the stream of commerce, it is important to consider this requirement before sending e-mail to Californians.

So what exactly does it mean to have a "prior business relationship?" A good example of how to think about this comes from Colorado, where state legislation defines a prior business relationship to exist when a) the recipient has indicated willingness to receive commercial e-mail, b) the recipient has purchased goods from the sender and the e-mail is sent during the greater of the warranty period or within 13 months of the date of purchase, or c) the recipient has an ongoing contractual relationship with the sender and the sent e-mail directly concerns that contract (see Colorado Revised Statutes 6-2.5-102(1) at http://www.spamlaws.com/state/co.html).

2. How should the e-mail be sent?

Almost uniformly, the requirements are that an e-mail should come from the sender and appear to come from the sender both in the from line of the e-mail and the message routing information. The most odious offenders of this are the heretofore mentioned consumer targeting e-mail marketers who very surreptitiously hide behind other people's servers so that they can not get caught and be targeted for either retaliation or for investigation. Since the people reading this e-mail are not the type likely to run afoul of this requirement, we'll leave it at that.

3. What must the e-mail contain?

This question addresses the subject line and the inclusion of opt-out instructions/capability and content links.

Opt-out:

With near uniformity, states require that there be clear opt-out instructions in any and every e-mail sent. At a minimum, the opt-out instructions need to be clear and must be honored. In some states the opt-out may be handled by a sender operated return e-mail address or toll free number. In California, opt-out instructions must be the first text in the e-mail message and must be the same size type as the rest of the e-mail. Some states also require links to privacy policies and may require the inclusion of offline contact information or the sender's e-mail address.

Subject line:

When sending an e-mail to a recipient in a locale where there are permission requirements, there are usually rules about what elements and identifying information must be contained in the e-mail's subject line. In the case where you are permissibly sending UCE but you don't have a prior business relationship or you don't have explicit consent, some states require that you include "ADV:" in the subject line. If you are selling products that can only be purchased by someone over the age of 18 then some states require "ADV:ADLT" (or a similar identifier). One might assume that the ADV:ADLT is only for sexually explicit materials. This is not necessarily true. In some states (California, for example) where the sale of real property (land) might only be permitted to those over the age of 18, an e-mail pertaining to the sale of land, such as a real estate listing, would require that the subject line contain ADV:ADLT. This is problematic because most people getting an e-mail with that identifier in the subject line would likely assume it was sexually explicit in nature, and many would delete the e-mail without opening it.

In other states such as Pennsylvania, the identifier ADLT is only required on sexually explicit messages and not just anything that is targeted at adults. States requiring some form of this identifier are: California, Colorado, Kansas, Kentucky (for attorneys), Louisiana (for attorneys), Minnesota, Oregon (for attorneys), Pennsylvania, South Dakota, Tennessee, Utah, and Wisconsin (see http://www.spamlaws.com/state/summary.html)

Some of the states also prohibit the use of what would be considered "misleading" information in the e-mail. It has not been made clear what would be considered misleading, and it will take case law to determine the parameters around this in the future. E-mail marketers should use good judgment and avoid using subject lines that could be considered misleading.

At some point, I suspect that federal law will pre-empt much of the debate going on. Until that happens, it will be important for national marketers to develop tools to localize e-mail such that it conforms to local laws. By doing this, marketers can minimize liability and maximize response. Because e-mail service providers and other tools exist to enable the creation and transmission of e-mail to occur according to pre-determined business rules, it is possible to automate much of this process or out-source it. Because e-mail is such a powerful means of communication, it is worth the effort.

Useful links to sources of e-mail related information:
http://law.spamcon.org/
http://www.spamlaws.com/
http://www.cauce.org/legislation/index.shtml

back back to White Papers
Copyright © 2008 One to One Interactive, Inc. All Rights Reserved. Privacy Policy | Terms and Conditions