Business
DTI launches consultation on new e-communications rules
This update provides a summary of the key impacts upon affected businesses including any business using websites, email, fax, telesales or SMS/MMS to solicit customers, and businesses in the ISP, mobile network and subscriber directories sectors
The Department of Trade and Industry on 27 March published its consultation paper and draft Regulations concerning the EU's Directive 2002/58/EC on Privacy and Electronic Communications (the "Directive") under the press release "Red Light for Spam".
The Directive will replace the existing Telecommunications (Data Protection and Privacy) Regulations 1999 and is planned to be implemented by 31 October 2003. Businesses have until 19 June 2003 to submit their views to the DTI.
Please view our analysis below,
What do the new rules mean for e-mail and SMS/MMS marketing campaigns?
The Regulations introduce new controls on unsolicited email and SMS/MMS marketing which will mean that, except in limited circumstances (where businesses have a pre-existing relationship with recipients) marketing communications may only be sent with the prior consent of the individual concerned.
The practice of disguising or concealing the identity of the sender of unsolicited communications, or failing to provide an address to request that such communications cease, will also be prohibited.
Key Points
A key problem remains unresolved regarding the prevention of non-EU originated spam, and certain loopholes present themselves in the drafting of the Regulations as regards matters of jurisdiction and, in particular, which party should and can be held to account in relation to spamming.
Businesses using electronic marketing methods will wish to:
- consider pushing for as broad a definition in the Regulations as possible of the concepts of "customer relationship" and "similar products" to provide flexibility for future cross-selling campaigns;
- consider carefully the consultation's proposals for sanctions (see below) to ensure a sensible balance between tough deterrents against persistent offenders and protecting the legitimate interests of reputable marketers;
- use the time before planned implementation of the Regulations (31 October 2003) as effectively as possible:
- to review and redraft privacy policies and online collection notices;
- to audit existing customer databases with a view to purging certain customer data or limiting its future use; and
- to plan ahead to ensure compliance of future product and marketing strategies;
- resist the body of opinion (supported by Oftel) that supports stronger statutory rights for individual subscribers.
- A more radical solution to grant corporate subscribers the same rights as individuals (including prohibiting fax, email and SMS/MMS marketing without prior consent). If implemented in its entirety such a regime would have the effect of barring businesses from making unsolicited contact with individuals at other businesses by telephone, and prior consent would be needed to contact them by fax, email or SMS/MMS. A restriction on business-to-business marketing in this way would have a substantial impact on the cost for any business (irrespective of sector) which currently uses such marketing methods.
- To leave the rights of corporate subscribers as they currently are.
- lobbying to enable a continuing right to cold-call companies without specific consent;
- the potential for loss of a significant resource and means of generating business;
- the co-ordination (or lack of it) in the approach of other Member States to the issue of spam sent to employees, and the particular impact this could have on multinational companies;
- the internal impact in terms of reduced efficiency of employees receiving increasing volumes of unsolicited marketing materials at work.
- whether the Regulations should apply to all cookies or only those which involve the processing of personal data; and
- whether a user should have the right to override a subscriber's consent to a cookie.
- review their procedures for obtaining users' and subscribers' consent to the use of mobile data and their policies on erasure/anonymising such data;
- review the terms on which they share such information with others in the value chain; and
- consider responding to the DTI regarding the practical means by which consent can be obtained via a mobile phone.
- calling line identification ("CLI") services;
- itemised billing;
- call tracing and forwarding;
- erasing and anonymising of communications data once it is no longer required for network management or billing purposes; and
- network security.
- confirmation that the Regulations will include an express right to injunctive relief against spammers, as a more effective deterrent; and
- an express right for corporate as well as natural persons to pursue such relief as well as the existing remedy of financial compensation.
For a weekly round-up of the enterprise IT news, sign up for the
Enterpise newsletter. Find out what's where in the new Tech Update with our
Guided Tour. Tell us what you think in the
Enterprise Mailroom.
Enterpise newsletter. Find out what's where in the new Tech Update with our
Guided Tour. Tell us what you think in the
Enterprise Mailroom.