Australian Spam Laws – Woolworths case study
Large fines apply to organisations who send electronic messages including email and SMS which do not comply with Australian Spam Laws.
An often-forgotten piece of legislation, the Spam Act 2003 (Cth), recently reminded us that Australian Spam Laws do exist when Woolworths was issued a million dollar infringement notice by the Australian Communication and Media Authority (ACMA).
Woolworths was found to have significantly breached Australian Spam Laws with ACMA having uncovered more than five million breaches of the Spam Act 2003 (Cth) (the Act) between October 2018 and July 2019. It was found that Woolworths had repeatedly sent marketing emails to consumers after they had unsubscribed from previous messages.
ACMA’s investigations found that Woolworth’s systems, processes, and practices were inadequate in complying with Australian Spam Laws. Woolworths is now subject to a court-enforceable undertaking whereby they have committed to appointing an independent consultant to review their processes and to report to ACMA.
ACMA Chair Nerida O’Loughlin stated, “The spam rules have been in place for seventeen years and Woolworths is a large and sophisticated organisation. The scale and prolonged nature of the non-compliance is inexcusable.”
The Minister for Communications, Cyber Security and the Arts, Paul Fletcher, has also been very clear, “My message to business is simple: don’t send spam. And if you do – expect to be caught and to pay a fine.”
The Act is clear on the rules, section 15 provides a simplified outline which states:
- Unsolicited commercial electronic messages must not be sent;
- Commercial electronic messages must include information about who authorised the sending of the message; and
- Commercial electronic messages must contain a functional unsubscribe facility.
As of 1 July 2020, the maximum penalty for companies with no prior record is over $200,000 for each provision of the Act that is breached, with the maximum penalty for companies with a prior record being over $1 million.
Woolworths is not the only business that has faced the consequences of breaching Australian Spam Laws. Over the past 12 months, businesses have in total paid over $1,753,500 in ACMA-issued infringement notices, six businesses have been subjected to court-enforceable undertakings and seven businesses have been issued formal warnings.
So, what does this mean for businesses who don’t want to be found to have breached Australian Spam Laws?
The first step in ensuring you don’t end up like Woolworths is to first have your privacy and communication policies and procedures reviewed by a Privacy Lawyer to ensure that you are complying with all relevant laws like the Spam Act 2003 (Cth) and also the Privacy Act 1988 (Cth). What they can then help you with is in drafting a Privacy Policy which is compliant with all relevant legislation, advise in relation to your marketing strategies and ensure you do not find yourself with a large fine!
