eco Directive for Permissible e-Mail Marketing

Transcription

D
eco Directive
for Permissible
e-Mail Marketing
Guidelines for Practical Use
5th Edition 2014
NEW:
wide
World
ut / Opt-O
Opt-In
List!
A CH
2
INDEX
Guidelines for Practical Use 5th Edition 2014
1.Foreword
2.
The Consent
2.1. Transparent consent
2.2.Conscious, unequivocal, and express consent 2.3. Data economy
2.4.Co-registration and purchase of addresses
2.5. Consent of minors
2.6.Period of the validity of the consent
2.7.Formal requirements of the consent
2.8.Demonstrability of the consent (double opt-in)
2.9.Documentation of the consent
2.10.Exception from the opt-in:
E-mail advertising with existing customer relationship
2.11.Advertising in transaction e-mails
2.12.Feedback inquiries after purchase
4
5
5
6
7
7
7
8
8
8
14
15
17
18
3. Unsubscribing
3.1. Can e-mails be easily unsubscribed?
3.2.Are inquiries and complaints responded to?
19
19
22
4.
24
24
26
27
Design of the content
4.1. Is the subject not misleading?
4.2.Is the sender clearly discernible?
4.3.Is the legal notice complete?
5.Contract data processing – what needs to be noted 29
6.Sample cases for permissible optimization in e-mail marketing
6.1.Statistical analysis and measurement of user
behavior: Usage profiles
6.2.Performance increase in e-mail marketing:
Legal opportunities and boundaries
30
7.What needs to be noted in other countries in e-mail marketing
7.1.The legal aspects in Switzerland
7.2. The legal situation in Austria
35
35
39
8.Our recommendation: Certified Senders Alliance
41
9.Opt-in or opt-out – what applies in the individual countries 43
Authors 50
30
32
3
1.Foreword
More than twelve years ago, the online
marketing competence group of eco Association of the German Internet Industry
adopted the first “Directive for requested
online marketing.” Since then, the directive
has been updated on a regular basis and
more than a million copies of the popular
guidelines were distributed or downloaded
as a PDF from the eco website.
The current revision of the directive takes
into account the consequences from the
expiry of the transitional period for the
amendment of the Federal Data Protection
Act (BDSG) and a number of more recent
rulings (e.g. the ruling by the Federal Court
of Justice regarding the tell-a-friend function). Changes for practical use have arisen
in particular with regard to the formulation
of the consent to e-mail advertising and
with regard to the documentation obligations. A comprehensive overview of the global
legal positions of other states with regard to
the handling of consents (opt-in or opt-out)
was also included for the first time.
E-mail marketing has become a fixed part
of the customer communication of many
companies. In order to highlight the special
circumstances with regard to the legal conformity of this marketing communication,
specific and in particular practice-oriented
instructions for action are given in these
guidelines. The present directive gives companies an answer to the most frequent legal
questions. There are three areas for each
question:
4
1. Legal requirements
2.An explanation of the question and
recommendations for the practical
implementation of the statutory
requirements
3. Practical examples
The most pressing legal issues from a
company perspective relating to the
sending of e-mails are:
H
ave the recipients given their consent?
C
an the consent be proven?
D
o the recipients know what they have
consented to?
H
as the option of unsubscribing been
pointed out to the recipients?
D
o the recipients receive an e-mail
confirmation of their consent?
C
an e-mails be conveniently unsubscribed
to?
A
re inquiries responded to?
Is the subject not misleading?
Is the sender clearly discernible?
Is the legal notice complete?
D
oes it involve a case of contract data
processing and have the corresponding
statutory regulations been complied with?
Of course, this directive cannot replace
any legal advice in individual cases. It can,
however, help to ensure that companies are
on more stable ground when they use the
medium of e-mail to contact prospective
customers. Consumers should also be able
to feel safer when they provide a company
with their e-mail address. Safe means
that addresses are not simply forwarded,
that e-mails can only be sent with the
addressee‘s consent, and that it is easily
possible to have your own address deleted
from a distribution list again at any time.
The great success of e-mail as a medium is
based on trust. This directive should contribute in this respect. The directive can also
be retrieved on the Internet at www.eco.de/
RichtlinieOnlineMarketing.
2. The Consent
It is now generally known that advertising
by e-mail fundamentally requires the consent of the recipient, both in the B2C area
and in the B2B area. The necessity of the
consent results from Section 7 para. 2 of
the Act Against Unfair Competition (UWG)
and from Section 28 para. 3 sent. 1 of
the Federal Data Protection Act (BDSG).
Although this principle may sound simple, its
specific implementation is difficult. Through
numerous rulings and amendments to laws,
the requirements for declarations of consent
are also being constantly tightened.
The requirements of valid consent can
be summarized in brief as follows:
t ransparent
v oluntary
c onscious, unequivocal, express and
s eparate
In addition, it must be possible to prove
consent and to record it in detail. For e-mail
advertising within the framework of existing
customer relationships, the law makes provision for certain alleviations (cf. chapter 2.10)
2.1.
Transparent consent
Valid consent must meet certain requirements with regard to form and content. It
is decisive firstly that the consenting party
is informed in a transparent and easy-tounderstand manner about the content of
his or her declaration of consent. According
to Section 4a para. 1 sent. 2 of the Federal
Data Protection Act (BDSG) and the legislation issued in this respect by the Federal
Court of Justice on 25 October 2012, file
reference I ZR 169/10, consent is only valid
when it is declared in knowledge of the circumstances and for the specific case. The
consenting party must be able to gain a
specific idea of who is to use his or her
data and for what purposes.
The company that intends to refer to the
consent in the future must be clearly named.
The consent is always only for the company
expressly named. There is no “blank consent” that for instance could entitle a company XY and its “partner companies” to conduct e-mail advertising. The data protection
law does not make provision for group privilege either. A forwarding of e-mail addresses
within the group for advertising purposes
of other group companies is not permissible
either (if the group companies are not
expressly named in the consent). A general
naming of company XY “and affiliated
companies” should also constitute a breach
of the requirement of transparency.
The content of the future advertising
e-mails should also be addressed as transparently as possible in the declaration of consent. If, for instance, a company markets
various product lines under different brands,
the declaration of consent should indicate
whether the addressee will receive advertising for the product line under the brand X
in the future or whether all the company‘s
brands will be advertised.
5
Worst practice / n egative examples:
■ I consent to my data being used for
advertising purposes. I can revoke
my consent at any time by e-mail to
[email protected].
Such a declaration of consent is invalid as it
is not discernible here which media (e-mail,
SMS, telephone, letter) are to be used for
advertising.
■ I would like to receive advertising from
ABC Co. and from partner companies
of ABC Co. by e-mail. I can revoke my
consent at any time by e-mail to [email protected]. In addition, a link
to unsubscribe to other information is
included in each e-mail.
This declaration of consent does not inform
the addressee about which partner companies are involved. The consenting party
thus has no idea what companies his or her
e-mail address will be forwarded to. In the
case of consent which also includes the forwarding to third parties, the potential recipients of the data are to be named in detail.
2.2.Conscious, unequivocal,
and express consent
Pursuant to Section 7 para. 2 no. 3 of the
Act Against Unfair Competition (UWG),
consent must expressly be given by the consenting party, i.e in a conscious and active
manner. This can be done in writing by a
signature of the consenting party or in electronic form by clicking on a check box. An
opt-out option, i.e. for instance a check box
that can be clicked when no e-mail advertising is wanted, or a pre-clicked check box
6
do not therefore constitute valid declarations of consent. The publishing of the e-mail
address in public directories, on the Internet
page, in a letterhead, or on a business card
does not constitute consent to the sending
of e-mail advertising either. A presumed or
implied consent with which interest on the
part of the addressee is merely assumed is
no longer sufficient.
Consent to the sending of e-mail advertising
must always also be given separately, i.e. it
cannot be combined with other declarations.
For the confirmation of a purchase in an
online shop (“Order now with costs”) on the
one hand and the consent to e-mail advertising on the other, two separate check boxes
must thus be provided. This was confirmed
again by the Federal Court of Justice in its
so-called “Payback ruling.”
Worst practice / negative examples:
■ I would NOT like to receive the e-mail
newsletter of ABC Co.
The “opt-out” in this case does not constitute a valid declaration of consent. The consent must be given by active measures by
the consenting party. Here, however, the
consenting party must become active if
he or she does not want to give his/her
consent.
Best practice / p ositive example:
■ I would like to receive the weekly newsletter of ABC Co. with information on its
offers from the field of telecommunication by e-mail. My data are not forwarded
to third parties under any circumstances.
I can revoke my consent at any time by
e-mail to [email protected]. In
addition, a link to unsubscribe to other
information is included in each e-mail.
This declaration of consent meets the
statutory requirements.
2.3.
T he size of the list is restricted to a
maximum of ten (10) companies.
The threshold of transparency should at
any rate be exceeded if the user can no
longer recognize the participating
companies “at a glance.”
Data economy
Under the consent, no more data may
be requested from the recipient than are
actually necessary for the provision of the
service. Usually, only a request for the
e-mail address is necessary for the sending
of an e-mail newsletter. The obligatory
request for the first name or surname to
personalize the e-mail newsletter is seen
by many lawyers as permissible but not by
all data protection supervisory authorities.
However, as many data as required can
be requested on a voluntary basis.
2.4.Co-registration and purchase
of addresses
With the acquisition of address data for
third parties (lead generation through
co-registration), the companies for whom
the addresses are to be collected are to
be named in detail as well. The number
of companies for whom addresses are to
be collected at the same time should be
manageable. In particular, it is recommended
that the following requirements be met:
T he companies for whom the address data
are to be generated are to be specified by
name and when the sector is indicated
individually.
It must be easy and clearly possible within
the consent process for the user to take
note of the list of companies.
The use of purchased e-mail addresses
entails increased due diligence obligations.
For according to legislation, the purchaser of
the e-mail addresses must ensure that the
owner of the respective e-mail address is
really in agreement with the sending of the
advertising and that the lawfully submitted
consent refers in particular not only to the
mailing by the seller but also by third parties
(in this case the purchaser). At any rate, it is
not sufficient to rely on the assurance from
the seller that the consent had been given.
The purchaser must have been provided the
corresponding documented records and
must at least carry out a random check. In
order to take the most reliable path in this
area too, the records for the consent should
not only be shown but also stored in the
company‘s own files for documentation
purposes.
2.5.
Consent of minors
The minimum age for the ability to give
consent is not clearly defined. Within the
framework of e-mail advertising, minors
aged 16 and over can generally be seen as
capable of giving consent. However, in the
consent to the processing of so-called
“sensitive data” (e.g. health, religion, etc.)
higher requirements may have to be set
under certain circumstances in individual
cases.
7
2.6.Period of the validity of the
consent
It is regularly claimed that consent to the
sending of e-mail advertising expires after
a certain period of time. However, there is
no proof in the legislation for such a limited
“shelf life” either.
It should merely be ensured that the consent
is made use of relatively promptly after it is
given. In the opinion of the Munich I Regional Court with its ruling dated April 8, 2010,
file reference 17 HK O 138/10, consent to
the sending of e-mail advertising which is
not made use of until more than 1.5 years
later is no longer valid as the consenting
party will no longer expect the e-mail
advertising to be sent after such a long period of time. If, however, consent is regularly
given to the sending of an e-mail newsletter,
there is no cause to assume that it should
expire after a certain period of time.
2.7.Formal requirements of the
consent
Consent by postcard or letter: As a fundamental rule, consent is to be given in writing
(Section 4a para. 1 sent. 3 of the Federal
Data Protection Act (BDSG)). By “in writing,”
the law understands the handwritten signature of the consenting party. If therefore
consent is given in a document – for
instance a postcard or letter – which the
subsequent addressee of the advertising
e-mail has signed, the consent can be
proven by this document. For this purpose,
it must be ensured that the document
is retained.
8
Online consent: On the Internet, consent can
also be given in electronic form. Pursuant
to Section 13 para. 2 of the Telemedia Act
(TMG), electronic consent must also meet
some formal requirements, i.e.:
t he consent has to be recorded,
t he user must be able to retrieve the
content of the consent at any time and
t he user has to be able to revoke the
consent at any time with effect for the
future. This right of revocation is to
be pointed out to the user beforehand
(Section 13 para. 3 of the Telemedia
Act (TMG)).
Consent with personal contact and on the
telephone: Consent can also be given on the
telephone or in person, for instance during
a call to a call center or “face to face” at
a trade fair. Since the reform of the data
protection law in 2009, however, such
consent that is not given in writing must be
confirmed in writing (Section 28 para. 3a of
the Federal Data Protection Act (BDSG)).
2.8.Demonstrability of the
consent (double opt-in)
In the event of a dispute in court regarding
the permissibility of the sending of the
advertising e-mail, the sender has the
burden of presentation and proof that the
consent was actually given by the specific
owner of the e-mail address used. The mere
presentation that consent to the sending of
advertising e-mails to a particular e-mail
address was given is not sufficient if the
sender cannot prove that the consent
actually originated from the owner of
the e-mail address used.
As a fundamental rule, the sender must note
the following:
given during registration, also submitted the
consent.
M
erely the granting of the addressee‘s
consent is not sufficient. The consent
must be obtained in such a way that it
can be proven when convincing a court
(provability).
T he consent from a person is not sufficient
either on its own. It must be proven that
precisely the recipient and not perhaps
a third party under the latter‘s name
or e-mail address has given consent
(congruence: registering party –
(subsequent) recipient).
By using the double opt-in procedure, it can
thus be prevented that advertising e-mails
are sent to an e-mail address that has not
been registered by its owner, but instead
misused by a third party. It is also ensured
that no advertising e-mails enter the distribution list with which the user has merely
committed a typing error during registration. In this case, too, there is the risk that
the actual holder of the e-mail address
receives advertising e-mails although he
or she never submitted consent.
For the proof that the consent actually
originated from the owner of the e-mail
address used, the double opt-in procedure
offers the maximum legal certainty. The use
of the double opt-in procedure is therefore
highly recommended – but it is not mandatory under the law. Even if we read it repeatedly: There is no statutory obligation to use
the double opt-in procedure. Such an obligation was not introduced with the 2009
amendment of the Federal Data Protection
Act (BDSG) either.
Why actually double opt-in?
As a reminder and for clarification: With
the double opt-in procedure, a confirmation
e-mail (frequently also called invitation
e-mail or check mail) is sent to the e-mail
address given during registration for a
newsletter. In this confirmation e-mail,
the addressee is asked to confirm his or her
consent by clicking on a confirmation link.
If the addressee clicks on the confirmation
link, it can thus be proven that actually the
owner of the e-mail address which was
And is the double opt-in procedure
legally permissible?
In the field of dialog marketing, in actual
fact, contradictory court rulings can be
found for virtually all legal issues. Unfortunately, the courts are and were also not
entirely in agreement in the assessment of
the double opt-in process. In some rulings,
the confirmation e-mail per se was already
seen as an unreasonable harassment (or
unlawful e-mail advertising or spam). In
the process, however, the courts have overlooked the fact that ultimately there is no
alternative to the double opt-in procedure
if you want to conduct legally certain e-mail
marketing. Not even in the (admittedly
hypothetical) use of a Post-Ident procedure
or a notarized certification of the consent
to the sending of e-mail advertising can it
be established with legal certainty that
for instance the e-mail address angel23@
gmx.com does indeed belong to Mrs. Maier,
who indicated precisely this address when
giving her consent.
9
From a legal perspective, it was therefore
major progress when the Federal Court of
Justice in a ruling dated February 10, 2011,
that significantly bears the title “double
opt-in procedure,” fundamentally gave the
go-ahead to the double opt-in procedure:
“If application for participation is
received in electronic form, the latter‘s
sender can be asked in an e-mail to confirm
his or her request to participate. After receipt
of the requested confirmation, it can be
assumed that the application did indeed
originate from the e-mail address indicated.”
In contrast, the Munich Upper District Court
ruled on September 27, 2012, that the confirmation e-mail under the double opt-in
procedure already constitutes an unsolicited
advertising e-mail. The confirmation e-mail
that is used precisely to avoid spam would
therefore itself be spam according to the
Munich judges.
The crux of the Munich ruling is the question of whether the confirmation e-mail can
already be seen as advertising by e-mail. In
the opinion of the Munich judges, this is the
case. And consent is thus already required
for the confirmation e-mail. As, however,
the confirmation e-mail is used particularly
to make the consent provable, there cannot
be any provable consent for the sending of
the confirmation e-mail. Which means that
you somewhat feel as if you were in a novel
by Kafka:
“Do you want to obtain consent?
But then please prove beforehand that you
already have consent...”
10
That can‘t be how things work. And the
solution to this Kafkaesque drama lies in
the question as to whether the confirmation
e-mail is really and truly advertising or
whether it is more of a transaction e-mail.
The legislation and jurisdiction are less
hesitant when it comes to what should be
seen as advertising. Any statement that is
used directly or indirectly to sell products or
services falls under the term “advertising.”
As lawyers put so succinctly, the term
“advertising” can be “interpreted in many
ways.” For instance, the legislation also sees
birthday e-mails from a company to its
customers and e-mails for a market research
study that is not carried out on a neutral
basis but in the interest of a company, as
advertising. Which is somehow still understandable as these e-mails ultimately aim to
sell products or services, at least indirectly.
Almost everything that a company does
and communicates externally serves to sell
products or services. After all, that is the
reason for the company‘s existence.
However, it goes too far to classify any
communication from a company in blanket
terms and as a type of reflex reaction as
“advertising.” Companies also communicate
with their customers to fulfill a contractual
relationship by, for instance, sending order
confirmations or invoices by e-mail. For this
type of communication, nobody seriously
requests express and unequivocal consent
from the addressee. Such so-called trans
action e-mails are lawful as part of the
fulfillment of the contractual relationship
between a company and its customers. And
the sole purpose of the confirmation e-mail
is the verification of the consent as part of
the contract (or contract-like relationship)
between the company and addressees regarding the sending of an e-mail newsletter.
The confirmation e-mail does not itself promote the sale of goods or services. Rather
the opposite is true: The double opt-in
procedure costs addressees or conversion.
Experience shows that an average of around
a quarter of the addressees of a confirmation e-mail do not confirm their registration
for the e-mail newsletter and can thus not
be written to. And for those who have
experienced the vehement resistance of an
average marketing department to the introduction of the double opt-in procedure will
scarcely want to assert afterward that the
double opt-in procedure could be classified
even in the remotest sense as an advertising
measure.
To cut a long story short: Sending a confirmation e-mail does not require any separate,
prior consent. This is firstly not possible
logically; secondly, the confirmation e-mail
is not to be qualified as advertising either.
Confirmation e-mail without
advertising
However, the confirmation e-mail must
always be absolutely free of advertising
and may solely be used to verify the e-mail
address.
As is seen frequently enough, the confirmation e-mail does not have to be sent as
plain text. It may indeed correspond to
the corporate identity of the company and
for instance include a logo, but additional
advertising elements must be avoided. A
confirmation e-mail loaded with advertising
would fail in court as an impermissible
advertising e-mail.
Confirmation e-mail with full
declaration of consent
The confirmation e-mail serves solely to
verify consent. If a user indicates a thirdparty e-mail address in subscribing to a
newsletter improperly or because he or she
is of the opinion that the newsletter could
perhaps interest the owner of the e-mail
address, the owner of the e-mail address
receives a confirmation e-mail. Without
being familiar with the declaration submitted by the party, he or she receives this
confirmation e-mail; he or she has never
submitted any kind of consent on a website.
If he or she now clicks on the confirmation
link, this click alone must constitute sufficient consent in order to send the newsletter
to his or her e-mail address in the future.
The full consent should therefore be included in the confirmation e-mail. And full
consent must be given with the click on the
confirmation link. Solely with the wording of
the confirmation e-mail, the sender must be
able to prove in court that the addressee‘s
consent to the sending of e-mail advertising
had been received. It is therefore not sufficient if there is a brief and concise request
in the confirmation e-mail for the confirmation of the consent submitted on the website during registration, without repeating it.
In other words: If you invest a lot of time
and effort (and possibly even money for a
legal audit) in the formulation of your declaration of consent on the website, this declaration of consent must also be reproduced in
exactly the same form in the confirmation
e-mail. Otherwise you can save yourself the
effort.
11
Confirmation e-mail without further
explanations
The following formulation,
for instance, would be possible:
The confirmation e-mail should solely be
used to confirm the consent and no further
declarations should be packed into it. One
of the formal requirements, of which there
are a great deal now, for the validity of
consent is that it is submitted separately
from other declarations, in almost isolated
form (cf. chapter 2.2.).
Many thanks for your participation
in our big million-dollar competition!
Please confirm your subscription of our
newsletter with up-to-date information.
The confirmation of consent in the confirmation e-mail should therefore, for instance,
not be linked to participation in a competition (even if such a link could be permissible
overall, but that is another topic).
An (advertising-free) confirmation e-mail
is legally OK, but it may be the case from
time to time that the confirmation e-mail
is overlooked or in the worst case perhaps
is caught in the spam filter. If the addressee
does not click on the confirmation link, is
it permissible to send a reminder e-mail?
This formulation in the confirmation
e-mail would therefore not be
recommended:
One more click to big winnings!
Please conclude your participation in our big
million-dollar competition by clicking on the
following link and confirming the conditions
of participation in the competition and your
subscription to our newsletter with current
information.
In this case, no separate declaration of
consent exists anymore and the consent
would be invalid. The formulation of the
confirmation to be submitted must make
clear that solely the consent to the sending
of the newsletter is confirmed and not also
the participation in the competition at the
same time.
12
What is the position with reminders
when the addressee does not
confirm immediately?
Unfortunately, there is no clear answer to
this question. As stated above, it is indeed
pleasing that the Federal Court of Justice
established regarding confirmation e-mails
that they do not constitute an unreasonable
harassment. Regarding the question of whether a reminder e-mail can be seen as an
unreasonable harassment, the legislation has
not been forthcoming to date, as far as we
can tell. However, it is to be assumed that
the courts will view such a reminder e-mail
as fundamentally more critical than the confirmation e-mail per se. The confirmation
e-mail serves solely the purpose of verifying
the e-mail address and thus acquiring legally reliable and legally permissible consent.
However, the reminder e-mail tends to serve
the purpose of indicating a confirmation
that has not been given and to perhaps gain
consent after all, even if the addressee has
not confirmed it in the first run, for whatever reasons. It should therefore become
more difficult here to substantiate legiti
mate interest, beyond the growth of the
distribution list, in the sending of the
reminder e-mail. By this, however, the aim
is not to state that the sending of such a
confirmation e-mail is clearly impermissible.
If a reminder e-mail is sent, however, it
should generally only be sent once and
within a relatively short period after the
sending of the confirmation e-mail. Regular
reminder e-mails over a period of several
weeks or months will with reasonable
certainty annoy the addressee and lead to
complaints.
Deletion of the data in the event
of non-responders
How long can the data be stored then if
there is no confirmation? Here, too, it is
difficult to indicate an absolute period of
time. In abstract terms, it can be stated that
data may only be saved for as long as they
are required to carry out the double opt-in
procedure.
The admission criteria for the Certified
Senders Alliance (CSA) are accordingly also
expressed in abstract form in this regard:
If confirmation is not given within a
suitable period of time, the data collected
in connection with the e-mail address are
to be deleted.
Thus, we arrive at the question of how long
such an appropriate period of time is, i.e.
how long the confirmation from the addressee can realistically be anticipated. Based
on experience, the ordering of a newsletter
is confirmed within a few minutes. If, for
instance, the addressee is on holiday and is
not lucky enough to be reachable via e-mail,
however, it may indeed take one or two
weeks until the addressee confirms his or
her subscription to the newsletter. Accordingly, a period of two weeks is still seen as
permissible under data protection law.
Tell-a-friend function
Most recently, on September 12, 2013,
the Federal Court of Justice pronounced
an important ruling on the (im)permissibility
of recommendation e-mails. The following
facts were available to the Federal Court of
Justice: The petitioner received several times
without his prior consent product recommendations from the defendant who had set
up a “tell-a-friend” function on its website,
whereby the respondent was (also) named
as the sender of the recommendation e-mail.
The petitioner therefore wanted to file a
claim for injunctive relief against the defendant. The courts of prior instances (Cologne
local court and regional court) had rejected
such a claim on the grounds that the
respondent would not be liable for the
misuse by a third party with regard to the
“tell-a-friend” function.
However, the Federal Court of Justice (BGH)
did not share this opinion:
Initially, the Federal Court of Justice qualified the disputed recommendation e-mails
as advertising pursuant to the Directive
2006/113/EC (accordingly, any statement
when carrying out commerce, trade, craft or
free profession with the goal of promoting
the sale of goods or the provision of services
is defined as advertising activity).
13
In addition, recommendation e-mails are
always to be assigned to the sphere of the
website operator, irrespective of whether
a third party initiates these e-mails. A fundamental factor is in particular that the
respondent appears vis-à-vis the recipient
of a recommendation e-mail as the sender.
Ultimately, it is also the meaning and pur
pose of the “tell-a-friend” function to draw
attention to the website and the services
offered there. It is thus stated in the
grounds for the ruling:
“This assessment is not countered by the
fact that the respondent does not tolerate
the misuse of the “tell-a-friend” function. It
is apparent that the “tell-a-friend” function
is used precisely to send recommendation
e-mails to third parties, without there being
any certainty that they have given their
consent in this respect.”
Consequently, a decisive factor also in
the tell-a-friend function is, at least when
the recommended company appears as the
sender, whether the recipient has given his
or her express consent to the unsolicited
sending of such content. If no consent has
been given, the protection of the consumer
is required who is powerless against the
sending of unsolicited advertising e-mails.
In these cases, the e-mails are impermissible
pursuant to Section 7 para. 2 no. 3 of the
Act Against Unfair Competition (UWG).
Whether the ruling by the Federal Court
of Justice also means the end of the tell-afriend function in the event that the recommending private individual appears as the
sender of the recommendation e-mail is currently assessed differently. One argument in
favor of the permissibility of corresponding
14
recommendation e-mails is that the Federal
Court of Justice also bases its ruling on the
fact that the respondent was the sender of
the e-mails in the case to be decided upon.
On the other hand, the Federal Court of
Justice bases its grounds for the decision on
the fact that the tell-a-friend function was
specifically used by the company to draw
attention to services offered and that therefore the usage of the function should be
attributed to the company. If a company
decides to (continue to) provide its tell-afriend function, using a private individual
as the sender, it is therefore running a high
risk of at least a warning.
2.9.Documentation of the
consent
Irrespective of the procedure used, the
declaration of consent is to be documented
comprehensively and permanently for the
entire usage duration of the e-mail address,
whereby the documentation requirements
of the Federal Court of Justice (ruling dated
February 10, 2011, I ZR/164/09) are to be
taken into account in the recording process.
In the case of dispute, the sender of an
advertising e-mail must be able to at least
present the following details:
C
ontent of the declaration of consent
and information about the formulation
(how was the consent declared: actively
and separately?)
T ime of the declaration of the consent
IP address of the consenting party at the
time the consent was given (with dynamic
IP addresses, the IP address of course only
has a very limited value as proof)
If applicable, the time when the invitation
e-mail was sent out (with double opt-in)
C
ontent of the invitation e-mail
(with double opt-in)
T ime of the confirmation of the consent
(with double opt-in)
With consent given in personal contact, it
may be possible under certain circumstances
to use the recipient of the declaration as a
witness. In the event of a dispute (in court),
the latter‘s statement must be considered
credible. There are doubts in this regard if
the contact took place a considerable time
ago and was made within the framework of
many contacts, for instance at a trade fair.
In addition, it is not ensured either that the
actual contact person is actually the person
who receives the advertising later on. Here,
too, the carrying out of a - correspondingly
adapted - double opt-in procedure lends
itself.
2.10.Exception from the opt-in:
E-mail advertising with existing customer relationship
For e-mail advertising within the framework
of existing customer relationships, the law
makes provision for an alleviation. Normally,
the advertising company requires the conscious and unequivocal consent from the
addressee in order to be able to send advertising e-mails (so-called opt-in). With an
existing customer relationship, however, the
customer may be sent advertising e-mails
if the customer has not objected to them
being sent (so-called opt-out). This exception to the rule, however, has certain formal
requirements, which is why it is also called
a “qualified opt-out”. Specifically, these
requirements are as follows:
(1)The sender must have received the
customer‘s e-mail address from the
customer “in connection with the sale
of goods or services.”
(2)In addition, it must have been pointed
out to the customer “in a clear and
unequivocal manner in the collection of
the address and in each use thereof”
that he or she can object to the use of
his or her e-mail address for advertising
at any time,
(3)without costs other than the transmission costs pursuant to the basic tariffs
being incurred in this regard” – and the
customer must not have of course
objected to it.
(4)In the e-mails subsequently sent to
the customer, solely “the company‘s
own similar goods or services” may
be advertised.
The law clearly states that the customer
must give his or her e-mail address him- or
herself to the advertiser during the order
process. Accordingly, it is not sufficient if
the advertiser has received or found out the
customer‘s e-mail address by other means.
A hotly debated issue is the question of
whether the sales process must actually
be completed to be able to use the e-mail
address for e-mail advertising. This question
becomes relevant, for instance, with inquiries from prospective customers and in the
online shop with so-called shop drop-outs
who in the course of the order process place
merchandise in the shopping cart and indicate their e-mail address but then cancel
the order process. Are in such cases the
statutory requirements “in conjunction with
the sale” already met or must the sale be
definitively completed?
15
Whereas it is undisputed in many other
European countries that contract negotiations are sufficient for reference to the
exception to the rule, there is cordial disagreement in this regard in Germany. On
the one side, there are the advocates of the
most far-reaching protection against annoying e-mail advertising, who propagate a
narrow interpretation of the exception to
the rule and see the conclusion of the sales
process as a mandatory requirement. An
argument in favor of this is also the wording
of Section 7 para. 3 of the Act Against
Unfair Competition (UWG) that expressly
mentions CUSTOMER. On the other, it is
stated that a prospective customer who has
voluntarily given his or her e-mail address
during an order process and has had it pointed out to him or her that he or she will
receive e-mail advertising in the future if
he or she does not object, is not particularly
worthy of protection.
In using e-mail addresses that were collected “in conjunction with the sale of goods or
a service,” there is thus a residual risk if this
sale is not definitively concluded. A definitive court ruling that provides an unequivocal
answer to this question does not exist (as
far as is discernible).
At any rate, a forwarding of the e-mail
address to other companies, even to group
companies, is not permissible. Usage of the
address for advertising purposes for other
companies is not permissible either.
In addition, the advertising company may
only send the customer e-mail advertising
for “its own similar goods or services.” Here,
the question arises what is meant by this
abstract formulation. The required similarity
16
between the goods purchased and the goods
that may be subsequently advertised is
determined from the customer‘s perspective.
Based on the purchases up to that point, the
advertiser must ask itself the question as to
what other similar goods the customer might
possibly be interested in.
According to the legislation, the decisive
factor for the similarity of the goods is
whether the advertised goods correspond to
the same typical intended use or customer
need like the ones already purchased. If both
goods are used for the same typical intended use, the similarity is given. In the process, accessories and supplementary goods
are still recognized by the legislation as
“similar”, even if the legislation fundamentally assumes a narrow interpretation of
the circumstances for the exception.
If a customer, for instance, orders French
red wine, he or she will undoubtedly also
be interested in wines from Austria or other
countries – it is therefore permissible to
inform him or her about them. The information about accessories for the goods originally purchased should also easily fall under
the exception to the rule. Specialized online
dealers who only offer goods from a certain
segment will therefore be able to use the
exception to the rule better than an e-mail
order company with a comprehensive range
of goods who advertises goods in its newsletter from all areas in unspecific form.
If the advertiser has used an “active opt-in”
up to now within the framework of its online shop in which the customer must click on
a check box in order to receive its newsletter, it can, as an exception, integrate this
check box in “pre-clicked” form in the order
process. In the process, it must always be
pointed out that the sending of advertising
e-mails can be objected to at any time, without costs other than the transmission costs
pursuant to the basic tariffs being incurred
in this regard.
In this case, the user must become active
and “deactivate” the check box if he or she
does not want to receive the newsletter.
Experience shows that such a changeover
results in at least a doubling of the conversion. The advertiser must then, however, of
course note the restriction of the advertising to “own similar goods or services.” If he
or she wants to use the addresses acquired
in this way for the sending of the newsletter,
he or she may only advertise goods of a
similar type.
For example, a travel operator who integrates the following text in its order process
should generate considerably higher conversion:
We will send you your booking confirmation to the e-mail address that you have indicated. By indicating your e-mail address, you
will not receive any unwanted spam e-mails.
In connection with your booking, you will
receive from us, in addition to the booking
confirmation, other e-mails tailored to your
trip. You can object to the sending of these
e-mails at any time by sending an e-mail to
[email protected], without costs other
than the transmission costs pursuant to the
basic tariffs being incurred in this regard.
After receipt of your objection, we will suspend the sending of e-mails immediately.
This organization guarantees a virtually
100% conversion; however, the content of
the subsequent advertising communication
should definitely be restricted to information that is actually limited to the specifically
booked trip.
Information about the right of objection
must be provided directly when the e-mail
address is collected, i.e. at the point in time
when the customer notifies the advertiser of
his/her e-mail address. Existing customers
who did not have their right of objection
pointed out to them when they indicated
their e-mail address, cannot thus have this
pointed out to them subsequently by e-mail.
Rather, they must be motivated to provide
their e-mail address again and then have
their right of objection pointed out to them.
For this purpose, the customer can, for
instance, be subsequently offered an additional service (possibly also for free), during
the order of which the e-mail address is
then to be given. However, the subsequent
qualification is made more difficult by the
fact that existing customers may not have
the additional service pointed out to them
by e-mail. Here, alternative forms of contact, for instance via the website, by mail
or as part of transaction e-mails are to be
selected.
2.11.Advertising in transaction
e-mails
Transaction e-mails are e-mails that a
company sends as part of the fulfillment of
a contract, for instance, order confirmations,
dispatch confirmations or invoices. For such
transaction e-mails, the sender does not of
course require the consent of the addressees. From a marketing perspective, it
lends itself to also advertise for other
products and services of the sender in
17
such transaction e-mails as advertising
in transaction e-mails has above-average
conversion rates.
Section 7 of the Act Against Unfair Competition (UWG) for e-mail marketing have to
be complied with.
The major question here is: May transaction
e-mails contain advertising if the addressee
has not consented to the sending of advertising e-mails and if the requirements of the
exception for e-mail marketing with existing
customer relationships (cf. 2.10.) are also
not met?
2.12.Feedback inquiries after
purchase
For advertising e-mails, the addressee‘s consent is required as an “unreasonable harassment” through unsolicited mass advertising
is to be avoided. In the legislator‘s opinion,
the “unreasonable harassment” lies in the
addressee being forced to deal with every
e-mail that he or she has received and to
delete it if it is unsolicited advertising.
However, this “unreasonable harassment”
cannot exist at all with a transaction e-mail.
The addressee receives the transaction
e-mail, i.e. for example the dispatch confirmation, at any rate and has to deal with it,
irrespective of whether this also contains
advertising content as an accompanying
measure or not.
As long as it involves advertising content
that merely accompanies transaction-related
content (the focus is clearly on transaction
content), this should not be an unreasonable
harassment. However, the advertiser should
also not go overboard with the advertising
contained in transaction e-mails. If the
transaction-related content is merely feigned in order to make an advertising e-mail
supposedly permissible or if the transactionrelated content takes a complete back seat
to the advertising, an advertising e-mail has
to be assumed – and the specifications of
18
Customer feedback is extremely valuable for
many companies to enable them to improve
the products and services they offer and to
adapt them to the requirements of the market. In addition, customer ratings are increasingly becoming the basis for purchase decisions. More and more suppliers are therefore
sending e-mails out after a purchase has
been made, with the request for a rating
and feedback from the customer.
Are, however, such feedback inquiries also
permissible after purchase if the addressee
has not consented to the sending of advertising e-mails and if the requirements of the
exception for e-mail marketing with existing
customer relationships (cf. above) are also
not met?
The decisive question here is whether feedback inquiries are advertising. The Coburg
Regional Court answered this question in
the negative with its decision dated February 2012. Accordingly, a one-off feedback
inquiry is not advertising but predominantly
“customer service that aims to help improve
processes and eliminate defects.” Furthermore, feedback inquiries have since then
also become common practice. The court
therefore did not see consent by the addressee to advertising as being necessary. This
ruling was strongly criticized, in part with
good arguments. It is also not certain under
any circumstances that other courts will
decide exactly the same when it comes
down to it. You are therefore on the legally
permissible side if you meet the formal
requirements of the exception in e-mail
marketing with existing customer relationships (cf. above).
3. Unsubscribing
3.1.Can e-mails be easily
unsubscribed?
Those who send advertising e-mails are obligated to give the recipients the opportunity
to delete their names from the distribution
list and to clearly point out this possibility
(Section 28 para. 4 of the Federal Data
Protection Act (BDSG), Section 7 para. 2
no. 4 of the Act Against Unfair Competition
(UWG), Section 13 para. 2 no. 4 of the Telemedia Act (TMG), Section 13 para. 3 of the
Telemedia Act (TMG)). The best variant is
an unsubscribe link directly in the e-mail.
After clicking on this link, the deletion must
be done in a prompt manner.
The information with regard to the
unsubscribe option must already be
available when consent is obtained.
The legislator stipulates that the service
provider gives the user the option of revoking his or her consent to the use of his/her
data and/or his/her opt-in at any time
(Section 13 of the Telemedia Act (TMG)).
In addition, the legislator expressly demands
that the information regarding this right
must be given to the user as a mandatory
measure before the declaration of the consent (Section 13 para. 3 Telemedia Act
(TMG), Section 28 para. 4 of the Federal
Data Protection Act (BDSG)).
It is therefore not sufficient to place the
information in a newsletter with an unsubscribe link. The legislator already demands
corresponding information during registration. Irrespective of whether the consent has
been generated via postcard/letter, fax, online, during personal contacts, by telephone,
via SMS/MMS or any other communication
channels.
Ostensibly, this formal issue appears unimportant and rather self-evident. Particularly
as the user is also alleviated of some of his/
her fear to give his or her consent “for
always.” Nevertheless, not all companies
by far succeed in meeting this requirement
of the legislator.
Because such information also generates
trust, this opportunity should be used and
the recipients given the assurance that they
can unsubscribe to the newsletter at any
time (with just one mouse click).
Formulation examples:
Y ou can conveniently unsubscribe to the
newsletter at any time with a single click
of the mouse.
In every newsletter, we will offer you
the possibility of terminating your
subscription.
E ach newsletter will contain an unsubscribe link via which you can independently
delete your name from the distribution
list again at any time.
Y ou can object to the use of your data
for advertising purposes at any time.
The implementation of the objection to the
further processing or usage of the contact
data of a person concerned for advertising
purposes must be done immediately in the
19
respective company, Section 28 para. 4 sent.
1 of the Federal Data Protection Act (BDSG).
Act (BDSG), Section 43 para. 3 of the
Federal Data Protection Act (BDSG).
The unsubscribe option must be
given in each advertising e-mail.
In order to carry out the timely notification
regarding the right of objection, there are
several possibilities, not all of which, how
ever, are recommended.
It is stipulated by law that an unsubscribe
option must be made available in each
advertising e-mail and reference must be
made to it (Section 7 para. 2 no. 4 of the
Act Against Unfair Competition (UWG), Section 7 para. 3 of the Act Against Unfair
Competition, Section 13 para. 2 no. 4 of the
Telemedia Act (TMG) and Section 28 para. 4
of the Federal Data Protection Act (BDSG).
Section 28 para. 4 of the Federal Data
Protection Act (BDSG) is worded as
follows:
If the person concerned files an objection
to the responsible organization regarding
the processing or usage of his or her data for
purposes of advertising or market or opinion
research, a processing or usage for these purposes is not permissible. When approached
for advertising purposes, the person concerned is to be informed […] about the organization responsible and about the right of objection […];
In plain text: The (subsequent) recipient
must have his or her right of objection pointed out to him/her. As soon as he or she
announces that he or she would not like to
receive any further e-mails from the sending
company, it must be ensured that he or she
is promptly excluded from future mailings.
The breach against an objection pursuant to
Section 28 para. 4 of the Federal Data Protection Act (BDSG) can be prosecuted with
a fine of up to EUR 300,000 (Section 43
para. 2 no. 5b of the Federal Data Protection
20
The best way because it is the most userfriendly is the integration of an unsubscribe
link in each e-mail sent. In most cases, this
link is at the very bottom of the e-mail.
An example:
If you no longer want to receive our news
letter, simply click here: Unsubscribe to newsletter
Any good e-mail marketing software offers
a corresponding functionality that ensures
that every user who clicks on this link automatically does not receive any further
e-mails.
After clicking on the link, the user should
land on a page on which the deletion from
the distribution list is confirmed.
A formulation example:
We have deleted you from our distribution
list. You will not receive any further e-mails
from us.
It is not necessary to confirm the unsubscribe to the user by e-mail. Rather, it is the
case that this additional e-mail in extreme
cases can already be understood by the user
as an unreasonable harassment as he or she
has just withdrawn his or her consent to the
advertising company sending him or her
further e-mails.
Processes that make it more difficult for the
user to unsubscribe, such as the so-called
“double opt-out” in which the user receives
an e-mail after he or she has unsubscribed
and is asked to confirm the unsubscribe by
clicking on a link, should not be used in any
case.
Experience shows that a not-to-be-underestimated percentage of users does not click
on this link: Perhaps precisely this e-mail
got caught in the spam filter by mistake, or
the user thought the e-mail was nothing but
a confirmation of the unsubscribe, without
reading it in more detail – there are many
possible reasons.
The fact is only that the user in this case
will continue to receive the respective
newsletter. This leads very quickly to the
user getting annoyed – not really what you
actually want to achieve with a newsletter.
Some e-mail marketing systems do not offer
the use of automatic unsubscribe links. The
unsubscribe is implemented by e-mail in
this case. There are two common variants.
Example variant 1:
To unsubscribe to our newsletter, reply to this
e-mail and write “unsubscribe” in the subject
line.
Example variant 2:
If you do not want to receive any other
e-mails from us, please send an empty e-mail
to [email protected]
In both cases, the e-mail marketing soft
ware analyzes the incoming e-mails and
deletes the corresponding recipients from
the distribution list.
Unsubscribes by e-mail are also used for the
so-called “list unsubscribe.” Unfortunately,
this is not yet standard and thus only a few
e-mail program and web mailers currently
offer their users this additional service.
The way it works is pretty straightforward.
The sender not only integrates the unsubscribe link in the content of its newsletter,
but also stores it additionally in the e-mail
header. The e-mail program or the web mailer then provides an extra button for unsubscribing. If the recipient clicks on it, an
e-mail is automatically sent in the background to an e-mail address provided by the
sender for this purpose and the newsletter
is unsubscribed. Advantage of this variant:
The “unsubscribe” button has a fixed place
in the e-mail program and applies to newsletters of all senders who support the “list
unsubscribe” method. A search for the
unsubscribe link in the newsletter is thus
no longer necessary.
In addition, there must be the possibility
of also correctly processing unsubscribes
via other means. If a user therefore sends
an informal e-mail in which he or she asks
to be deleted from the distribution list,
it should be guaranteed that this inquiry
is read and processed promptly.
Companies who are in contact with their
customers via a call center or hotline must
ensure that unsubscribes that are received
over the phone are processed promptly and
are not simply “lost.”
The variant of also offering an unsubscribe
form on the website in addition to the
subscribe form and in which the user enters
his or her e-mail address is not to be
21
recommended (or is at best suitable as a
supplement). Reason: Many users have their
e-mails redirected from one e-mail account
to another and in cases of doubt, no longer
know which of their various e-mail addresses they used to subscribe. Some users will
therefore be unable to unsubscribe, which
harbors potential for frustration.
However, it could be even worse.
An example:
In order to unsubscribe to the xyz newsletter,
please log in with your user name and
password under www.xyz.com. Then access
the area “My profile” and remove the tick
next to “Newsletter” in the section “E-mail
settings.”
Such a procedure is firstly complicated and
secondly there is a high probability that a
not-to-be-underestimated percentage of the
users have already long forgotten their original registration data.
Checklist
✔ Was the unsubscribe option pointed out
when consent was given?
■ Yes ■ No
✔ Is reference made on all online and offline
forms to the unsubscribe option?
■ Yes ■ No
✔ Does each commercial e-mail sent contain an unsubscribe option?
■ Yes ■ No
✔ Is the unsubscribe directly possible (without double opt-out or mandatory login)?
■ Yes ■ No
✔ Is the address deleted promptly from the
distribution list after unsubscribing?
■ Yes ■ No
22
✔ Is it ensured that cancellations received
via other channels are also handled
promptly?
■ Yes ■ No
3.2.Are inquiries and complaints
responded to?
E-mail advertising is dialog marketing. It is
therefore particularly important that inquiries and complaints are answered quickly.
Particularly because e-mail marketing is
such a fast medium, companies should not
allow themselves any negligence here. Twenty-four hours are usual.
People who make complaints or give
feedback fundamentally have a great
interest in the company:
W
hen complaints are recorded and processed properly, they can even be turned
into their opposite (goal: satisfied customer).
F eedback of any kind also always helps an
improvement process – what is done well
at the company, what is done less well?
F eedback can pave the way for specific
business: Particularly with e-mails, many
people are used to simply pressing “Reply.”
A company should not waste this opportunity for dialog.
Responses to e-mailings are received by a
company via several channels:
1.
With every e-mailing, there are returns –
holiday announcements and other auto
responders (e.g. “I have changed departments, Mr. Miller is now responsible”),
notifications of undelivered messages,
confirmations of receipt, “genuine”
replies, etc.
2.
“Genuine” e-mail responses that are
received via the published support
e-mail address.
3.
Responses by other means, such as
telephone, fax, letter, or lawyer.
Virtually all modern e-mail marketing
systems filter holiday announcements,
bounces, etc. out automatically and process
these e-mails further (e.g. bounces are
blocked from further mailings). The challenge in this case is to filter “genuine” responses. This can be done manually or automatically. Under no circumstances may the content of the mailbox be simply deleted for
the “reply to” address.
The “genuine” responses filtered in this way
can now be processed in exactly the same
way as the responses that are received via
the normal support e-mail addresses.
Text components that provide answers to
the usual standard questions are recommended. In order to make the processes of answering several 10,000 e-mails in places
manageable within a short period of time,
there are special response management
systems. It is a philosophy matter whether
to give preference to fully automatic
systems with “artificial intelligence” or more
to “rule-based systems” that support the call
center agents but do not replace them. As
a rule, customers tend to react testily when
they receive a response that has (apparently) been generated automatically. The more
precisely the subject of the question is
addressed, the more likely the customer is
to be satisfied.
In rarer cases, recipients use communication
possibilities other than e-mail. In this case,
they primarily use the telephone. It is decisive that the call center agents have access to
the e-mail database so as to at least be able
to definitively answer the most important
questions (“Where did you get my address
from?”, “Please do not send me any further
e-mails!”).
In both cases (the electronic feedback and
the feedback by other means), it is decisive
that the processes for responses and complaints are defined and documented. The
speed of the response is of particular importance – with the fast medium of e-mail the
expectation is 24 hours.
Checklist
✔ Is a support address given in the e-mail
which can be contacted by e-mail or
by telephone?
■ Yes ■ No
✔ Is it ensured that the sender/
“reply to” address works and that
messages addressed to it do not land
in “cyberspace”?
■ Yes ■ No
✔A
re e-mail returns to the sender‘s address
automatically filtered and adjusted to
reflect bounces / holiday notifications?
■ Yes ■ No
✔A
re “genuine” e-mail returns reviewed
and either answered directly or forwarded
to the corresponding departments on a
continuous basis by an AI system or an
employee?
■ Yes ■ No
✔D
oes the call center have access to the
e-mail database, e.g. in order to block
addresses immediately?
■ Yes ■ No
23
✔ Is the call center informed about the
outgoing e-mails?
■ Yes ■ No
✔A
re there checklists and procedures on
how “critical” cases are to be handled?
■ Yes ■ No
✔A
re there analyses on response time and
quality / satisfaction with response?
■ Yes ■ No
✔ Is a demanding benchmark complied
with for the answering of inquiries / complaints (twenty-four hours are usual.)?
■ Yes ■ No
4. Design of the content
4.1.
Is the subject not misleading?
The subject should be brief and informative
and reflect the content of the message. The
recipient can thus recognize the context of
the e-mail quickly based on the subject line.
A concise statement also makes clear that it
is not an automatically generated message.
In particular, the subject line may not be
formulated in such a way that the recipient
does not have any or an incorrect idea of
the commercial character of the e-mail
(Section 6 para. 2 of the Telemedia Act
(TMG)). The subject may not make any
false promises (“profit notification” / “credit
note”) or (false) threats (“criminal proceedings due to breaches of copyright” / “last
reminder”).
The subject
is brief and concise
is associated with the text
d oes not conceal the commercial
nature of the e-mail
24
d oes not have any typical spam words,
capital letters or special characters
In addition to the sender, the first thing
that the reader sees before he or she opens
the e-mail is the subject line. The recipient
of an e-mail normally decides based on the
subject line whether the topic is interesting
for him/her or whether the e-mail is deleted
unread.
The subject line has the task of making the
recipient curious. It therefore needs to be
kept brief and concise. Where possible, upto-date, practice-oriented or entertaining
statements should be used to give the reader maximum incentive to open the e-mail.
However, it should be ensured that the text
of the e-mail takes up the content of the
subject line and that no false promises are
made: According to the statutory specifications, the topic announced in the subject
line should also be the content of the newsletter. The subject should include a clear and
precise statement about what topic awaits
the recipient; in other words, the statement
should not be concealed. A sender who
when sending out its marketing-oriented
e-mails conceals their true content in the
subject line exposes itself to the risk of a
warning by competitors and a fine (Section
6 para. 2 in conjunction with Section 16
para. 1 of the Telemedia Act (TMG).
If corresponding data are available, the
e-mail recipient can already be addressed
by name in the subject line to give the
e-mail a personal touch. In addition, the
subject can and should be changed with
each issue; nothing is more boring than:
“Your newsletter dated dd.mm.yyyy, issue
437.”
However, sensationalist formulations should
be avoided where possible, otherwise the
e-mail may be classified as advertising or
land in the spam filter. Many systems work
in automated form - they try to detect spam
based on certain formal features, in other
words, e.g. by certain keywords in the text.
So as not to be caught up in the grid of a
spam filter algorithm, words or word components that are predestined to be automatically filtered out beforehand should be
avoided at all cost. Typical spam filters,
such as the widely used SpamAssassin,
use so-called Bayesian filters, i.e. they analyze word frequencies in e-mails. The filter
methods are continuously being developed
further and today take into account very
much more specific information, such
as word combinations (Markow filter) or
information in the header of the e-mail.
Large ISPs also use the statistical
possibilities that arise from the overall
overview of large quantities of e-mail
accounts, such as for instance the spam
marking quota, or different methods for s
ender authentication, such as sender ID or
DomainKeys Identified Mail (DKIM). Another
current trend is the introduction of engagement filtering, i.e. the automated separation
of important and unimportant e-mail communication (e.g. sorted incoming e-mail
with Google Mail).
(“complimentary”), “kostenlos” (“free of
charge”), “Geld” (“money”), or “Glücksspiel”
(“competition”) could also already be
critical.
Typical spam words are deemed to be for
instance: “porn”, “sex”, “offer”, “viagra”,
“free” etc. Although the spam filters have
“learned” a lot over the last few years, it
cannot be ruled out that there is still filtering according to word components.
✔ Is it guaranteed that the subject does
For e-mail marketers, this means:
U
se where possible of all technical measures to authenticate the sender
D
ifferentiation from spam with regard to
content and design: Avoidance of excessively sensationalist spam keywords; no
e-mails that have virtually no text and
only consist of a picture
E asy option of unsubscribing or configuring the newsletter subscription
C
ritical review of the activity of an e-mail
distribution list; consistent removal of
inactive recipients
In this context, e-mails should also only be
sent via reputable mail servers, i.e. either via
the company‘s own mail server or via that of
a recognized e-mail service provider - ideally via a CSA-certified sender (more on this
in this booklet in the chapter “Certified Senders Alliance”).
Checklist
✔ Is the subject brief and concise?
■ Yes ■ No
✔ Is the subject connected with the text?
■ Yes ■ No
not conceal or dissimulate the advertising
nature of the message?
■ Yes ■ No
✔ Is the use of typical spam words
dispensed with in the subject line?
■ Yes ■ No
Caution is also advised with German terms.
For instance, words such as “umsonst”
25
✔ Is the use of capital letters or special
characters dispensed with in the subject
line?
■ Yes ■ No
✔A
re test accounts used to check the
delivery?
■ Yes ■ No
✔ Is a reputable e-mail service provider
used to send out the e-mail?
■ Yes ■ No
4.2.Is the sender clearly
discernible?
The most important rule is a clearly dis
cernible sender address. The reader should
always be able to discern from the sender
of an e-mail address who sent him or her
this e-mail.
The information regarding the sender is
freely configurable in virtually all programs.
It is impermissible to design the sender
information in such a way that the recipient
does not have any, or only misleading, information about the actual sender (Section 6
para. 2 of the Telemedia Act (TMG)).
The sender
is clearly discernible
c ontains the name of a product,
company or person
c an be reached at any time
26
In the choice of the sender name, it should
first be ensured that the viewer is not misled
with regard to the sender‘s identity. Dis
regard for this requirement stipulated by
law is an offense and can, in addition to
a warning from competitors, result in the
imposing of a fine (Section 6 para. 2 in
conjunction with Section 16 para. 1 of
the Telemedia Act ((TMG)).
The following applies also in the selection
of the sender name: The more similar the
sender is to a typical spam e-mail, the more
likely that the e-mail is classified as such.
Addresses such as [email protected]
are frequently used by spammers; clearly
assignable addresses, such as newsletter@
company.com or [email protected], are usually reputable. In addition,
[email protected] does not particularly generate trust among potential customers and has a low recognition value as
well.
However, addresses, such as the frequently
used [email protected], are also
to be avoided. Here, the company is unmistakably named in the global component
(companyname.com) of the address; however, it is also made unmistakably clear to the
recipient in the local component (noreply)
that he or she does not have to reply to
this e-mail at all.
Consequently, either product names (e.g.
Nivea) or company names (e.g. Post-AG),
in certain cases also names of individuals
if the name (e.g. Bill Gates) is known and
familiar to the clients, or names of individuals in combination with the company name
are recommended as sender addresses.
Another point that should be noted is the
recipient list: An e-mail should always only
be sent to one person; a recipient list as
cc is not advisable and should also not be
visible in the so-called header.
However, the last thing that should be taken
into account is that the choice of sender
can result in a breach of third-party label
rights (in particular trademark and rights
to names). Such cases are also regularly
misleading.
Checklist
✔ Is the sender clearly discernible?
■ Yes ■ No
✔ Is the name of a product/company/
person used?
■ Yes ■ No
✔ Is there a recognition value?
■ Yes ■ No
✔C
an the sender address be reached
(noreply)?
■ Yes ■ No
✔ Is a recipient list indicated?
■ Yes ■ No
4.3.Is the legal notice complete?
The legal notice is an indication of origin
specified in any kind of publication that
includes certain information about – in this
case – the sender. For telemedia services,
service providers must keep this information
easily discernible, directly accessible, and
constantly available (Section 5 para. 1 Telemedia Act (TMG), Section 55 Interstate
Broadcasting Treaty (RStV).
In Germany, Section 5 para. 1 of the Tele
media Act (TMG) and Section 55 of the
Interstate Broadcasting Treaty (RStV)
stipulate that each business-related service
on the Internet must contain a legal notice.
This also applies to advertising e-mails. A
user should thus learn by easy means whom
he or she is dealing with.
The necessary minimum information
in the legal notice is:
N
ame of the sender,
if applicable company name
A
uthorized representatives
(in the case of legal entities)
P ostal address at which the sender
can be summoned (no P.O. box)
T elephone and, if applicable, fax number
or electronic contact form
E -mail address
C
ommercial, cooperative, association,
or partnership register number
N
aming of the publisher (responsible party
pursuant to press law) or person responsible for the content and, with legal entities, that of the authorized representative
If available: VAT identification number
and/or business identification number
The legislator also demands that
the corresponding information is
e asily discernible,
d irectly accessible, and
p ermanently available.
In detail, the laws only stipulate the necessary information but not their formulation:
As a fundamental rule, therefore, you have
the choice whether the legal notice is
attached to the newsletter in full or whether
only a link is sent which leads to a website
with stored mandatory information but
which also has to be clearly marked, easily
visible, and above all functional. With both
options, the position can be freely selected
within the e-mail, although the mandatory
information may not be lost, or even
“hidden”, in any case in the midst of other
information. A disadvantage of a legal
notice that is only reachable via a link
can be the lack of trust: for fear of spam,
27
the link is not clicked. Many spam e-mails
also contain a link to a legal notice, without
there being one connected to it. It is generally advised not to click on links in spam
e-mails. Consequently, a fully written-out
legal notice is an important feature of
reputable e-mails.
In addition to the so-called legal notice,
the mandatory information under commercial and company law must also be taken
into account for e-mails. Whether and
which information is necessary is determined according to commercial and corporate
law. For joint stock corporations (AG), for
instance, other mandatory information
applies as for the sole proprietor or the
limited liability company (GmbH). In all
cases, the decisive factor is that it is a
business letter. This cannot be determined
in general terms for advertising e-mails.
For depending on the design and personalization, an advertising e-mail could also be
classified as a business letter. If there is an
obligation to provide this information, a link
to the Internet site should not be sufficient.
These regulations had been the focus of
discussions in January 2007 because the
legislator clarified that the provisions under
commercial and corporate law also apply
to e-mails; this clarification was the subject
of hefty discussions under the keyword
“EHUG.”
28
Sample legal notice
Anycompany Ltd
Represented by the managing director
John Anyman
1 Any Street
Anytown, AB 12345
E-mail: [email protected]
Phone: 0123-45 67 89
Fax: 0123-65 43 21
VAT ID: DE 123456789
Sample Local Court, HRB 1234
Published by the Sample Communication
division
Checklist
✔A
re the name of the sender, company
name if applicable, indicated?
■ Yes ■ No
✔A
re the authorized representatives
indicated in the case of legal entities?
■ Yes ■ No
✔ Is a clear postal address indicated?
■ Yes ■ No
✔ Is a telephone and a fax number if
applicable or contact form indicated?
■ Yes ■ No
✔ Is there an e-mail address?
■ Yes ■ No
✔ Is the publisher named?
■ Yes ■ No
✔ Indication of the commercial, cooperative,
association, or partnership register
number?
■ Yes ■ No
✔ Is the VAT identification number
indicated?
■ Yes ■ No
✔ Is the legal notice directly available
even without clicking on a link?
■ Yes ■ No
5.Contract data processing –
what needs to be noted
If an e-mail marketing company provides its
customers with technical services (e.g. data
hosting and database services) as an application service provider (ASP) for the drafting, implementation, administration, and
analysis of personalized marketing measures,
the regulations regarding contract data processing pursuant to Section 11 of the Federal Data Protection Act (BDSG) are to be
complied with.
As of 01.09.2009, new provisions regarding
contract data processing entered into
force in the course of the amendment to
the Federal Data Protection Act (BDSG).
Through the redesign of Section 11 para. 2
of the Federal Data Protection Act (BDSG),
according to the grounds for the law,
“the statutory requirements of the contract
design should be easier to discern in order
to ensure greater legal certainty for the
contractors and clients and supervisory
authorities involved.” In addition, the client
(customer) must now be convinced for the
first time “before the start of the data
processing and then regularly” of the compliance of the technical and organizational
security measures taken by the contractor
(ASP) pursuant to Section 9 of the Federal
Data Protection Act (BDSG) and Appendix.
The result of this review is to be documented.
The following points are to be noted by
the contractor and client in contract data
processing:
(1)The client remains the responsible party.
(2)A careful selection of the contractor is
necessary.
(3)Written award of contract and detailed
statements are mandatory. The minimum
requirements for the content of a written agreement regarding contract data
processing are specified by law in
Section 11 para. 2 no. 1 to 10 of the
(4)Control obligation on the part of the
client is stipulated.
(5)Documentation and implementation of
the technical and organizational measures for data protection and data security
pursuant to Section 9 sent. 1 of the
Federal Data Protection Act (BDSG)
and Appendix. There, the eight types of
control (e.g. access control, forwarding
control, availability control, etc.) to
ensure data protection and data
security are defined.
(6)The client should have appointed a data
protection officer pursuant to Section
4f of the Federal Data Protection Act
(BDSG). This obligation applies to
address trading companies and market
and opinion research institutes irrespective of the number of persons employed
there (Section 4f para. 1 sent. 6 of the
It should be noted in particular that
the commencement of the contract
data processing is not sufficient. The
legislator makes provision for a special
agreement for each order.
29
If an order is issued incorrectly, incompletely, or not in the specified manner or if the
client is not convinced before the start of
the data processing of the compliance of the
technical and organizational measures taken
by the contractor, the client can have a fine
of up to EUR 50,000 imposed on it pursuant
to Section 43 para. 1 no. 2b in conjunction
with Section 43 para. 3 of the Federal Data
Protection Act (BDSG).
Checklist
✔W
as there a careful selection of the ASP,
taking into account the technical and
organizational measures planned by it?
■ Yes ■ No
✔D
oes the ASP have a data protection
and data security concept?
■ Yes ■ No
✔D
oes the data protection and data security concept meet the requirements of
Section 9 of the Federal Data Protection
Act (BDSG) in addition to its Appendix
and the technical and organizational
measures defined therein for the provision of data protection and data security?
■ Yes ■ No
✔D
oes the ASP have a data protection
officer and are his/her contact details
known?
■ Yes ■ No
✔H
ave the employees of the ASP been
obligated to data security pursuant to
Section 5 of the Federal Data Protection
Act (BDSG) and have they been informed
and trained with regard to compliance
with data protection and data security?
■ Yes ■ No
✔H
as a written contract been concluded
for contract data processing?
■ Yes ■ No
30
✔D
oes this contract correspond to the
data protection law requirements and
in particular to the content requirements
of Section 11 of the Federal Data
Protection Act (BDSG)?
■ Yes ■ No
✔A
re there regular documented checks of
the implementation and the compliance
with the agreed technical and organizational measures to provide data protection and data security?
■ Yes ■ No
6.Sample cases for
permissible optimization
in e-mail marketing
6.1.Statistical analysis and
measurement of user
behavior: Usage profiles
One of the most decisive benefits of digital
marketing is the measurability of recipient
reactions. For instance, it can be traced
relatively easily in e-mail marketing whether
(and by whom) e-mails or links are clicked
on (and of course also which ones). Intelligent marketing campaigns with manageable
cost can thus be automated, e.g. by writing
to recipients again who did not reply to a
certain e-mail.
To begin with: The measurement of performance indicators (such as opening and click
rate) does not require any express consent
from the user as long as the response data
determined are anonymous, i.e. do not permit any inference with regard to the identity
of the individual recipient. Pseudonymous
measurement (in other words “anonymous
with inference option”) is possible until
revocation by the individual (Section 15
para. 3 of the Telecommunications Act
(TMG)) but the pseudonymous data may
then not be merged with data about the
identity of the tracked persons, either currently or later. Pseudonymous form does
not therefore offer any practical benefit.
Obstacles with personal tracking
Technically, personal tracking is relatively
easy to implement but in Germany it entails
data protection law obstacles. As soon as
personal data are to be used, the submission
of a corresponding consent is required.
Examples of personal data of a recipient in
tracking are whether and when he or she
h as opened a certain e-mail,
h as clicked on any or a certain link,
h as visited the linked website via a
newsletter and what pages he or she
visited,
h as purchased an advertised product
or (and where or when) canceled the
purchased product.
The list can be extended as required.
The fundamental criterion is whether the
individual person (at reasonable cost) can
be identified (then personally) or not (then
as a pseudonym or anonymously). With
some details (e.g. the information which
e-mails were sent to a certain recipient), the
personal link is disputed with the argument
that these are not details about the person
but rather about the advertising company.
In cases of doubt, the advice of an expert
should be sought.
The valid declaration of consent
to personal tracking
Usually, the consent to personal tracking
will be given in electronic form, e.g. in
connection with an online subscription to
a newsletter. In principle, the same requirements apply to the validity of this declaration as to the consent to the newsletter.
It should be noted that this consent must
be given separately from the consent to the
newsletter subscription (a check box may
not be pre-clicked here either). In addition,
the consent text used (as with the consent
to the newsletter, too) must be clear and
easy to understand. The consenting party
must be able to revoke at any time and be
informed how he or she can do so (Section
13 para. 2 and 3 of the Telecommunications
Act (TMG)). Consent texts hidden in the
“General Terms and Conditions of Business”
or in “data protection information” are
advised against; there, they not only have
to be particularly highlighted (Section 28
para. 3a sent. 2 of the Federal Data Protection Act (BDSG)), they can also be invalid
nevertheless for various reasons (particularly
surprise and inappropriate disadvantage
(Sections 305c, 307 of the German Civil
Code (BGB)).
What a declaration of consent to
personal tracking can look like
The text that can be used in addition to the
consent to the newsletter could be roughly
formulated as follows:
■ ” Yes, I am in agreement that X GmbH
sends me advertising e-mails. I can revoke this consent at any time by clicking on
“unsubscribe” which I will find in every
advertising e-mail.
31
■ I also permit X GmbH to track my e-mail
click behavior in order to provide me with
offers and content that match my click
behavior. I can revoke the consent to personal click tracking by sending an e-mail
with the subject “Revoke” to [email protected].”
Caution:
W
ith this separation, you need a separate
revoking procedure for the click tracking.
Otherwise, you run the risk that a revocation of the click tracking also cancels the
consent to the sending of e-mail.
H
ere, you see a check box only for the
click tracking. This is correct because this
part is offered as an option. In this case,
the click tracking makes no sense without
the sending of e-mails.
Persons who have only given the newsletter
opt-in but not the express consent with
regard to data protection, can receive
e-mails but may not be profiled with
behavioral data such as openings or clicks.
Here, it is to be guaranteed with technical
means that the data processing in the
e-mail marketing system can clearly
differentiate between persons who have
agreed to personal profiling and those
who have not agreed to it.
Checklist
✔ Do you need and do you have consent
for personal tracking?
✔ Does your declaration of consent have
32
transparent answers to “who”, can do
“what,” “how,” and “for what?
✔ Do you inform the consenting party that
and how he or she can revoke his or her
consent?
✔ If you had to, could you prove the
consent from each individual subscriber?
6.2.Performance increase in
e-mail marketing: Legal
opportunities and boundaries
Transparency in the registration
process for greater customer satisfaction and improved response
Many companies still try to tempt and retain
their customers and newsletter subscribers
with a non-transparent subscribe and
unsubscribe process. However, complex processes are not only impermissible under data
protection law, they also result in great dissatisfaction among recipients. Ever more
often, such senders are being marked as
spam, by the e-mail provider itself as well,
or deleted by the recipients without being
read. This then results in a lower response
and difficult-to-refinance costs for the
generation of leads.
The principles of active consent and voluntary nature, established in legal text, are
therefore not only decelerating regulations
for advertising companies, they also equally
ensure the protection of the consumer and
effectiveness in e-mail communication.
There are many ways of increasing transparency in e-mail marketing. These include
not only the clear communication of the
newsletter offering (what is sent how often)
but also the option of facilitating subscribing and unsubscribing at any time with few
obstacles. In particular for companies with
several newsletters, it lends itself to manage
the registration process via a single administration page. The reader can conveniently
manage his or her subscriptions via this
page. Via different tabs, he or she can
change to the respective subscription or
subscribe or unsubscribe to it. The basic
settings, such as name, address, and e-mail
address are managed in the header part of
the page. There is also the possibility here
of activating a holiday function. The entire
e-mail delivery can be interrupted for a
freely selectable period of time.
There are diverse options for individualization and personalization in e-mail marketing.
For example, newsletters can be adapted
to the precise interests of the subscribers
through individualization of the content.
Themed articles are prioritized according to
the click frequency. The more often a reader
therefore clicks on an article in a section,
the further up the thematic block appears
in the next mailing.
This page is accessible via the corresponding
Internet page and via the link necessary
pursuant to Section 7 para. 2 no. 4 of the
Act Against Unfair Competition (UWG) for
unsubscribing in each e-mail. Such an administration page ensures with transparency
and user friendliness greater satisfaction for
the reader, greater involvement, and thus
results in higher response rates. In addition,
enormous cross-selling effects are realized
through the overview of all newsletters
offered, meaning that new services are also
advertised and new subscribers can be
acquired without additional costs.
Thanks to this approach, a renowned media
group was able to acquire 1400 readers in
4 months for a new newsletter and achieved
on average an opening rate of 48% and a
click rate of 13%. In addition, the number
of average subscriptions per recipient was
increased from 1.37 to 2.03 (+48%).
Nürburgring Automotive GmbH has already
used this possibility of profiling and content
individualization. All links of the regular
newsletter are endowed with tags that
reflect the topic of the article, e.g. [motorsport]. With the help of the tags, anonymous interest profiles were created over a
lengthy period of time. Those who click more
frequently in the motorsports articles offered, apparently have a measurably higher
interest in motorsports. The newsletter is
then created once with all its articles; the
articles are only assigned the individual
themed categories (e.g. motorsports or tourist trip). The template automatically compiles the individual newsletter; each contains
the same articles, only their order depends
on the individual interest. Those who are
most interested in motorsports will receive
the motorsports articles with priority.
Greater relevance through
individualization
Relevance is always one of the most
important factors in online marketing.
The more individual and useful an e-mail
is, the most interesting it is for the recipient.
The probability of a purchase is correspondingly higher.
33
Driving experience
Depending on themed category, Nürburgring
Automotive GmbH thus achieved a click rate
that was up to 74% higher. The content thus
actually became substantially more relevant
and wastage was reduced.
Of course, the possibilities of profiling
and individualization depend on how much
information is available about the recipient.
As this information is mostly personal data,
the legislation makes provision for some
regulations here. The use of click frequencies
for the personal prioritization of content
pursuant to Section 15 para. 3 of the Telemedia Act (TMG) is only legally permissible
if either the recipient has consented to the
saving of the click profile, or this was collected in anonymous form or with a pseudonym and was not merged with recipient
data (see also previous section). During the
collection of his or her data, the person
concerned was informed about his or her
right of objection pursuant to Section 13
para. 2 no. 4 of the Telemedia Act (TMG)
and pursuant to Section 94 no. 4 of the
Telecommunications Act (TKG). In the case
of anonymous analysis, no consent under
data protection law is required as in this
case it does not involve personal data.
Conclusion
The starting point for a high-performance
e-mail campaign is first of all a wellmaintained database. Subscribe and unsubscribe processes must be designed in a
transparent manner in order to avoid inactive addresses and retain the subscribers in
the long term through a high degree of
customer satisfaction.
However, in order to generate not only
high opening rates but also further response,
the sender has to be relevant. In addition
to useful content, this particularly includes
a high degree of individualization for the
satisfaction of personal requirements. Maximum efficiency in e-mail communication is
34
also reached through automation of processes. This makes e-mail marketing professional and successful.
7.What needs to be noted in
other countries in e-mail
marketing
7.1.The legal aspects in
Switzerland
Whereas the sending of advertising e-mails
has long been strictly regulated in the EU
and particularly in Germany, the Swiss legislator did not create corresponding specific
statutory bases until 2007. These regulations
are firstly to be found in the Act Against
Unfair Competition (UWG, Art. 3 ), and
secondly in the Telecommunications Act
(FMG, Art. 45a). The Act Against Unfair
Competition (UWG) fundamentally regulates
the conditions for the sending of commercial
e-mails. The Telecommunications Act (FMG)
records which measures the telecommunications provider has to take to combat spam.
Since recently, the state itself (State Secretariat for Economic Affairs, SECO, www.
seco.admin.ch) can also take measures
against spammers at home and abroad if
enough people complain.
However, the Swiss regulations are by far
less detailed as e.g. the German ones and
therefore leaves more room for interpretation. What is really permitted now, and what
isn‘t?
Mailing of advertising e-mails to
non-customers
The “mass mailing of advertising via the
Internet or telecommunication services”
is legally permissible if the following
requirements are met:
B
efore receiving the e-mail, the recipient
has given his or her express consent (optin principle), whereby the consent may not
be obtained via telecommunications media,
such as e-mail, SMS, or fax (see also
“registration methods”).
T he sender is clearly recognizable. Its
address is correctly given; its identity
is not hidden or falsified.
E ach advertising e-mail contains a clearly
discernible, free-of-charge, and simple
unsubscribe option (opt-out principle,
e.g. unsubscribe link with confirmation
of unsubscribe, possibly link to online
unsubscribe form).
Mailing of advertising e-mails
to existing customers
The mailing of advertising e-mails is also
permitted if the recipients are the
company‘s own existing customers. Recipients are deemed to be “own existing customers” if the following conditions are met:
T here is a commercial relationship to the
recipient (the customer has already
purchased a service / a product).
T here is a link between the service
purchased at a particular time and
the service advertised (advertising of
comparable products or services).
N
o third-party services are advertised.
35
With the mailing of advertising e-mails to
existing customers, the sender must be
clearly discernible, and each e-mail must
contain an easy-to-find, free-of-charge
unsubscribe option (see above).
Methods of registration
In order to comply with the opt-in principle,
there are the following online registration
methods in e-mail marketing:
S ingle opt-in:
The subscriber registers online expressly
by clicking on a corresponding check box
and entering his or her e-mail address (and
possibly further data). The registration is
merely confirmed to him/her on a following page of the registration page. This
method of registration is fundamentally
advised against.
C
onfirmed opt-in:
The subscriber registers online expressly
by clicking on a corresponding check box
and entering his or her e-mail address
(and possibly further data). The registration is firstly confirmed on the following
page and secondly re-confirmed by e-mail.
Confirmed opt-in is the usual and most
prevalent registration method in
Switzerland.
D
ouble opt-in:
The subscriber registers online expressly by
clicking on a corresponding check box and
entering his or her e-mail address (and
possibly further data). The new subscriber
immediately receives an e-mail with a reconfirmation link. The registration is not
deemed to be completed until the subscriber has clicked on the confirmation link.
Due to its clear transparency, double optin is the only recommended method of
registration.
36
The Swiss legislator has refrained from regulating the form and provability of the registration; the sender is therefore fundamentally free to choose one of the registration
methods described above in order to collect
the subscriber data. The only mandatory
requirement is that the recipient “expressly”
gives its consent. The registration may
therefore not be implicitly accompanied by
another consent, e.g. consent to the General
Terms and Conditions of Business (T&Cs).
Most Swiss companies use “confirmed optin” as the method of registration. The disadvantage of this registration method is the
lack of provability that the subscriber has
really registered himself/herself for the
receipt of the e-mails.
The same applies for the collection of offline
registrations (e.g. at trade fairs, by telephone, or via physical registration forms in the
sales store); there is no regulation that stipulates the provability and storage obligation of offline registrations.
Purchased addresses do not comply
with the opt-in principle
Conversely from the previous statements,
the answer to a frequently asked question
arises: “Is it permitted to send e-mails to
purchased / rented addresses?”
The answer is “not usually.” Purchased
addresses are firstly not existing customers,
and secondly the principle of express consent does not apply either in most cases. The
recipient can only give his or her express
consent if at the time the consent is given,
he or she knows who will send him or her
which information in the future.
E-mail addresses that are offered for rent or
purchase are normally collected via unspecific competitions or surveys. When entering
his or her e-mail address, the user then
agrees that his or her data “may be used by
the commissioned service providers for market research, target group and customer
profile analyses, and advertising.” However,
this description does not in any way correspond to an express consent as the user at
the time of his or her subscription is not
familiar with the advertisers summarized
under “commissioned service providers” or
their products.
We expressly issue a warning here against
the purchase or rental of e-mail addresses.
Here, it is also worth considering that readers who receive an e-mail because they
gave their consent to the usage of the data
a long time ago via an unspecific survey,
will tend to react negatively from the outset
to e-mails that they are not expecting.
Caution: Market place principle
As already mentioned, Swiss legislation is
less detailed than that of Germany. It is
therefore comprehensible that most Swiss
companies do not heed the more detailed
foreign specifications.
However, there is a not entirely harmless
drawback that Swiss companies should be
aware of: If a Swiss company sends e-mails
to recipients abroad, it is fundamentally
subject to foreign (and thus mostly more
detailed) law pursuant to the principle of
“market place principle.”
What does the term “market place
principle” mean?
The market place is the place at which
influence is to be exerted on the recipient
from a marketing perspective. Indications
of the market place are:
C
ountry code of the e-mail address,
L anguage of the e-mail,
C
ountry reference of the advertised
product (e.g. German Internet sites)
If the definition above is strictly applied,
it must be assumed with subscribers for a
German-language newsletter that they can
also come from Germany. As a mandatory
field during registration, only the e-mail
address can thus be collected, and the company is obligated to be able to prove the
registration – irrespective of whether it was
completed offline or online – in a credible
and seamless manner.
Of course, factors, such as the size of the
advertising company and the question of
whether the company operates at a regional,
national, or even international level, play a
major role in the question regarding the
importance of this regulation. With a purely
locally active small company, it is therefore
probably only to be assumed in the rarest of
cases that customers from Germany subscribe to the newsletter, then “forget” it, and
subsequently complain about the unsolicited
sending of e-mails.
However, every company that wants to use
the benefits of e-mail as a medium to
acquire and retain customers should consider in detail whether it wants to “only” be
right at the limit of the statutory specifications with regard to its communication
37
policy, or whether the fundamentally positive agreement with (potential) customers
should set the signal for the communication
instead.
Those who willfully commit unfair competition pursuant to Article 3 of the Act Against
Unfair Competition (UWG) will on request
be punished with a custodial sentence of up
to three years or with imprisonment or with
a fine of up to CHF 100,000. (Art. 23 of the
Act Against Unfair Competition (UWG)).
However, to date there has been no legally
binding ruling in Switzerland in this regard.
It is only important what is the law
Much more serious than the fact that the
implementation of the still relatively young
Swiss spam law is more theory than practice
is the fact that (potential) customers who
feel “spammed” demonstrably and very
quickly develop a defensive attitude towards
the advertising company.
Therefore, it is indeed recommended for
Swiss companies that they comply with the
substantially more detailed legal bases in
Germany and the double opt-in procedure;
this firstly ensures that all subscribers,
whether they come from Switzerland or
neighboring countries, are written to in a
legally compliant manner. Secondly, the
recipient base may possibly remain slightly
smaller due to the use of the double opt-in
registration method, but really only includes
the readers who are really interested in the
sender‘s offer and will also react accordingly
to its e-mails.
38
The following checklist shows which conditions a company must meet in the mailing of
marketing e-mails in Switzerland, and which
it also is advised to meet voluntarily. The
checklist is not to be viewed as exhaustive.
Particularly for medium-sized and larger
companies, it is also recommended to use a
specialist in communication law for the formulation of the e-mail marketing guidelines.
Checklist
✔C
orrect and unmistakable sender address
(true identity)
Mandatory
✔P
rior express consent or existing
commercial relationship to the recipient
(recipient is customer)
Mandatory
✔ E asy and highly visible rejection option
for future mailings (the same means
of communication, no further costs);
e.g. unsubscribe link, unsubscribing by
e-mail reply
Mandatory
✔O
nline consent: Check box that reflects
the consent to receive the advertising
e-mails of the sender must be expressly
clicked (no already pre-marked check box)
Mandatory
✔U
nsubscribed recipients will no longer
receive mailings
Mandatory
✔ E -mails to existing customers:
No delivery of third-party advertising
without their express consent being
obtained beforehand.
Mandatory
✔ E -mails to existing customers:
No advertising of own products/services
without the corresponding express
consent being obtained beforehand.
Recomended
✔C
omplete legal notice with offline
contact option (address, telephone
number) and guarantee of the sender
being available
Recomended
✔O
nline registration solely via double
opt-in (traceability!)
Recomended
✔o
nsent obtained offline is saved/filed
(traceability!)
Recomended
✔D
ispensing with sending e-mails to
customers whom you have had no
contact with for a lengthy period of time.
Recomended
Other useful information on the topic:
Website of the Federal Data Protection
and Information Commissioner (FDPIC):
http://www.edoeb.admin.ch/datenschutz/00683/00803/00816/index.
html?lang=de
http://www.edoeb.admin.ch/dokumentation/00612/00660/00687/index.html
www.kommunikationsrecht.ch
7.2.
The legal situation in Austria
According to Austrian law, the legal framework for e-mail marketing is spread across
various statutory regulations which are
based in part, like the German regulations,
on an EU directive. The practical implementation of these regulations deviates considerably in part from German law. The following overview is limited to the Austrian
regulations on the unsolicited sending of
electronic mail. Special regulations in sector
and industry-specific laws are not examined
in this overview. Data protection law is not
examined separately either. There are parallels between Austrian and German data
protection law, whereby Austrian law does
not foresee any special equivalent to the
data protection provisions in the German
Telemedia Act (TMG).
Introduction
The obstacles for the permissible sending of
electronic mail are set out in Section 107
para. 2, 3, and 5 of the Telecommunications
Act 2003 (TKG 2003). E-mails to consumers
(B2C) and companies (B2B) are affected by
these provisions. Accompanying provisions
are contained in the E-Commerce Act (ECG).
Permissibility of e-mail marketing –
principle of opt-in
Like German law, Austrian law makes provision for an “opt-in procedure” in principle.
According to Section 107 para. 2 of the
Telecommunications Act (TKG) 2003,
consent is required from the addressee
of the e-mail to the mailing if
t he mailing is done for direct advertising
purposes or
is addressed to more than 50 recipients.
The Austrian courts define direct
advertising in a similarly generous manner
to the German courts so that in particular
newsletters are covered.
The consent required in accordance with
this, like in German law, must be obtained
before the e-mails are sent out. The burden
of proof for the existence of consent from
the recipient lies with the sender of the
39
e-mail. This results in the obtaining of the
consent having to be organized in such a
manner that it is provable. Comparable problems of proof arise here in Austrian and
German law. The double opt-in lends itself
here in which, for instance after the subscription to a newsletter, an advertisingfree e-mail is sent with the question as to
whether the recipient really does want to
subscribe to the newsletter. The resulting
confirmation is relevant.
Permissibility of e-mail marketing –
“opt-out” as an exception
Section 107 para. 3 of the Telecommunications Act (TKG) – comparable to the German
Section 7 para. 3 of the Act Against Unfair
Competition (UWG) – makes provision for
an exception to the opt-in principle with
existing customer relationships. The background to this is that both the Austrian
and the German regulation are based on a
European directive.
40
An exception to the need for consent
exists pursuant to Section 107 para. 3 of
the Telecommunications Act (TKG) 2003 if
t he sender has received the contact data
in connection with a sale or a service to
its customers,
t he message is sent to directly advertise
the company‘s own similar products or
services,
t he recipient has, during collection and
also during each transmission, the possibility of rejecting this contact free of charge
and easily,
and
t he recipient has not rejected the mailing
from the outset, in particular not as the
result of entry in the list named in Section
7 para. 2 of the E-Commerce Act.
Said requirements must all be met at the
same time. If one of the requirements is
not met, the exception does not apply and
consent is necessary.
Rejection from the outset – the last named
requirement – must not necessarily have
been declared to the sender. The objection
can also be given by entry in the list named
in Section 7 para. 2 of the E-Commerce Act
(ECG), the so-called “ECG List.” Consequently, at least a comparison with this “blocked”
list is necessary before each mailing. This
list is kept by Rundfunk und Telekom Regulierungs-GmbH (RTR-GmbH). The list can
be requested in electronic form from RTRGmbH. There are three variants for the
comparison of this “ECG List” (status
05/06/2011: http://www.rtr.at/de/tk/
NutzenECG). With all methods, it should be
ensured that the registered parties are not
named to the potential sender with their
plain-text names.
Requirements with regard to
content
With direct advertising, according to Section
107 para. 5 of the Telecommunications Act
(TKG) 2002, the identity of the sender or the
client of the e-mailing may not be concealed
or dissimulated. In addition, according to
Section 107 para. 5 of the Telecommunications Act (TKG) 2003, each individual e-mail
must always include an authentic address
to which the recipient can address a request
for the suspension of such messages. This is
comparable to the German Section 7 para. 2
no. 4 of the Act Against Unfair Competition
(UWG).
According to the Austrian Section 24 of
the Media Act (MedienG) and Section 5 of
the ECG, a legal notice is to be inserted.
Possible sanctions
A special characteristic in Austria is that in
Section 109 para. 3 no. 20 of the Telecommunications Act (TKG) 2003, a determination of the administrative offense is provided
for, according to which those who send
e-mails in contravention of Section 107
para. 2 or 5 of the Telecommunications Act
(TKG) 2003 can be punished with a fine of
up to EUR 37,000.00. In addition to willful
intent, negligence is also sufficient to initiate the sanction. Negligence is automatically
assumed when the prohibition norm is
exceeded. In practice, this results in the
sender itself having to become active to
discharge itself. For this purpose, facts must
be submitted and evidence furnished.
General assertions are not sufficient to
nullify the assumption of negligence. The
occurrence of a risk or damage is not a
requirement. Repeated offense can increase
the fine pursuant to Section 109 para. 5 of
the Telecommunications Act (TKG) 2003.
As in Germany, there is also the threat of
claims for injunctive relief or compensation.
The reaction to such claims, in particular
to warnings, is similar to that in Germany.
Nevertheless, however, checking and appraisal should be done in all cases by a specialist as there are deviations from German law.
In particular, there is the risk that the costs
to be reimbursed to the counterparty are
higher than in Germany.
Both private individuals and commercial
companies who are the recipients of the
e-mail can file a claim for injunctive relief
arising from Section ABGB (Austrian Civil
Code) which is based on the breach of the
general privacy right due to breach of
privacy.
In particular, competing companies - competitors of the sender - can file a claim
against the sender pursuant to Section 14
para. 1 in conjunction with Section 1 of the
Austrian Federal Law Against Unfair Competition (UWG) for injunctive relief and pursuant to Section 16 para. 1 of the UWG
for damage compensation in the event of
culpability.
8.Our recommendation:
Certified Senders Alliance
The central white list “Certified Senders
Alliance” (CSA) launched by eco - Association of the German Internet Industry and the
German Dialog Marketing Federation 2004
offers commercial mass senders and companies an effective solution for avoiding delivery problems in their e-mail campaigns.
The positive list ensures that recipients also
receive e-mails that they have requested
or require for a transaction. Primarily mass
mailings, such as newsletters, and also
transaction e-mails, frequently land, possibly filtered out by the spam filters by mistake,
in the spam folder (so-called false positives)
and thus normally remain hidden to the recipient. For the companies concerned, this
can result in slight loss of earnings, and in
an annoying experience for the user.
This can primarily be combated in the mass
senders - each for themselves - contacting
the individual Internet service providers
and substantiating the lawfulness and
trustworthiness of their mailings. In practice, this approach requires substantial
resources and costs in places, both among
the ISPs and the sending companies.
Secondly, the requirements vary between
providers; changing contact persons also
41
make this process difficult. These circumstances demand a joint point of contact in
order to centralize the inclusion of mass
senders in a positive list and to establish a
standardized procedure that guarantees a
consistently high level of quality and, very
importantly, is endowed with an efficient
complaints management. With the CSA
white list, ISPs can optimize the delivery
of incoming e-mails to their customers in
order to continue to protect them effectively against spam. With a CSA certification,
senders ensure that they identify themselves
as trustworthy and reputable towards the
ISPs affiliated with the CSA and thus avoid
delivery problems as the result of a poor
reputation.
The CSA-certified senders are subject to
strict approval criteria. Certified service providers also forward the CSA criteria via their
general terms and conditions of business to
their customers. The approval criteria require
the fulfillment of high technical standards
and legal specifications that the CSA develops together with the participants in a
continuous process. In addition, there are a
number of mechanisms that prosecute the
breaches by senders against the existing
rules. The certification and complaints
committee monitors the inclusion of new
senders and the compliance with the rules.
The operational experience to date shows
that the high requirements are paying off.
The number of incoming complaints is –
when viewed relative to the dispatch volume
of the certified senders - gratifyingly low. In
individual cases, however, the certification
and complaints committee must impose or
confirm sanctions in order to preserve the
quality of the white list. In turn, these sanctions help the sender concerned to identify
42
and eliminate weak points in its own
processes or those of its customers and thus
avert greater damage in a timely manner.
In order to preserve the high quality of the
white list, not only the legally impeccable
audit and its control over the complaints
management are necessary. In addition, the
technical criteria also have to be reviewed
on a regular basis. Thus, the most important
criteria of the sending mail servers are
reviewed automatically on a daily basis and
recorded in a report. This report also contains additional tests on whether there was
anything negative noticeable in the sending
characteristics of the mail servers, both to
provide information to the certified senders
but also to gain indications of problems
during sending. This is therefore also an
additional added value that participation
in the CSA offers.
Technical security constitutes a very
important criterion with the CSA white list.
Access to the CSA white list is protected
and secured by the affiliated ISPs in multiple
ways so that the white list is also only used
for the purpose for which it was compiled –
namely the whitelisting of the mail servers
listed therein.
The CSA is established on the market and,
since the start of its operational service, has
enjoyed a constant increase in acceptance,
which in turn has a positive effect on the
growth of the CSA. Expressed in figures,
the CSA now encompasses more than 100
certified mass senders from Germany, the
EU, and the U.S. On the other hand, the
ISPs affiliated with the CSA cover more than
500 million e-mail accounts. In addition,
renowned technology and cooperation
partners participate in the CSA who increase
the reach of the CSA further and provide
the CSA with important instruments for the
monitoring of the senders. For years, the
CSA has been the most well-known and
most widespread reputation standard in
Germany and thus a great success for the
German Internet economy. At the international level, the CSA also enjoys growing popularity and acceptance and is thus on the
best path to further increasing the benefit
of all providers and senders already affiliated.
An updated list of the participants and
partners as well as all other information
regarding the CSA can be found at
www.certified-senders.eu. 9.Opt-in or opt-out –
what applies in the
individual countries
With the international mailing of advertising
e-mails, the following decisive question arises for the sender: In the country where the
recipients are located (target country), does
the opt-in principle (prior consent required)
or an opt-out regulation apply (unsubscribe
option sufficient). The decisive factor in the
assessment of the lawfulness of the mailing
activity is the legal position in the respective target country. Opt-in applies in all
Member States of the European Union and
in Norway, Liechtenstein, Iceland, and
Switzerland. However, this is not the case
all over the world.
The following list* answers the question of
the validity of opt-in or opt-out for around
50 countries, listed according to continents.
For most countries, the list also contains
important information regarding the respective legal bases:
43
Europe
Country
44
Opt-In
Austria
(+)
Belgium
(+)
Bulgaria
(+)
Denmark
(+)
Germany
(+)
Estonia
(+)
Finland
(+)
France
(+)
Greece
(+)
Iceland
(+)
Opt-Out
Legal Bases / Comments
O
pt-In with B2C and B2B,
exception with customer
relationships, Section 107 para 2.,
para 3., of Telecommunication Act
2003 (TKG)
L
aw on Legal Aspects of the Services
of the Information Society
(Law of 11 March 2003),
in B2B, opt-out is sufficient
G
erman Civil Code (BGB)
A
ct Against Unfair Competition
(UWG)
T
elemedia Act (TMG)
F
ederal Data Protection Act
(Bundesdatenschutzgesetz, BDSG)
E
xpress consent required, exception
with customer relationships; Section
7 para. 2 no. 3 para. 3 of the Act
Against Unfair Competition (UWG)
N
o differentiation between
B2B or B2C
O
pt-out applies to B2B
L
aw on Confidence
in the Digital Economy (LECN)
T
he following applies to consumers:
Opt-in necessary unless
1 . A
ddress was obtained during a
purchase in the last 12 months
2. Product similarity
3. Free-of-charge and clearly
understandable opt-out option
W
ith B2B, opt-out is sufficient
Country
Ireland
Opt-In
Opt-Out
(+)
Italy
(+)
Latvia
(+)
Liechtenstein
(+)
Luxembourg
(+)
Lithuania
(+)
Malta
(+)
D
ata Protection Act of 1998
European Communities (Electronic
Communications Networks and
Services)
( Data Protection and Privacy)
Regulations
2
003 (Statutory Instrument
No. 535 of 2003)
D
ata Protection Act of 2003
(amending Data Protection Act
of 1988)
T
1 . A
2 . Product similarity
W
A
nti-spam regulation in Section 130
of the Italian Data Protection Act,
Codice in materia di protezione dei
dati personali
T
1. A
W
45
Country
46
Opt-In
Netherlands
(+)
Norway
(+)
Poland
(+)
Portugal
(+)
Romania
(+)
Slovenia
(+)
Spain
(+)
Sweden
(+)
Switzerland
(+)
Opt-Out
T
elecommunications Act,
Federal Data Protection Act;
in force since 10/01/2009:
The New Dutch Opt-In Law
T
he following applies to B2B and
B2C: Opt-in necessary unless
1. A
2
000/31/EC
D
ecree-Law 7/2004 (Art. 22)
Information Society Services and
Electronic Commerce Act
(34/2002 of 11 July)
R
oyal Decree 1720/2007
T
he following applies for consumers:
1. A
A
rt. 3 of the Federal Law Against
Unfair Competition: Mass advertising
by e-mail is only permissible in
Switzerland if the following
requirements are met:
1. P
rior consent from the
customers
2. Indication of the correct sender
3. Information about easy and
free-of-charge unsubscribe
option
Country
Opt-In
United
Kingdom
(+)
Cyprus
(+)
Opt-Out
P
rivacy and Electronic
Communications (EC Directive)
Regulations 2003:
F
or consumers: Opt-in necessary
unless
1. A
2. P
roduct similarity
USA / S outh America / C anada
Country
Opt-In
Opt-Out
USA
(+)
Argentina
(+)
Chile
Costa Rica
C
AN-SPAM-ACT:
The following points constitute
the most important content of
the law (Section 5):
1 . S
ender must be clearly
identifiable
2. Misleading subject lines are
prohibited, i.e. the subject line
may only inform the recipient
about the true content of the
e-mail.
3. Opt-out option or unsubscribe
option must be given.
4. The postal address of the
sender must be indicated
P
ersonal-Data-Protection Act.
T
here is no law solely on e-mail
marketing. Section 27 of the
Personal-Data-Protection Act,
however, contains provisions on
the opt-out option with advertising
e-mails
(+)
(+)
47
Country
Opt-In
Canada
(+)
Colombia
Mexiko
48
Opt-Out
h
ttp://laws-lois.justice.gc.ca/eng/
acts/E-1.6/index.html
F
rom 07/01/2014: Opt-in regime,
approximation to German provisions
and revised anti-spam law: Canada’s
Anti Spam Law (CASL):
1 . E
xpress consent from the
recipient to the receipt of
the advertising e-mail before
it is sent.
2. N
o false or misleading message
header (sender or subject line).
3. No change in the sending data.
4. A
clearly visible or locatable
“unsubscribe link”.
The advertising e-mail must
contain the sender‘s postal
address.
5. No use of e-mail addresses
that have been collected by
unlawful means.
(+)
(+)
Peru
(+)
Venezuela
(+)
C
onsumer Protection Law
Asia / Australia
Country
Opt-In
Australia
(+)
Bahrain
S
pam Act 2003, always prior
express consent required
(+)
China
(+)
Japan
(+)
Korea
(+)
New Zealand
(+)
Russia
(+)
Saudi Arabia
(+)
Singapore
C
hina’s Regulations on Internet
Email Services 2006
“ New Anti-Spam Law” 2008,
close adaptation to the European
principles
U
nsolicited Electronic Messages Act
2007; Privacy Act 1993
(+)
Turkey
United Arab
Emirates
Opt-Out
S
ingapore enacted the
SPAM Control Act in 2007
(+)
(+)
* Status December 2013: Amendments to the law that have been made subsequently have
not been taken into account
49
Authors
Authors
Dr. Torsten Schwarz
Owner of Absolit Consulting und
Email-Marketing-Forum.de
Christian Schmoll
Senior Legal Counsel and Data Protection
Officer of Teradata (teradata.com),
lawyer, law firm TMD Lawyers
Martin Bucher
Managing Director, Inxmail GmbH
Roman Schiffelholz
Team Manager, Inxmail GmbH
Dr. Jens Eckhardt
Specialist lawyer for information
technology law, JUCONOMY Lawyers
Ivo A. Ivanov
Lawyer and General Corporate Counsel,
eco e. V.
Sebrus Berchtenbreiter
Managing Partner, promio.net GmbH
Ueli Grüter
Lawyer, Grüter Schneider & Partner AG
Maya Reinshagen
Founder and co-owner, Mayoris AG, Root
Principal Consultant, Namics AG, Zurich
Sascha Wilms
Product and Business Development,
eco e. V.
50
Anja Schäffer
Verlag für die Deutsche Wirtschafts AG
Frank Stiegler
Lawyer, „Stiegler Legal“
Rosa Hafezi
Lawyer, Professional Services Division,
eco e. V.
Alexandra Koch-Skiba
Lawyer, Head of Complaints Department,
eco e. V.
Copy-editing
Ivo A. Ivanov
Lawyer and General Corporate Counsel,
eco e. V.
Sascha Wilms
ISP and Product Development,
eco e. V.
Rosa Hafezi
Lawyer, Professional Services Division,
eco e. V.
Alexandra Koch-Skiba
Lawyer, Head of Complaints Department,
eco e. V.
www.certified-senders.eu
eco
Association of the
German Internet Industry
Lichtstraße 43h
50825 Köln (Cologne)
Phone +49 (0)221 / 70 00 48 - 0
Fax +49 (0)221 / 70 00 48 - 111
[email protected]
international.eco.de
52

eco Directive for Permissible e-Mail Marketing

Transcription

Similar documents

Welcome to the world of advertising! M 1

Ad Art BROCHURE 2 - Winnipeg School Division

Consent

WBE Certified - Perna Design

kyle davis strode • rancid ranch design 512.337.7172 • 210.722

Contact - Ohio Newspaper Association

4 Online Advertising Traffic Sources

Artwork Guidelines for Yellow Pages® - Book Awareness

Legend of the Gaurdians Curriculum(2)

Newsletter

advantedge vending