I was recently asked to advise a client in relation to unsolicited, bulk email marketing campaigns and the brief got me thinking about these sort of marketing campaigns and how the law could well put an end to them as we currently know them.

Virtually anyone with an email account is familiar with unsolicited email, usually by the term spam. So what is spam? ISPA defines spam as follows:

Spam, or unsolicited bulk email, is the posting of emails to large volumes of addresses advertising a service or product which the recipient seldom wants. Unlike conventional junk mail where the sender pays the cost of postage, recipients of spam pay the transmission costs, either in the form of Internet access fees and/or telephone call charges.

An example of spam is an unsolicited email message from someone you dont know (or a forged address) inviting you to view pornography, purchase Viagra or enlarge your penis amongst other things.

So why is spam a problem (aside for the annoyance factor)? Well, as ISPA points out:

Spam is one of the most significant threats to the Internet, accounting for around 60% of all email traffic. Spam costs consumers and ISPs lots of money in bandwidth charges. Despite the growing number of technological means for combating spam, the spammers somehow manage to stay one step ahead and the deluge shows little sign of abating.

There isn't a lot of law dealing with spam at the moment. The Electronic Communications and Transactions Act deals with spam in section 45:

Unsolicited goods, services or communications

45.(1) Any person who sends unsolicited commercial communications to consumers, must provide the consumer

(a) with the option to cancel his or her subscription to the mailing list of that person; and

(b) with the identifying particulars of the source from which that person obtained the consumer’spersonal information, on request of the consumer.

(2) No agreement is concluded where a consumer has failed to respond to an unsolicited communication.

(3) Any person who fails to comply with or contravenes subsection (1) is guilty of an offence and liable, on conviction, to the penalties prescribed in section 89(1).

(4) Any person who sends unsolicited commercial communications to a person who has advised the sender that such communications are unwelcome, is guilty of an offence and liable, on conviction, to the penalties prescribed in section 89(1).

(If you are interested in exploring section 45 in more detail, Lance Michalson published an article in 2003 on the topic which makes for very interesting reading)

It sets a set of minimum requirements for unsolicited email to be regarded as lawful but not all service providers are satisfied with this. Internet Solutions specifically prohibits unsolicited email in its Acceptable Use Policy:

E-MAIL USE

1. It is explicitly prohibited to send unsolicited bulk mail messages ("junk mail" or "spam") of any kind (commercial advertising, political tracts, announcements, etc). This is strongly objected to by most Internet users and the repercussions against the offending party and IS can often result in disruption of service to other users connected to IS. In addition, spam is unlawful in terms of the Electronic Communications and Transaction Act 2002, and IS is entitled to take appropriate steps against the User in contravention of these provisions of the Act.

At this point sending spam becomes more a case of infringements of the service providers' terms or acceptable use policies and a matter of contract. It is one of the legal frameworks service providers are creating in the absence of more comprehensive (and, arguably, effective) legislation.

The central issue here is sending unsolicited email to people who may not even be aware of the sender's existence. Sometimes email databases are compiled in the course of legitimate business activities (training companies often collect attendees' personal information and add them to their databases, although not always with the attendees' consent). Marketers frequently buy databases of email addresses from 3rd parties who compile these databases independently. This is where a fair amount of attention is focused because many of these database compilers use underhand methods to create these databases. As far as the ECT Act is concerned, a properly functioning opt-out mechanism keeps the marketing campaign pretty much above board but the much anticipated Protection of Personal Information Bill could change that dramatically.

The PPI Bill has, as one of its central principles, the requirement that informed consent be given for the collection and processing of personal information. This means that a provider must ensure that the people it collects personal information from are informed as to what personal information is being collected and what that personal information is going to be used for. Furthermore they must consent to this. Section 66 of the PPI Bill applies this principle of informed consent to unsolicited electronic communications:

Unsolicited electronic communications

66. (1) The processing of personal information of a data subject for the purpose of direct marketing by means of automatic calling machines, facsimile machines, SMSs or electronic mail is prohibited unless the data subject—

(a) has given his, her or its consent to the processing; or

(b) is, subject to subsection (2), a customer of the responsible party.

(2) A responsible party may only process the personal information of a data subject who is a customer of the responsible party in terms of subsection (1)(b)—

(a) if the responsible party has obtained the contact details of the data subject in the context of the sale of a product or service;

(b) for the purpose of direct marketing of the responsible party’s own similar products or services; and

(c) if the data subject has been given a reasonable opportunity to object, free of charge and in a manner free of unnecessary formality, to such use of his, her or its electronic details—

(i) at the time when the information was collected; and

(ii) on the occasion of each communication with the data subject for the
purpose of marketing if the data subject has not initially refused such use.

(3) Any communication for the purpose of direct marketing must contain—

(a) details of the identity of the sender or the person on whose behalf the
communication has been sent; and

(b) an address or other contact details to which the recipient may send a request that such communications cease.

The effect of the PPI Bill will be to introduce a requirement of informed consent to email marketing campaigns and effectively outlaw independently created email databases which are then sold to marketers for their email campaigns. Section 66(2) imposes a set of onerous requirements on anyone compiling an email database for marketing purposes which preclude many of the methods used to compile and trade in these databases in use today.

The only legal email marketing campaigns that will likely be left standing will these those typically facilitated by opt-in consents given by customers when they complete application, bookings and similar forms for specifically chosen products and/or services. This represents a radical departure from the requirements established by the ECT Act and we should see the ECT Act amended quite substantially when the PPI Bill is passed and comes into effect.

While these developments may well mark the end of unsolicited bulk email marketing campaigns as we know them today, they could well mark the beginning of a new surge of social media-based marketing initiatives.

Social media campaigns usually involve fewer numbers of people directly contacted when compared to spam mailing lists comprising hundreds of thousands or even millions of direct recipients but I suspect marketers will see better returns as people responding to those new campaigns may well be more engaged and passionate about the products and services they choose. Many businesses won't make the transition from bulk email campaigns to social media-based campaigns but those that do may find the results surprising. Of course this also represents a tremendous opportunity for social media agencies that can deliver smart, relevant and effective results.

This transition will also mean that marketers must carefully consider the legal challenges that apply to the social Web and social media, generally speaking. Just as companies may encounter charlatans posing as social media consultants (this hilarious video illustrates what I mean by this), they will also encounter lawyers who claim to have a handle on this space but lack the insight into the social Web to be truly effective.

Of course none of these legal developments will have much of an impact on illegal spammers who will continue to inundate you with Viagra, cheap watches and penis enlargement emails. This is probably a good time to get your spam filters set up and running effectively.

I was interviewed by the Advertising Standards Authority on Radio Today a couple weeks ago about the Web and digital media law. It was a pretty broad interview and I enjoyed being on the show. If you are interested in the Advertising Standards Authority, here is a brief profile:

The Advertising Standards Authority of South Africa (also known as the ASA) is an independent body set up and paid for by the marketing communication industry to ensure that its system of self-regulation works in the public interest. The ASA has a president independent from the industry and governed by a Board.

You can find out more about the ASA on its website. I would like to thank Corne Koch, the ASA's communications manager for inviting me to be on the show.

Ok, here is the audio from the interview. I have edited out two music tracks which were played during the show, mainly for copyright reasons:

I have only just started reading through the July Brainstorm magazine and began with the article about Michalsons Online, an initiative of the well known South African technology law firm, Michalsons Attorneys.

The Brainstorm article suggests Michalsons Online began making legal information available online recently the site's archives go back to 2002. Just the same this service is a welcome addition to a range of other sources of public legal information, much of which has been made available by large and small law firms alike. Jacobson Attorneys has been publishing articles about legal principles and issues for almost 4 years now although not quite with the frequency of many of its competitors. Just the same, the more South African law firms publish articles about relevant legal topics, the richer the local, collective and online law resources become. Michalson's content is largely behind a subscription paywall but it is still a valuable addition to the space.

The model is a variation of something I tried to implement a couple years ago with a colleague of mine (who also routinely publishes interesting articles about a range of legal topics). We asked the local law society whether we could provide subscription based legal advice to clients and we were told, a year after the request was made, that this would violate our ethics as attorneys because it would be regarded as touting. Michalsons seems to have circumvented this hurdle by creating a separate vehicle for Michalsons Online which is not Michalsons Attorneys.

The site looks like it is built on top of WordPress and has a subscription option for R299 per month. The purpose of the service, according to the Brainstorm article, is as follows:

What Michalsons Online aims to do is provide accurate and relevant information to the local market on topics that are relatively generic. As the site puts it: “We offer proactive insight and knowledge that no longer needs to be accessed exclusively by traditional consultation with an attorney.”

I subscribed for the free version to take a look at the articles and they are helpful and informative articles and should prove to be a valuable resource for subscribers. I have been working to make more of my legal knowledge available to visitors to my site in its various incarnations for some time now. I agree with Lance Michalson that lay people do not have adequate access to the law and it is important to make the law more accessible. This is one of the reasons why I publish as much of my knowledge as I can on this site and why I also created this custom search engine which references a variety of legal resources in South Africa ranging from government legal information to private law firm websites.

The one aspect of the service I am a little dubious about is the claim that the Michalsons Online service can satisfactorily replace direct advice from a lawyer:

Says Michalson: “There is a slowly emerging demand for lawyers to reduce fees and provide answers online. We’re giving away the answers and taking a big step by giving them away online. What’s nice [for clients] is that you can pay me R1 500 per hour to tell you the information or pay R200 per month to subscribe and find out online. There is lots of information plus stuff like self-assessments to see the extent to which you comply with a law. We’ve just started a document assembly offering that can put together contracts.

While I'd love to reach a point where online legal information can address all but a small subset of highly specialised needs, it is problematic suggesting that relatively generic information can replace specific legal advice. At the same time well structured, comprehensive and varied legal content can answer a number of queries but clients still need to refer to their lawyers to make sure their specific needs are catered for. Michalsons Online does recognise this challenge and has the following caveat in its Online Legal Guidance Terms:

It has been prepared as a summary and opinion on general principles of law and is published for general guidance purposes only. The content does not constitute specific legal, tax, investment, or accountancy advice. Seek advice from a suitably qualified professional adviser before dealing with any specific situation.

I don't believe that law firms can publish legal articles and sit back thinking they have introduced sufficient change to the profession. As Lance Michalson points out in the Brainstorm article, clients are increasingly dissatisfied with high legal costs (particularly hourly billing). The traditional law firm model doesn't work anymore and firms must adapt. One of the ways they can do that is to move off the hourly billing model and charge fees based on value (I have all but abandoned the hourly billing model for the majority of my clients). It is a relatively new concept in SA law firms but it will be the differentiator between successful firms and firms that struggle for credibility in their client's eyes.

All in all this is a good sign for publicly available law in South Africa. Seeing services like this certainly inspires me to post more frequently and share more of my knowledge and insights, particularly as it relates to the Web and digital media. I don't believe this firm will charge for access to these articles in the foreseeable future and we will continue to license that content under a Creative Commons license to improve access to the content. At the same time, different models are good for the industry because we get to see which ones work and which ones don't. So, belatedly, welcome Michalsons Online to next generation legal services.

I've just been listening to an interesting discussion in a recent episode of This Week in Law about the implications of brandsquatting on services like Twitter, FriendFeed and Facebook. You may be familiar with cybersquatting which occurs when a person registers a domain that person has no legitimate interest in and has registered largely for the purpose of re-selling it, typically to a trade mark owner, for a profit.

Cybersquatting is usually dealt with in terms of dispute resolution processes established in respect of those particular namespaces (ICANN's UDRP for .com, .org, .net and other top level domains and the .zaDNA's own dispute resolution process for the .za namespace). These dispute resolution processes are designed to be more informal than court proceedings and can be both more efficient and effective.

When it comes to brandsquatting the rules are a little different. You're no longer dealing with domain name registrations per se but rather the use of a folder on an existing domain, for example http://twitter.com/cocacola, which matches an existing brand or person's name.

Users who register accounts on services like Twitter, FriendFeed and Facebook and who claim usernames that are similar to or the same as existing brands or personalities may be doing so to leverage off the existing brand or personality to boost traffic, attention or even to harm that brand. These cases don't fall under the scope of the UDRP or zaDNA's ADR process and instead fall under the individual service's terms of service and possibly the relevant trade mark law. Fans often create accounts in the name of their favourite brands with the intention of creating fan-sites of a sort and the question then becomes whether to permit this use of a brand or shut down all unauthorised uses of the brand. The Coca-Cola page on Facebook was, if I remember correctly, created by two Coca-Cola fanatics and not by the Coca-Cola Company. The company agreed to let the group continue, presumably because of its overwhelmingly positive benefit for the brand.

On the other hand the Coca-Cola page on FriendFeed doesn't seem to be associated with the company itself or have much in the way of content about the brand. It is a relatively innocuous abuse of the brand but an abuse nonetheless.

The legal problems with these sorts of registrations include passing off which is when a person or service passes themselves off as an existing and often well established brand. This is a basis of unlawful competition as well as trade mark infringement in many legal systems, including in South Africa.

While remedies may include approaching a court to stop the passing off, this is an expensive and often time consuming process. Fortunately Twitter, Facebook and other services have provisions in their terms of use to deal with this (or they police this in the ordinary course of their business). Twitter, for example, specifically deals with this issue in its terms of service:

We reserve the right to reclaim usernames on behalf of businesses or individuals that hold legal claim or trademark on those usernames.

Facebook also has a few provisions dealing with brandsquatting. These provisions prohibit misleading account registrations or account registrations in other parties' names without consent. The Facebook Statement of Rights and Responsibilities also enable Facebook to terminate accounts for certain infringements of intellectual property.

FriendFeed's terms don't appear to address this issue explicitly but I have seen instances where FriendFeed staff act fairly decisively to address abuse of their system so brandsquatters shouldn't be too cavalier here either.

The point is brandsquatting is not tolerated either. The remedies may not be quite the same as those available for more conventional cybersquatting but remedies do exist. The only question is how readily the services concerned will take action against brandsquatters when these illicit activities are brought to their attention. Hopefully the action will be swift and decisive. If not, well, there are always the courts ...