Spam legislation threatens heavy fines

The Federal Spam Act 2003 officially took effect on April 11 with companies which breach the legislation facing fines of up to A$220,000 per day (US$169,000) or A$1.1 million for repeat offences.

Clearswift Ltd. Asia-Pacific managing director Chy Chuawiwat said the new Act is likely to catch some legitimate companies unaware, especially if they do not audit regularly.

Clayton Utz, IT lawyer, and partner Peter Knight agrees and believes some Australian businesses might not comply with the Act through ignorance.

He said organizations need to tread carefully as it is a time when regulatory deterrents are being tested.

Utz and former online law and policy advisor to the federal government, Ander Stein, recommend companies arrange network audits and an antispam policy that is enforceable.

“It’s simply not good enough to have a policy just sitting there. You have to think, what am I doing to educate people about this policy and what am I doing to enforce this policy,” Stein said. “Regulators will want to see that the policy has been enforced.”

OzEmail product development and research director, Mike Sadler, said not only should companies pay attention to what is or isn’t allowed by the Spam Act, they should also be sure their e-mails reached their intended destinations.

“Delivery assurance is the number-one issue for business users this year,” Sadler said. “It’s one thing to know what is or isn’t allowed by the Spam Act, but it could be an entirely different thing knowing what various gateway operators might classify as unwanted.

“Businesses should be really concerned that they know the message is getting through, and if it doesn’t, what steps they can take to rectify the issues.”

Sadler believes that in order to ensure an e-mail gets through, businesses should carry out a range of things, such as providing an unsubscribe facility, maintaining contact lists, using a properly set up mail server and avoiding spam-like content.

“Include contacts other than e-mail, and make the mail very traceable to ensure it gets through to the contact,” Sadler said.

The Australian Computer Society (ACS) has released five steps on how Australian businesses can become Spam Act compliant.

The ACS assembled a team of legal and ICT industry experts to provide simple, cost-effective guidelines on how you can quickly comply with the new legislation.

One of the principal ACS recommendations is for businesses to confirm permission with potential e-mail recipients — rather than leaving any ambiguity as to whether consent has been granted or whether the message is factual or commercial.