02/08/2013 12:23 EST | Updated 04/10/2013 05:12 EDT

Should Anti-Spam Laws Come With Opt-In Consent?

Getty Images
A computer screen inbox displaying unsolicited emails known as 'spam' in Hong Kong on March 20, 2009. The territory is under siege from legions of zombies attacking people with spam and leaving in their wake a trail of destruction costing millions of dollars a year, analysts have warned. AFP PHOTO/MIKE CLARKE (Photo credit should read MIKE CLARKE/AFP/Getty Images)

For the past two days I've called attention to the shocking demands by business groups, including the Canadian Chamber of Commerce, the Canadian Marketing Association, and the Entertainment Software Association of Canada, to legalize spyware by permitting the secret installation of computer programs to monitor activities of Canadians suspected a potential contravention of the law (including laws such as copyright or any foreign law) or unauthorized use of a computer system (including wireless networks).

The Canadian Chamber of Commerce added its own submission to the government's consultation on the anti-spam regulations. The Chamber's key concern is the very foundation of the law: opt-in consent that requires businesses to obtain consent before sending commercial electronic messages (subject to a wide range of exceptions). The Chamber says:

Despite the enduring need to combat nuisance messages and malware, the multitude of compliance problems introduced through the "opt-in" approach to regulating commercial electronic messages and software needs further scrutiny.

The business lobby group therefore argues that opt-in should be dropped for business-to-business email altogether, that the government hold another round of consultations (thereby further delaying the law), and that the law be delayed for at least a year after the final regulations are published.

The opposition to the opt-in approach permeates throughout the organization, its affiliates, and members. For example, earlier this week the Niagara Falls Chamber of Commerce reacted to concern from a member about the spyware provisions by pointing to the law's opt-in requirements and asked "you don't think obligating business to get consent prior to sending a CEM is wrong"? (the complainant said no). Similarly, Graham Henderson, the CEO of CRIA/Music Canada, a Chamber supporter, claims that the law will pose an "immense threat to independent labels and young bands."

Despite these persistent claims that the opt-in approach found in the anti-spam law will greatly harm business (or apparently young music bands), the reality is that opt-in is the standard in most major developed countries. For example, the Australian anti-spam law is based on an opt-in express consent model, with exceptions for opt-out consent based on an existing business relationship or a published email address (Canada has the same exceptions). As for the oft-repeated concerns that this will prevent cold calling via email, Australia has had this prohibition in place for nearly five years (along with a more restrictive third party referral system).

Similarly, Japan switched from an opt-out system to opt-in in 2009, after it found that the opt-out system simply doesn't work. The Japanese system is described as follows:

The legislation is clear: Full auditable and trackable permission to receive email marketing messages must be received prior to any send. Even though there is a clause that states that for-profit entities who publicly announce their own email addresses or who have a preexisting business relationship with the sender can receive commercial email, there is still a requirement for an affirmative act prior to receipt.

The European Union has had an opt-in consent model for a decade. It describes its own system as:

Article 13(1) of the Privacy and Electronic Communications Directive requires Member States to prohibit the sending of unsolicited commercial communications by fax or e-mail or other electronic messaging systems such as SMS and MMS unless the prior consent of the addressee has been obtained (opt-in system).

This requirement has been implemented throughout Europe. For example, the Privacy and Electronic Communications (EC Directive) Regulations 2003 in the United Kingdom provides the following on the use of electronic mail for direct marketing purposes:

Except in the circumstances referred to in paragraph (3), a person shall neither transmit, nor instigate the transmission of, unsolicited communications for the purposes of direct marketing by means of electronic mail unless the recipient of the electronic mail has previously notified the sender that he consents for the time being to such communications being sent by, or at the instigation of, the sender.

3) A person may send or instigate the sending of electronic mail for the purposes of direct marketing where--

(a) that person has obtained the contact details of the recipient of that electronic mail in the course of the sale or negotiations for the sale of a product or service to that recipient;

(b)the direct marketing is in respect of that person's similar products and services only; and

(c) the recipient has been given a simple means of refusing (free of charge except for the costs of the transmission of the refusal) the use of his contact details for the purposes of such direct marketing, at the time that the details were initially collected, and, where he did not initially refuse the use of the details, at the time of each subsequent communication.

In other words, Canada is not an outlier in adopting an opt-in model. The only major trading partner with an opt-out model is the United States, whose CAN-Spam Act is widely regarded as a failure. While there are variations in the specifics between countries, the opt-in approach has been implemented around the world without email marketing grinding to a halt. As noted yesterday, the comment period on the draft regulations may have closed, but it is not too late to tell Industry Minister Christian Paradis or your local Member of Parliament to reject demands from groups like the Canadian Chamber of Commerce that would gut the anti-spam bill.

Most Common Facebook Scams