Expert Advice Community

Guest

Anti-spam regulations

  Quote
Guest
Guest user Created:   Jul 25, 2019 Last commented:   Jul 26, 2019

Anti-spam regulations

1. Hi. I would be grateful for some guidance on anti-spam regulations vis-a-vis the GDPR. What are they?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Jul 25, 2019

Answer:

Spam is regulated in EU primarily by Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). The GDPR does not directly regulate spam but it places consent as a condition for direct marketing in certain situations.

2. Are there additional anti-spam regulations that are country-specific that also must be adhered to?

Answer:

This Directive is not directly applicable like the GDPR is and this meant that each member state had to adopt local legislation to accommodate the provisions of the directive. There is the Privacy and Electronic Communications Regulations 2003 in the UK, Act 34/2002 on Information Society Services and Electronic Commerce, Gesetz gegen den unlauteren Wettbewerb (UWG) in Germany etc. so it depends on the jurisdiction where you are operating.

3. How would this affect contracts an organization has with third parties (who might be marketing on an organization’s behalf)?

Answer:

The anti-spam rules have nothing to do with third-party advertisers. If these parties will be providing advertisement on your behalf using personal data obtained from you they will be acting as your processors so the GDPR rules, especially art. 28, will be applicable.

4. What are the penalties for non-compliance?

Answer:

The penalties for not complying with the provisions of anti-spam regulations depend on the local law so, as I said before, it depends on the jurisdiction. For example, in the UK you can be fined up to £500,000 for each unsolicited phone call.
Quote
0 0
Expert
Andrei Hanganu Jul 26, 2019
We have received an additional question:

>The GDPR does not directly regulate spam but it places consent as a condition for direct marketing in certain situations?

Answer:

The GDPR establishes the rules around consent and those rules need to be respected whenever using consent as your lawful grounds for sending the advertisement. The GDPR also allows for direct marketing based on legitimate interest.

However the GDPR does not say that direct marketing always constitutes a legitimate interest, and whether your processing is lawful on the basis of legitimate interests depends on the particular circumstances. Some forms of marketing may not be legitimate if they do not comply with other legal or ethical standards or with industry codes of practice. However, as long as the marketing is carried out in compliance with e-privacy laws I mentioned previously and other legal and industry standards, in most cases it is likely that direct marketing is a legitimate interest.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 25, 2019

Jul 26, 2019

Suggested Topics

Guest user Created:   Feb 21, 2020 EU GDPR
Replies: 1
0 0

Data Protection Regulations

Guest user Created:   Jul 17, 2018 EU GDPR
Replies: 1
0 0

Laws and regulations

Guest user Created:   Aug 30, 2021 EU GDPR
Replies: 1
0 0

Complying with EU GDPR