ACMA: Power without theory ?
OK, it’s a harsh headline, but we really wish ACMA would more generously share its thoughts about compliance with the Spam Act and Do Not Call Register Act.
The potent powers that these laws give the authority carry a moral obligation to educate as well as punish. We’ve argued the point before, and now there’s another case where the Communications Authority’s communication isn’t as authoritative as it could be.
The Hyarchis case
It began with a media release that Hyarchis, a purveyor of low grade social networking sites and low value / high cost ‘premium’ mobile services, had been warned for spamming. The entire detailed explanation of the warning wasn’t too detailed …
The Australian Communications and Media Authority has issued a formal warning to Hyarchis Company Limited for alleged breaches of the Spam Act 2003. The alleged breaches were in relation to the sending of commercial electronic messages by SMS, without the consent of the recipient.
Hardly a fulsome explanation.
Hyarchis debates the point
The good folkat iTnews then reported that Hyarchis’ local representative Peter Pichler scorned ACMA’s warning, claiming that an unknown third party had entered a random phone number in a Hyarchis social networking site registration form – three times.
That, said Pichler, is why three in fact unsolicited messages were sent to the number. And Hyarchis had told ACMA that.
ACMA retorts
The iTnews story drew a response from ACMA …
ACMA received a number of complaints from consumers regarding the sending of SMS messages by Hyarchis Ltd allegedly without the consent of these consumers.
Following these complaints ACMA conducted an investigation into Hyarchis Ltd.
As part of the investigation Hyarchis made written submissions to ACMA in relation to the complaints and its compliance with the Spam Act 2003. ACMA assessed the evidence, including the submissions made by Hyarchis Ltd and found that there were reasonable grounds to believe that Hyarchis Ltd had sent commercial electronic messages without consent in contravention of section 16 of the Spam Act, which is a civil penalty provision.
ACMA issued a formal warning to Hyarchis Ltd on 31 October 2008. The warning set out the particulars of the contravention and ACMA’s view that, in relation to one electronic address (mobile number), Hyarchis had sent unsolicited commercial electronic messages in contravention of section 16 of the Spam Act. ACMA has not made a finding in relation to the other complaints received.
In issuing the formal warning, ACMA considered the submissions made by Hyarchis and formed the view that the electronic address in question was most likely entered into Hyarchis’ wesbite by an unknown third party. ACMA was satisfied that the electronic address was not entered by the electronic address holder of that electronic address, and therefore that consent had not been obtained by that electronic account holder.
Under the Spam Act, if the sender, or the person who caused the message to be sent, wants to rely on the consent of the electronic account holder, then they bear the evidential burden in relation to that matter. This means that they must adduce or point to evidence that suggests a reasonable possibility that they had consent to send the message. In this case, Hyarchis was able to point to evidence that an electronic address (mobile phone number) had been entered in to its website, but not that it had consent from the electronic account holder as required by the Spam Act.
ACMA has a number of enforcement options available to it when it has a reasonable belief that a contravention of the Spam Act has occurred. This includes the issue of a formal warning, the issue of an infringement notice or taking the matter directly to the Federal Court. The issue of a formal warning in this case is indicative of ACMA’s tiered approach to compliance with the Spam Act. It is the intention of the Spam Act to provide ACMA with a range of enforcement options depending on the circumstances and seriousness of the contravention. A formal warning enables ACMA to formally indicate its concerns about a contravention and allow for the company to take compliance action to prevent any future contraventions.
The content of the messages in question were:
Hey what are you up to? Im having a lazy Friday arvo.. feel like going out later tho
– where are you right now? Hy arch is free message, stop 2 quit
AND
Hey what are you up to? Im having a lazy Saturday arvo.. feel like going to the pub later tho
It is ACMA’s view that the messages in question were commercial electronic messages in terms of the Spam Act because they were intended to offer a service and therefore elicit business.
The Spam Act prohibits the sending of unsolicited commercial electronic messages, except in certain limited circumstances In this case, ACMA formed the view that the messages did not fall within one of the exceptions to the general prohibition at section 16(1) of the Spam Act. In particular, Hyarchis did not provide sufficient evidence to demonstrate a reasonable possibility that the recipient had consented to receive the commercial electronic message from Hyarchis Ltd.
The Spam Act does not apply to messages that are purely factual as these are not ‘commercial electronic messages’ within the meaning of the Spam Act. It is feasible that a purely factual ‘confirmation’ message could be sent to a mobile number entered on to a website to verify consent of the electronic account holder.
ACMA encourages the use of double-opt in for subscription services, but reminds content providers that they must comply with all applicable laws, including the Spam Act.
It is ACMA’s policy to publicise enforcement action taken under the Spam Act to encourage compliance in the industry and in this case, to ensure greater levels of awareness that the Spam Act covers SMS messages.
But ACMA’s response invites some questions
- Why wasn’t more detail provided in the original announcement ? There’s a material difference between sending messages without the slightest basis, and failing to implement double opt-in.
- If Hyarchis had pleaded that a third party loaded up the addresses, and ACMA had accepted that, why wasn’t it acknowledged in the first place ? If ACMA’s case is that this still resulted in a suspected breach, fine. But it’s a different case.
- Why does a Google search suggest that there’s only one document on ACMA’s website that recommends double opt-in to business ? And that is an ageing guide prepared by ACMA’s predecessor.
- Why did ACMA rule out the possible application of sub-section 16(4) of the Spam Act – a message isn’t ‘guilty’ if it was sent by mistake ?
We’re not saying ACMA’s answer was wrong
But its explanation of what happened, and what it was thinking, were poor.
Many industry players watch carefully for information on how to stay on the right side of regulators like ACMA. Bland announcements that someone was warned for sending messages without consent aren’t helpful. Plenty more proactive statements of position would be.
Besides, the limited detail of the initial announcement opened the door for Hyarchis to ‘set the record straight’ and win sympathy that’s probably undeserved. When an authority finds itself issuing a 752 word defence of a 44 word announcement, someone in the public relations team has some explaining to do.
ACMA is where ACCC was 25 years ago
Over time, ACCC has developed into a good communicator, focusing on proactive education and using infringements as opportunities to spread the compliance message, too.
ACMA needs to get on board the policy and education train. There are many decent players in the marketing game, keen to understand ACMA’s positions. If only the Authority would articulate them with more enthusiasm.
Comments
Leave a Reply