The Unsolicited Electronic Messages Act 2007 came into force on 5 September - should New Zealand Business Owners panic about how to comply?

Could a simple email from your business cost you a fine of up to $500,000? If your business sends marketing emails to clients or potential clients, then you need to comply with the new Unsolicited Electronic Messages Act 2007 (the Spam Act). Some simple precautionary steps could save you getting into hot water and help you comply with the legislation.What does the legislation say?

First here is a summary of what the legislation says in jargon speak:

1. It is illegal to send commercial electronic emails, or text messages to addresses derived from address-harvesting software (or indeed use address-harvesting software);

2. Commercial electronic messages (CEMs) can only be sent to a recipient if you can prove you have one of three types of permission (consent) from the recipient. Please note the legislation is unusual because you are deemed guilty until you can prove your innocence by showing evidence you had consent to send the message.

3. The Spam Act only covers messages that have a “New Zealand Link”.

4. You must provide a free to use “unsubscribe” function within all your commercial electronic emails and text messages.

Sounds simple if you know what the terminology means, so let me explain.

What is address harvesting-software?

In short, address-harvesting software trawls the internet compiling lists of email addresses. So if your email address appears on your website, then chances are it has already been picked up by some address-harvesting software. That’s probably how the Viagra retailers got your address!So, assuming you are not a professional spammer you probably don’t need to worry about this section of the Act too much. The only word of caution I would give is: if you are buying a list of email addresses from a marketing company always ensure the list hasn’t been compiled from address-harvesting software. If it has, you could find yourself in trouble as well as the marketing company.

Is it still OK to buy marketing lists?

The answer is yes, but it depends what you will be using them for. The first point to note is that the legislation only applies to emails. So, if you are conducting an off-line (e.g. snail mail) marketing campaign, fax campaign, or a telephone marketing campaign, bought lists are still useful.

Potentially you could use a bought list for an email marketing campaign, but you would need to be very sure that either:

   1. Everyone on that list had either given consent to receive marketing material of the type you were sending; or
   2. Their email address was published in some way in relation to their business; and
   3. The emails you are sending are relevant to their business; and
   4. The publication of the email address was not accompanied by a statement saying they didn't want to receive the email.

For example, my email address is published on this website. I don't (yet) have a statement saying I don't want to receive marketing emails. But that doesn't mean I give my consent to receive emails about Viagra since it is not related to my business.

So, in practical terms, you can never have that certainty with a bought list so it is better to avoid them altogether.

What about lists which are self compiled?

Even if you have compiled a list yourself from people who have given their consent, there are still some simple steps you must take.

The first thing you must do is make sure any emails you send to recipients on your list give the recipient the option of not receiving any more emails from you. This is what the Spam Act means by providing a simple to use “unsubscribe” function.

The second thing you need to do is make sure that you are identified as the sender. This means stating your name and preferably your physical or postal address (this is a legal requirement in some countries).

The third thing you need to make sure is that in your email or text you are not selling or promoting any products, services, land, interests in land or business or investment opportunities (these are all included in the definition of a “commercial electronic message” in the Spam Act.) unless the recipients have given their consent. You also cannot get round the obligation to have consent by sending out a free report or newsletter that gives a link to your web site that promotes or markets any of the above.

How to get consent

There are various ways by which you can get consent. Whichever way you choose make sure that if it is ever called into question, you can prove how that consent was given. The most common way these days is by way of a webform. There are usually two reasons people fill out webforms. The first is to subscribe to something like a newsletter. In that case, the subscriber is making a direct request for the information so consent is not hard to establish - just make sure that the subscriber knows exactly what she is subscribing to.

The second reason is to complete an online transaction. In this case, the person is not necessarily giving their consent to receive marketing material. When this occurs you are best advised to have a tick box: only if the person ticks the box do they get the marketing material. That's called "opt in". Don't use an "opt out" method.

Of course, once a person has opted in she can always opt out later using your unsubscribe link. If she does make sure that the person is actually unsubscribed and doesn't continue to receive your emails. That's when people really lose their rage and when an auto responder service comes in handy.

What is an auto responder and how can it help?

Auto responder services manage your email lists for you. They allow you to easily send personalised email messages to the people on your list from a remote server so your PC doesn’t get tied up for hours. The messages are compiled by the auto responder service and sent out at a predetermined time set by you. Either you can send an email to your whole list or you can exclude certain pre-defined categories of people. They are excellent for putting together email marketing campaigns.


A reputable auto responder service will also do the following for you:

• Automatically add an unsubscribe link to every email you send through their system;
• Not send any more emails to recipients who have un subscribed;
• Automatically include your postal address on every email;
• Have systems in place to ensure that you cannot import bought address lists into their database;
• Offer a verified opt in procedure to ensure that people who have subscribed to your list really intended to;
• Track how people on your list have opted in to receive the information you are sending.

If you use an auto responder system like this (and I recommend then the chances of you falling foul of the new legislation are very minimal. If you don’t, you risk forgetting to include unsubscribe links and sending emails to people who have already un subscribed (not to mention the time it takes to manually maintain your lists).

Another cool function of some auto responder services is that they allow you to create your own web-forms where you can collect details of subscribers.

I assume I can market to my existing or former clients?

You would think so, but there may be circumstances where this would fall foul of the legislation. For example, a client or customer who has used your services before hasn’t necessarily agreed to receive your promotional material in the future.

But before we look at when you can or cannot send marketing emails, let's first work out what is and what isn't a marketing email:

   1. You can for example email your existing customers about upgrades that are available to a product they purchased, or about warranty information, or about a product recall. These aren't marketing emails so an unsubscribe link is not required.
   2. Quotes and estimates if requested by the recipeint are also not included.
   3. Factual information about a membership of a club or subscription are also not included e.g. an email that a subscription is about to expire.

These are just some examples.

So, if it doesn't fall within an exception, when can you send emails to clients?

   1. You are fine emailing a newsletter to your existing customers, or promoting products or services provided you have an unsubscribe function included. By being an existing customer, consent is inferred.
   2. But, if for example you were running a gym and you send out a newsletter to a former member (their membership had lapsed) that may not comply with the Spam Act even if you had an unsubscribe link. You may not be able infer consent simply because they were a former member of your gym.You can see that there are many grey areas here about who you may have a sufficient business relationship with to infer consent. The best way round this is always to get express consent. One way of doing this is to incorporate a statement in your terms and conditions of business. But what if the person is not yet a client, but could be?

Word of mouth referrals

Most service businesses receive word of mouth referrals regularly. If you are one of those people who prefers to introduce yourself to a new referral initially by email, then make sure that you don’t try and sell something in that first email. Common sense would probably dictate that wouldn’t be a sensible strategy anyway, but it is worth mentioning here. A sensible email would probably read something like this:

    Hi Jo,
    Dave gave me your details because he thought that you may be interested in some of the products and services which my company offers. Would it be OK if I sent you some literature on what we offer and then we could fix up a time to grab a coffee…

The important thing about this email is that it asks for the person’s consent before sending any sales literature. Obviously, you don't send any sales literature unless they say it is OK.

Will it stop my spam!?

Unfortunately, the answer is no. The Spam Act applies to emails sent from anywhere in the world to New Zealand (or a New Zealand domain) and to emails sent from New Zealand. So, in theory all that spam we receive will be covered by the Act. However, the problem is enforcement. The reality is that someone spamming from a bedroom in Moscow isn't going to get hauled up by the NZ authorities.The problem is that the likely culprits caught by the legislation are New Zealand based business who are careless in how they deal with their email communication. Make sure that is not you.

Follow these simple rules

So if you don't want to be a victim of the legislation follow these simple rules:

   1. Identify all contact databases within the organization and make sure none have been compiled using name harvesting software.
   2. Check & clean all databases making sure you have either express or inferred consent for each contact. Also use this opportunity to get rid of duplicate records.
   3. Make sure all emails & texts clearly identify the sender with full contact details.
   4. Have a free unsubscribe function on all emails & texts. You also need an internal process to capture and act on unsubscribe requests within 5 days. I recommend using a reputable auto responder service to handle this for you.
   5. Make sure all your staff understands what they need to do to comply with the Act.
   6. Have a clause in your terms and conditions of business which confirms that you have your customers & clients consent to send information about your products and services.

And, if like me you want to receive less spam from illegitimate spammers (the ones that promote porn and Viagra) NEVER unsubscribe or click on a link. That just tells them that their address-harvesting software has found a genuine email address and you will be spammed for life!

For more information on the Unsolicited Electronic Messages Act 2007 and to understand your obligations in more detail go to There you can get a useful booklet with useful advice, checklists, and case studies to guide you through the Act.

Print this pageEmail to a friendUse this article in your newsletter/magazine