Everyone not living under a rock now understands that an Internet presence is vitally important to almost every kind of business, but not everyone understands the associated legal risks. A business's use of the Internet presents not only increased exposure to some of the risks it would face in a paper-and-ink world, but also new risks that are specific to cyberspace. This article addresses a few of the legal issues involving the Internet and email that many businesses overlook.
Website Privacy: A Growing Risk
Don't Promise the Moon
Caution! Children at Play
Websites directed at children, whether in whole or in part, are subject to additional restrictions and requirements under the Children's Online Privacy Protection Act ("COPPA"). If a website has a section directed at children, specific disclosures and policies must comply with the COPPA rules which include limitations on third-party sharing and parental consent, review, and control requirements.
Location, Location, Location
Online Advertising and "CAN-SPAM"
Companies may collect information through their websites, or in other ways, for the purpose of marketing products and services through email or other electronic messages. These companies sometimes neglect the requirements applicable to electronic advertising messages. The federal Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (commonly known as the "CAN-SPAM Act") requires those advertisers, among other things, to "clearly and conspicuously" identify every commercial electronic message as an advertisement, provide the physical address of the sender, and include an opt-out mechanism to allow recipients to avoid future communications. Requests to opt out must be honored within ten days, and there are specific limitations on the opt-out mechanisms that may be used. For example, a telephone number, even if toll-free, is not an acceptable opt-out mechanism.
In addition, the CAN-SPAM Act prohibits the use of misleading information in the header fields of a message. For example, an advertising email message with the subject "You've Won!" is probably in violation of the CAN-SPAM Act if the recipient has not actually won anything. Similarly, if the name displayed in the "from" field does not correctly identify the sender, there is likely a violation.
The CAN-SPAM Act limitations do not apply to communications relating to a transaction or relationship that has already begun. For example, an email that merely confirms payment for a transaction previously initiated is not required to include CAN-SPAM Act disclosures. In many cases, companies attempting in good faith to differentiate between advertisements and transactional or relationship communications struggle to do so, particularly with regard to messages containing both categories of communication. For this reason, some companies are advised to include CAN-SPAM Act disclosures in all email messages to avoid the risk of inadvertent violation.
More businesses are entering the social media arena every day to take advantage of the marketing potential it offers. They are well-advised to remember the CAN-SPAM Act when crafting innovative social media marketing strategies. Courts have recently ruled that the CAN-SPAM Act, which was written before social media became prominent to address widespread abuse of the then new concept of email advertising, nevertheless applies to social media messages.
Businesses are advised to give careful attention to CAN-SPAM Act compliance before sending electronic advertising messages. Failure to observe the requirements of the CAN-SPAM Act can result in penalties of up to $16,000 per violation, as well as criminal prosecution.
Violations of the various laws and policies regulating commercial websites and email are gaining increasing attention from governmental entities, consumer advocacy groups, and plaintiffs' class action attorneys, and are expected to be an emerging source of risk for many businesses. Fortunately, much of that risk is avoidable if care is taken to learn the patchwork of applicable legal requirements, adopt appropriate policies, and enforce those policies consistently.
© 2019 Ward and Smith, P.A.
This article is not intended to give, and should not be relied upon for, legal advice in any particular circumstance or fact situation. No action should be taken in reliance upon the information contained in this article without obtaining the advice of an attorney.