|The world has changed as regulations evolve in how email and related message services can be used to communicate with customers, suppliers, prospects and business associates.|
1. PECR: UK Privacy and Electronic Communications Regulations 2003 and related European acts.
2. DPA: European Data Protection Act 2010.
3. SPAM: USA CAN-SPAM Act 2003 (because so many people in Europe use USA owned email services).
4. RIPA: UK Regulation of Investigory Powers Act 2000 (need for encryption).
|Message in this page shall mean any kind of electronic message or email.|
Quotation messages are like all other kinds of marketing messages and are subject to direct marketing regulations.
Invoice messages transactional, not marketing and not subject to direct marketing regulations.
Kind of message; "Transactional" in the course of some agreed mutual business and "Marketing" as all other messages. Exemptions include: religious, political and national security messages.
|The company is legally responsible for all messages to its customer contacts with regard to:-|
1. Content of all messages must be appropriate so it does not offend the reader.
2. Security of company confidential information must be provided with encryption and other means.
3. Opt-In evidence trail must be maintained to prove that the customer contact opted-in to receive the information.
4. Opt-Out or unsubscribe methods must be provided with every electronic message.
5. Evidence of every message must be retained and a court can demand a copy of every message relating to a named person.
6. Disclaimers must be applied to every message unless the message is a reply already contains the disclaimer.
7. Maintenance is needed to identify obsolete email addresses and record when real addresses are actually used.
9. Complaints must be handled by Executives according to documented procedures.
|This paper has focus on external messages to people in other companies, however must of the legal framework applies equally to internal messages. It may be easy for a sales person to comment that a competitors product is rubbish, but this can lead to substantial damage claims on the company.|
The content of every message must be of a good quality that you can be proud for it can be shown on the 6 pm news. Where a message is of a low quality, then it may be shown on the 6 pm news - everything in a message will be recorded and may be used against the author and their company.
A number of professional victims have identified that they can claim damages by being offended and being distressed by ad-hoc messages sent by unsuspecting companies.
|Also known as "rubber-hose cryptanlysis" where encryption secrets are extracted by coercion in accordance with RIPA. LeXica Ltd purposefully disclose that no one person holds a complete encryption key. At least three system administrators must cooperate together at the same time to gain access to any encryption key or any business data. The objective is to ensure that LeXica Ltd people and families are not placed in harms way of a criminal attack to gain access to business data.|
Data Sovereignty: ACRM data is only subject to UK law - Data is encrypted in European-Owned data centres that are subject to European Data Protection laws and not subject to USA laws. Only a UK court order on three of more LeXica Ltd system administrators could cause business data to be disclosed.
|Theoretically, regulations concern company messages and not private messages, however what one person imagines as a private message, other people may imagine to be a business message. To be safe, the same guidelines should be followed with a degree of flexibility, depending on how private the message is. Increasingly, people are claiming damages against other people because of what they put in an electronic message. Increasingly, people are being taken to court for something they said as a joke, but was interpreted by others as offensive.|
A safe solution is to use ACRM for all private messages that are of a similar quality to business messages.
|ACRM includes a discount code (or coupon) for retail prospects - just to say thank you.|
ACRM messages may be changed (or cancelled) after they have been sent and before the person has viewed the message.
ACRM messages may have an assigned life cycle before they expire.
Track and Trace:
|ACRM has a unique track and trace domain (*.info) that stores a one pixel image with a name that resembles the contacts email address. The activity log for this domain is monitored in real time to detect when one of these special images is viewed. The CRM for the applicable email address is updated with the date and time when the image was viewed.|
Data Privacy Service:
|ACRM is a world leading Data Privacy service provider - information feeds to people can be protected and managed to the full extent of all European regulations. Companies who do not deply a comprehensive data privacy solution and continue to send emails to people without adequate opt in-out capabilities will be fined by the UK Information Commissionaire up to 5% of their global revenue.|
Information Commissionaire Office:
|ACRM can only send emails wheere consent has been knowingly given, clear and specific - it must involve some form of positive action, for example: ticking a box or clicking on an icon - and the person must fully understand that they are giving consent. The clearest way to obtain consent is to ask the person to tick and opt-in box confirming they are happy to receive marketing messages from the business. The business must keep clear records of what the person had consented to, and when and how this consent was obtained, so that the business can demonstrate compliance in the event of a complaint.|| |
1a. Content Law:
|Message contents must not offend the reader. Employees do not own the content of any business message - the company owns and is fully responsible for the content. Every message should contain a company copyright notice and applicable disclaimers as approved by Executives. The company must recognise that every message exposes the company to legal threat and potential claims for damages.|
The law demands that the "FROM" address is correct and relevant - all message validation is based on this from address. The law demands that a message cannot be sent without an unsubscribe option. The law demands that a message must contain at least one sentence. Every message should include the company name and address with registration country and number. Laws are based on the recipients country, not the senders country. A casual comment that a competitors product is rubbish can lead to massive damage awards - even in an internal email.
The law permits a company to inspect and monitor all employee business messages. Contractual obligations in messages are binding on the company. Defamatory content in messages can cause the company to be liable for damages. Offensive content in messages can cause the company to be liable for damages. Intellectual property such as photos in messages can cause the that property to be in the public domain and no longer the exclusive property of the company.
1b. Content Solution:
|Every message must be a standard template that has been approved by Executives and does not contain any ad-hoc text that could be imagined by others to be offensive. Every message must be retained in a document format that can be easily read for the next seven years - nothing proprietary.|
2a. Security Law:
|Data Protection regulations demand that private and confidential information must not be disclosed to third parties, including Internet Service Providers (ISP) who are obliged to copy all Internet traffic. Public email services are not secure and never will be secure - they cannot comply with basic Data Protection laws. An encrypted message attachment may comply with Data Protection regulation, but that would involve an exchange of private keys between the parties.|
Traditional email services can be equated to a postcard where its contents will be read and may be copied by many Internet nodes. It would be illegal to send a traditional email to a person containing confidential business information where that information is not encrypted or secured using a similar method.
Traditional email services that push and store confidential business messages on smart phones and portable devices that may be stolen or lost would be illegal. Companies have suffered massive fines when a laptop containing business data is targeted and stolen by criminals.
2b. Security Solution:
|ACRM sends every message as both an envelope and a private letter. The envelope message must not contain any private and confidential business information because it will be copied by many agencies as it flows though the public Internet. The private letter message must be encrypted that can only be read by the intended recipient and cannot be read by agencies that copy all Internet traffic.|
ACRM retains all valuable business data in safe encrypted databases - no business data needs to be downloaded to any type of computer. Messages may be viewed from a smart phone or laptop, but such data is encrypted and never stored on a local computer.
3a. Opt-In Law:
|Before any marketing information can be sent to a named person, that person must have opted in to receive that marketing information. Not only must the person opt-in, but an evidence trail must be maintained to prove when and how the person opted-in - verbal agreement can be contested in a court. It would be illegal to send a traditional email containing marketing information to a person without evidence of when and how they opted in.|
3b. Opt-In Solution:
|ACRM sends a simple standard template message asking the named person to confirm their email address and showing a list of optional kinds of messages that may be involved. When the person clicks on a confirmation link, details of the person, date, time, IP address, browser, computer etc., are recorded as evidence. Messages can then be sent to those people in accordance with their information requirements - evidence exists to verify why any message is sent.|
4a. Opt-Out Law:
|Every message sent to a named person must include an unsubscribe option (or similar method). It would be illegal to send a traditional email containing marketing information that does not include a workable unsubscribe option.|
4b. Opt-Out Solution:
|ACRM will only send a standard template messages that always include the mandatory unsubscribe link. When the person clicks on an unsubscribe link, details of the person are recorded as evidence to ensure that a message is not sent to that person until they opt-in again. Opt-in and opt-out data must be recorded with every potential person (prospect) who may be sent a business message.|
5a. Evidence Law:
|Every message to named person must be retained for at least seven years and it must not be possible for the message to be changed or deleted. A court can demand that all correspondence with a named person is disclosed without any exceptions and with evidence that it has not been manually tampered with. It would be illegal to send a traditional email where the only copy of that message is stored in a private sent folder where messages can easily be deleted. It would be illegal to retain emails using a proprietary file format that may be unreadable in a few years time - such as Outlook Express or PST.|
5b. Evidence Solution:
|ACRM records every standard template message as a raw HTML file that is certain to be easy to read in seven years time. Every file name includes the date and time when the message was generated and that cannot be changed in any way. Every file is associated with the author and who it was sent to so court orders can quickly be responded to without any exceptions.|
6a. Disclaimer Law:
|Disclaimer notices are optional in law but any council will advise that they carry great weight in any court of law. The exact details of any disclaimer must be verified by corporate legal opinion and must be implemented for all employees without favour. Because a company can be locked into contractual obligations and because a company is liable for disclosure of confidential information to other parties, the role of the disclaimer notice is of paramount importance. It is not illegal to exclude a disclaimer, but it can be beneficial.|
6b. Disclaimer Solution:
|ACRM only sends standard template messages that have been approved by Executives and/or legal council. Evidence of every change to the corporate disclaimer is provided as an audit trail that can be presented to a court.|
7a. Maintenance Law:
|It would be illogical to keep on sending messages to obsolete addresses, so the management of CRM addresses is critical. On average, 13% of email addresses become obsolete each year as people leave and move on. That demands on-going procedures to detect and revise CRM email addresses.|
Considerable business benefits can be derived by recording when (date + time) a message is viewed. Timely follow up becomes practical when it is known that a person has viewed each specific message.
7b. Maintenance Solution:
|ACRM includes track and trace facilities to identify when each message is viewed - data, time and other factors are recorded. Evidence of the life cycle of every message increases the value of each message and identifies those messages that are never viewed. It is easy to identify obsolete addresses where messages are ignored and follow up may be needed to discover if a new person has taken that function.|
ACRM has invested a lot into its track and trace facilities to maximise the benefits to the business. When used in an effective way, productivity can be dramatically increased while operating costs are reduced.
9a. Complaints Law:
|Many industries have a mandatory requirement to have a published complaints procedure and many more companies are conforming to these good governance laws. Where a person makes a complaint that the content of a traditional email is offensive and claims damages, then Executives are obliged to action the complaint. Where the person sending the email has lost the email, then the company may be obliged to settle and pay damages as the cheapest solution. If the case is disputed and goes to court, then the complaint procedure will need to be disclosed so the court can decide its effectiveness.|
9b. Complaints Solution:
|ACRM includes public access complaint procedure forms where a person can explain how and why that were offended of suffered distress. Evidence of every complaint is recorded with follow up actions taken by all parties. Where disciplinary action can be demonstrated to the court, then the evidence trail can be taken into account and if any damages need to be awarded.|