The Legal Notice in Newsletters: This is What Counts!
Everyone knows it, but not everyone has it: The legal notice in a newsletter! A missing or wrong legal notice be very costly. Time and […]
Everyone knows it, but not everyone has it: The legal notice in a newsletter! A missing or wrong legal notice be very costly. Time and […]
Due to a recent increase in questions about this issue, we would like to shed some light on advertising so-called “secondary lotteries”, a type of […]
A feedback loop is a technical service provided by mailbox providers that reports back spam clicks from email recipients to the sender. This function is […]
During complaint procedures, the question arises again and again as to whether the mailing in question is considered a transactional email or perhaps a newsletter. […]
Consent for the sending of marketing emails is only valid if the statement of purpose issufficiently specific and the consent is given based on an […]
It is standard practice for Email Service Providers (ESPs) to maintain client-specific or even global suppression lists (do-not-contact lists), in order to prevent the importation […]
In practice, CSA senders and their customers are faced with the problem that a recipient of an email (= data subject) can demand the deletion […]
DMARC stands for: Domain-based Message Authentication, Reporting and Conformance: domain-based message authentication, reporting and conformance of messages. The background to DMARC.org is to increase security […]
In its decision from 15.02.2018 (Az.: 29U2799/17), the Higher Regional Court in Munich needed to deal with the question of whether the sending of a […]
In the first place, what is phishing? Phishing is an invented word cobbled out of the two words “password” and “fishing”. Criminals use fake emails […]
Due to a recent increase in questions about this issue, we would like to shed some light on advertising so-called “secondary lotteries”, a type of unlicensed lottery. This type of lotteries offer bets on the outcome of regular (“primary”) lotteries, sometimes implying that they are selling real participation in said lotteries. As these types of “secondary” lotteries (as well as any unlicensed gambling service like online casinos) are illegal in many European Countries, advertising them is also considered illegal (for Germany, see Sections 4 and 5 of the Interstate Treaty on Gambling, GlüStV). Moreover, depending on the jurisdiction, this might also have criminal consequences, as participating in illegal gambling can be considered a criminal offence and, thus, advertising it might be considered instigating a crime. Lastly, this type of content might also break youth protection laws in some countries. Hence, advertising illegal gambling services also violates the CSA Criteria as it constitutes unlawful email content (Section 4.1). CSA certified senders are therefore strongly advised to raise awareness with their customers about this issue. Please note that, of course, not all advertising for lotteries is illegal – e.g. in Germany, legal and licensed lotteries can quite easily be identified via public information such as this list by the State Gambling Supervisory Authorities (https://innen.hessen.de/sites/default/files/media/hmdis/white_list.pdf).
A feedback loop is a technical service provided by mailbox providers that reports back spam clicks from email recipients to the sender. This function is used when a recipient clicks on the “spam button” in the interface of his or her email account to complain about receiving an email from the mailbox provider.
During complaint procedures, the question arises again and again as to whether the mailing in question is considered a transactional email or perhaps a newsletter. Answering this question can have a particular impact on the legal requirements to be observed for sending. The strict legal requirements for email marketing1apply not only to classic advertising mails in which certain products are explicitly advertised, but also to the sending of newsletters. So, when is an email “just” a purely transactional email, and when is it already considered to be a newsletter?
Consent for the sending of marketing emails is only valid if the statement of purpose issufficiently specific and the consent is given based on an understanding of the situation.However, there are frequently uncertainties regarding the formulation of the consentdeclaration, and these may indeed mean that it does not correspond to therequirements mentioned above. These uncertainties are compounded in the case ofcompetitions involving a variety of sponsors.
It is standard practice for Email Service Providers (ESPs) to maintain client-specific or even global suppression lists (do-not-contact lists), in order to prevent the importation into the system of email addresses for which contact must under no circumstances be re- established. This may be because the recipient has complained in the past and has made the desire not to receive further emails from this sender explicit.
In practice, CSA senders and their customers are faced with the problem that a recipient of an email (= data subject) can demand the deletion of their data, while at the same time the possibility exists that proof of the data subject’s previous consent may need to be produced at some stage in the future. Such a situation might arise if the data subject seeks legal redress directly or through associations that are authorized to institute legal proceedings, if the data protection authorities are involved, or in connection with participation in the CSA. If all data of the data subject were to be deleted, the required proof of consent can necessarily no longer be produced. It is beyond dispute that there is fundamental tension between a data controller‘s obligation to delete and the burden of proof of a sender for consent data. So, what must and can a sender or the customer do? The following information based on the General Data Protection Regulation (GDPR) is designed to give practical orientation.
DMARC stands for: Domain-based Message Authentication, Reporting and Conformance: domain-based message authentication, reporting and conformance of messages. The background to DMARC.org is to increase security in e-mail communication and to ensure greater protection of e-mail recipients against phishing mails, as well as facilitating domain reputation. The goal is to filter out or intercept certain forms of criminal e-mails (phishing) early on so that they do not reach the users. Phishing is the forging of e-mail messages to Internet users, in which, for example, a link contained in the e-mail does not lead back to the reputable provider but rather to the attackers in concealed form, who thus intend to obtain sensitive private data. Phishing can also be done through attachments or requests in an e-mail. Frequently, the sender’s address is disguised to simulate a valid sender to the recipient of an e-mail. This is verified, among others, by DMARC in order to detect any “forgeries”.
In its decision from 15.02.2018 (Az.: 29U2799/17), the Higher Regional Court in Munich needed to deal with the question of whether the sending of a marketing email is permissible from the operator of a dating site to members who had registered without charge. The marketing email was sent without the express consent of the members who had registered without charge. As a result,it needed to be decided whether this usage of email addresses for marketing purposes was permissible according to §7 Para. 3 UWG (an existing customer relationship). The legal interpretations presented in the court’s decision are not undisputed and conflict at least in part with other court decisions.
In the first place, what is phishing? Phishing is an invented word cobbled out of the two words “password” and “fishing”. Criminals use fake emails to try to obtain personal data – in particular login data – from their victims by luring them to fake websites and tricking them into entering their data. In the meantime, a multitude of bogus companies exist. For some time now, not only banks, but also online shops, social media, online games, and many more companies are being counterfeited.