Clarity1: The Australian Fight Against Spam
On April 13, 2006, the Federal Court of Australia released its judgment in the case Australian Communications and Media Authority v. Clarity1 Pty Ltd [2006] FCA 410. This decision is an important step in the fight against spam in Australia, being the first successful prosecution by the regulator, Australia Communications and Media Authority (ACMA), for unsolicited commercial electronic messages (CEMs) under the Spam Act (Act), which was enacted in 2003 and became operative in April of 2004.
The respondent, Clarity1, is a company incorporated in Australia that carried on business under the names of Business Seminars Australia and Maverick Partnership from October 15, 2003 onwards. Mr. Mansfield, the second respondent, acted as the sole director of Clarity1 from October 1, 2003 and was responsible for Clarity1’s business in each of the States and Territories in Australia. Prior to when the Act became effective, Clarity1 obtained many electronic addresses through both address-harvesting software, which compiles lists of electronic addresses from the Internet, and by purchasing or instructing others to purchase electronic address lists of electronic addresses also harvested on the Internet from other persons or organizations.
Once in possession of these addresses, Clarity1 entered them into text documents and databases, forming lists of electronic addresses. At least 41,796,754 CEMs containing offered to supply or advertised a good or service provided by Clarity1 were sent the electronic addresses in Australia and the United Kingdom using an internet carriage service or listed carriage service between April 10, 2004 and April 7, 2005. This continued until October 24, 2005 at the same rate. Each CEM contained an “unsubscribe facility” clause, which stated the procedure for removal from the list of electronic addresses. Clarity1 complied with the approximate 166 000 requests for removal. While the ACMA received 79 complaints relating to Clarity1’s CEMs, none involved a failure to remove an electronic address from a list.
In finding in favour of the applicant, the ACMA, the Federal Court of Australia held that Clarity1 contravened ss. 16 and 22 of the Act. Section 16(1) prohibits a person from sending a CEM with an Australian link unless the electronic account holder has consented the sending of the message, pursuant to the exception in s. 16(2). Section 22(1) prohibits the use of harvested address lists or address-harvesting software. In coming to their decision, the court held that the CEMs had an Australian link because either the sender or person authorizing the sending was “physically present or had its central management and control in Australia or the computer, server or device utilized for sending was located in Australia.” The respondents claimed that they should fall under the exception for registered charities or educational institutions; however, the court rejected these defenses for lack of evidence.
The respondents also raised the defence of consent on several grounds. First, they claimed that because the addresses were found on the internet, consent can be reasonably inferred; however, the court rejected this defence. Second, the respondents argued that they should reasonably be able to infer consent since the recipients of the CEMs failed to use the “unsubscribe facility” contained in the CEM. The court held that this inference cannot be supported because not only does the relationship between Clarity1 and the recipient lack bilateral communication, the recipient may never have viewed the unsubscribe facility since there are various methods available to recipients to deal with unwanted CEMs, such deleting the CEM without reading it.
Further, there is no evidence that Clarity1 obtained or intended to obtain consent when it purchased the addresses from external parties or used address-harvesting software, especially when considering the large volume of CEMs that were sent. The respondents also claimed inferred consent on the basis of business relationships between Clarity1 and the recipients. While the court allowed for consent to be inferred in the limited case of 182 previous purchasers of Clarity1 products, it rejected the respondents’ defence in the other cases because a business relationship cannot exist without mutuality, which is not present in this case where the communication was one-sided, with no responses from the recipients.
The respondents also raised the defence of conspicuous publication, which requires that an address allows the public to send electronic messages to persons or holders of particular roles, positions or offices and that the address must have been conspicuously (“readily attracting attention”) published. It must also be established that it is reasonable to assume that publication occurred with the agreement of the organization or person involved and that there is some relevance between the CEM and work-related business of the individual or office involved. In denying this defence, the court held that the addresses failed to be published in a non-conspicuous way or that the CEMs lacked relevance to the business of the entity involved.
The court held that the respondents had contravened s. 22(1) of the Act in using harvested-addresses lists. Although the respondents had obtained the electronic addresses using harvesting methods before the Act became operative, the court found the purpose of the provision is to prevent the use of harvested-address lists, regardless of how the list was previously obtained.
The court also held Mansfield liable for his contravention of ss. 16(9) and 22(3) of the Act as a person who counselled, aided, abetted or procured a contravention, or was directly or indirectly, a party to or knowingly concerned in a contravention. As sole director of Clarity1, Mansfield was aware and responsible for Clarity1’s business and participated in each aspect of Clarity1’s conduct, including that which contravened the Act.
On October 27, 2006, the Federal Court ordered that Clarity1 pay a pecuniary penalty of $4.5 million and Mansfield pay a $1 million pecuniary penalty. In deciding the quantum of the fine, the court considered the relevant factors under ss. 24 and 25 of the Act, including the nature and extent of the contraventions, the nature of loss or damage resulting from the contraventions, the circumstances in which the contraventions took place, the financial position of the respondents and their capacity to pay, the totality principle requiring the consideration of the appropriateness of the pecuniary penalty having regard to the totality of the conduct rather than simply by the addition of each individual contravention, the specific deterrence of the respondents and the commercial realism of the particular circumstances of the matter.
While these amounts are significantly lower than the very high maximum penalty that a court can impose under the Act, the court noted that the penalty in relation to the respondents’ conduct and financial capacity to pay provides the element of general deterrence, as opposed to the sole consideration being the total amount of the pecuniary penalty. The new nature of the legislation was also considered in determining the amount of the penalty.
“Spam”, the electronic version of “junk-mail” sent to recipients without their permission, is an ever-growing problem within today’s global society. The Act was created to regulate commercial email and other types of commercial electronic messages. According to s. 16(1), unsolicited commercial messages must not be sent. This provision explains that people are prohibited from sending commercial electronic messages that have an Australian link and are not designated commercial electronic messages. This includes email, instant messaging, SMS and MMS (text and image-based mobile phone messaging) of a commercial nature.
To clarify, Schedule 1 notes that designated commercial electronic messages contain no more than factual information and are sent on behalf of a government body, registered political party, religious organization, charity or education institution. The sending of spam raises multiple problems for recipients. Not only is spam considered an inconvenience, it slows down networks, reducing productivity, can be offensive and potentially be sent as part of scams or fraudulent activity. It can also result in an invasion of one’s privacy on the internet.
While the ACMA is responsible for enforcing the Act and furthering the fight against spam in Australia by responding to complaints by the recipients of spam, the actual effectiveness of the Act has been called into question. Besides Clarity1, there are no other high profile, successful cases under the Act. Further, as a result of the requirement that the spam must have an Australian link, the Act fails to present an extra-territorial effect.
However, according to a review by the Department of Communications, Information Technology and the Arts, the majority of spam received in Australia originates overseas. This is problematic because without an Australian link, ACMA fails to have the jurisdiction to pursue spam originating from overseas, which is a significant limitation on the ability of the Act to fulfill its objective in combating spam. While the pecuniary penalties imposed in Clarity1 may act as a deterrent for legitimate Australian businesses that consider sending spam, a large amount of spam originates from illegitimate organizations that are less concerned about being prosecuted under the Act.
Attempts must be made to address the shortcomings of the Act. Since the Act does not apply to spam originating without an Australian link, Australia should attempt to enter into international agreements or treaties with anti-spam enforcement organizations overseas in an effort to reduce the amount of spam received lacking the Australian link. The effectiveness of ACMA as an anti-spam enforcement agency can be enhanced by providing public education about the Act including what constitutes spam and the recourse measures available to recipients of spam. While the Act and the role of the ACMA is an important step toward protecting individuals’ privacy by attempting to reduce spam and prohibit the use of electronic address lists produced using address harvesting software, as exemplified in the Clarity1 decision, concern over spam still exists. Certain measures, including promoting education, awareness and international agreements, need to be taken in order to make a genuine impact on the extent of spam activity and to further the protection of privacy on the internet.
Join the conversation