On July 1, two new child protection laws went into effect in Utah and Michigan. Both implement do-not-email registries to protect minors from inappropriate content.
As a new father, I fully appreciate the desire to protect children. But these laws are seriously flawed and a significant concern to anyone who uses email for business purposes.
Do-not-email lists are ineffective and can be misused. The FTC understands this: it voted 5-0 against implementing such a list for CAN-SPAM. Misusing such lists to verify email addresses is easily accomplished. Spammers have long shown a propensity to flout the law. Why would these laws be any different?
The Utah law even acknowledges the registry may actually increase the risk of exposure for minors:While every attempt will be made to secure the Child Protection Registry, registrants and their guardians should be aware that their contact points may be at a greater risk of being misappropriated by marketers who choose to disobey the law.
The ineffectiveness of do-not-email registries and the risk they'll be misappropriated to send messages to minors, while serious issues, are not themselves direct threats to email marketing. That threat lies in the following.
These are child protection laws that expressly regulate commercial email. But unlike anti-spam laws recently passed by states, they apply regardless of permission or quantity. Opt-in bulk email, person-to-person email (business or private), even intra-company email could constitute a violation.
They don't apply solely to minors' email addresses, either. Addresses to which minors have access, such as that of a parent or guardian, may be registered. Even entire domains that are primarily used by minors, such as schools, can register.
These laws aren't restricted to content deemed harmful to minors. They include any product or service a minor is legally prohibited from purchasing. In the case of the Michigan law, it also includes products and services minors are prohibited from viewing, possessing, participating in, or otherwise receiving.
At this point, it's not certain precisely which products and services are affected. The Michigan Web site states alcohol, tobacco, pornography or obscene material, gambling, lotteries, illegal drugs, vehicle sales, fireworks, and firearms are covered, but the sites makes it clear it's not a comprehensive list. In addition, depending on interpretation, it may include financial services, certain prescription drugs, sweepstakes, and even NC-17 movies.
A company representative who responds to an inquiry regarding a mortgage refinance could be in violation. So could an email listing movie show times and offering tickets, if even one of the movies is rated NC-17. It's even possible an email with a sweepstakes entry could be in violation.
The prospect of 26 different state anti-spam laws, each with its own requirements, was problematic. This new situation is many times worse. These statutes not only vary in what's acceptable, they also require specific, regular action be taken to maintain compliance. Having to run every email address through each state's compliance filter once per month just doesn't scale. On the Internet, scalability (the "what if everyone did it?" question) is important.
An Undue Burden
Both laws charge a fee for mandatory monthly filtering of the total number of addresses checked, not the number of addresses matched. Utah is expected to charge $0.005 per address and Michigan $0.007. That's $12,000 per month for 1 million addresses. The Michigan law places an upper limit to the charge of a whopping 0.03 cents per address ($0.0003) which is lower than the $0.007 being quoted by state officials.
This amounts to a substantial increase in the per-piece cost of email, and this would be compounded with each new state that enacts such a law. Larger senders could be looking at tens, even hundreds of thousands of dollars per year in fees alone.
What to Do About It
Many believe these laws are unconstitutional or violate the CAN-SPAM law, which prohibits states from passing laws specific to email. Let's hope they'll soon be repealed or amended.
In the meantime, our response should be the same as Ben Isaacson's was to state anti-spam laws two years ago:
Until next time.
Want more email marketing information? ClickZ E-Mail Reference is an archive of all our email columns, organized by topic.
Derek Harding is the CEO and founder of Innovyx Inc., a member of the Omnicom Group and the first e-mail service provider to be wholly owned by a full-service marketing agency. A British expatriate living in Seattle, WA, Derek is a technologist by background who has been working in online marketing on both sides of the Atlantic for the last 10 years.
May 22, 2013
1:00pm ET / 10:00am PT
June 5, 2013
1:00pm ET / 10:00am PT