Supermarket giant Woolworths has received a fine totaling more than a million dollars after the company breached spam laws.
The Australian Communications and Media Authority – ACMA – handed down the $1,003,800 fine to Wooloworths after the company was found to have breached anti-spamming laws more than five-million times.
It’s the largest fine ever issued by the Australian Communications and Media Authority for breaching anti-spamming laws.
The fine was handed to Woolworths after the company continued to send marketing emails to individuals that had previously unsubscribed.
Nerida O’Loughlin, ACMA’s Chair has issued a statement saying that “the spam rules have been in place for 17 years and Woolworths is a large sophisticated organisation.”
“The scale and prolonged nature of the non-compliance is inexcusable.”
“Woolworths failed to act even after the ACMA had warned it of potential compliance issues after receiving consumer complaints,” O’Loughlin said.
“Australians have the right to unsubscribe from marketing emails that they do not want to receive,” she continued to explain. “In this case, consumers claimed that they had tried to unsubscribe on multiple occasions or for highly personal reasons, but their requests were not actioned by Woolworths.”
What is the 2003 Spam Act?
The Spam Act was introduced in 2003, and makes it illegal for any organisation to send commercial messages that are unsolicited.
It also mandates that “commercial electronic messages must include information about the individual or organisation who authorised the sending of the message.”
These messages must also include a “functional” unsubscribe option for the user to opt-out of future messages. Finally, the Act stipulates that “an electronic list produced using address-harvesting software must not be supplied, acquired or used,” by any organisation.
Amanda Bardwell, managing director of Woolworth’s digital division, WooliesX has said that “we respect the right of our Rewards members to choose how and when to communicate with them and apologise for failing to act on all unsubscribe requests as required under the law.”
“Many of the breaches were the result of technical and systems issues, which we fixed in 2019,” Amanda Bardwell, managing director of Woolworth’s digital division, WooliesX said.
She continued to explain that “subsequent breaches occurred because we continued sending communications to email addresses shared by multiple rewards members, where only one member had made an unsubscribe request.”
“While we were acting on unsubscribe requests from individual rewards members, we did not assume it meant other members sharing that email address had to be opted-out as well.”
Bardwell concluded that “the ACMA has made it clear it expects all communications to an email address to stop in such scenarios.”
For your free ISO 27001 – Information Security Management System – Gap Analysis Checklist, Click here
The Optus Spam Act Breach
Earlier this year, Optus was found in breach of the same anti-spamming laws and fined $500,000.
At that time, O’Loughlin said a review was promoted after the regulator received a number of customer complaints.
“We know that Australians hate receiving spam, it interferes with their privacy and their choices about what messages they receive over their networks,” she said.
CEO of the Australian Communications Consumer Action Network has said previously that “the Spam Act and the Do Not Call Register are two things that do actually work in favour of consumers.”
“I mean, sure, there are ways to get around it and things are not perfect, but if we report it to ACMA through their complaint handling section on their website and their 1800 number, you can see that investigations do happen and that’s very pleasing to know,” she concluded.
For the latest industry news, how-to guides and ISO-explainers, keep your eyes on the Best Practice News page