The Commonwealth Bank of Australia (ASX: CBA) has paid a $3.55 million fine after sending more than 61 million marketing emails to customers unlawfully requiring them to log-in to unsubscribe, making the correspondence in breach of the country's spam laws.
The unlawful activity was uncovered by an Australian Communications and Media Authority (ACMA) investigation, which also found the nation's largest bank sent a further 4 million marketing emails that did not have a functioning unsubscribe facility.
The CBA was also found to have sent more than 5,000 marketing emails to customers who had asked to unsubscribe from these messages.
ACMA chair Nerida O’Loughlin says companies must give people the option to unsubscribe from marketing messages and must make it easy to do so when consumers want to exercise their rights.
"The scale and duration of the breaches by the CBA is alarming, especially when the ACMA gave it early warnings it might have some issues and the steps it took were ineffective. The failure to fix the issues shows a complete disregard for the spam rules and the rights of its customers,” O’Loughlin says.
"The failure to fix the issues shows a complete disregard for the spam rules and the rights of its customers.
"Consumers are frustrated by marketing intrusions on their privacy, especially when there is no option, or it is difficult, to unsubscribe."
This is the largest penalty imposed by the ACMA for breaches of the spam laws.
In addition, the ACMA has accepted a three-year court-enforceable undertaking from CBA committing it to an independent review of its e-marketing practices and to implement improvements.
The bank must also give regular compliance reports to the ACMA and train its staff on Australia’s spam laws.
The Spam Act 2003 requires marketing messages to contain working unsubscribe facilities. Making consumers log-in or provide personal details to unsubscribe is also generally prohibited. Once a message recipient has unsubscribed, sending further marketing messages is also against the law.
“We continue to see large and well-known businesses who should know better than breaching the spam laws. This action is a further warning to all businesses that non-compliance with Australia’s spam laws will not be tolerated,” O'Loughlin says.
“We will be closely monitoring the Commonwealth Bank’s compliance and the commitments it has made to review its practices. If we find future non-compliance, we will not hesitate to take further action.”
Over the past 18 months, businesses have paid $11 million in penalties for breaching spam and telemarketing laws. The ACMA has also accepted 12 court-enforceable undertakings and given one formal warning.
Other cases include Binance Australia which was fined more than $2 million in October 2022 for sending marketing emails without consent or without a functional unsubscribe facility, Latitude Finance Australia which was fined $2 million in July 2022 for the same practice but also with SMS communications, and Sportsbet for the same misdemeanour with a $2.5 million fine in March last year.
Help us deliver quality journalism to you.
As a free and independent news site providing daily updates
during a period of unprecedented challenges for businesses everywhere
we call on your support