The Italian Data Protection Authority laid down a first consolidated set of measures and precautions, against unsolicited commercial offers, titled “Guidelines on Marketing and against Spam”, in order to counter wild-cat marketing and foster user- and consumer-friendly commercial practices.
Under these Guidelines, the Italian Data Protection Authority paid special attention to the new frontiers of spamming such as the so-called social spam – i.e. spamming performed via SMS – or viral marketing and/or “targeted” marketing practices that may be increasingly and subtly intrusive of data subjects’ private sphere.
The Guidelines reaffirmed the principle of opt-in requirement. Therefore, in order to send promotional messages and advertising via automated systems (pre-recorded calls, emails, faxes, SMS or MMS), the recipients’ prior consent must be obtained (opt-in requirement). This consent must be specific, free, informed and recorded in writing.
In addition, the Guidelines set out that consent is necessary to use data on the Internet or social networks. The recipients’ specific consent is required before sending promotional messages to users of Facebook, Twitter and other SNS – e.g. by posting such messages on the users’ virtual billboards – or to users of other messaging and VoIP services that are increasingly widespread such as Skype, WhatsApp, Viber, Messenger, etc.. For the Italian Authority, the fact that a data happens to be available on the Net does not mean that it may be used freely to send automated promotional messages or for any other “viral” or “targeted” marketing purposes.
Moreover, the Guidelines defined simplified rules for compliant companies and stated specific safeguards measures for individual and companies, increasing fines against spam.