How do you write a Spam and Unsolicited Commercial Email (UCE) Policy document?
SPAM / UNSOLICITED COMMERCIAL EMAIL (UCE) POLICY
The purpose of this document (hereafter referred to as the "Spam / UCE Policy") is to set forth Company Name's rules and restrictions governing Unsolicited Commercial Email, Unsolicited Bulk Email ("UBE") and/or Spam as set forth by the definitions below. Company maintains a "zero tolerance" policy regarding Spam/UCE and monitors all activity conducted on Company servers, mail services, applications, and other resources. Any customers found to be using Company resources to engage in sending Spam /UCE shall have their access or account(s) immediately terminated.
For consideration, Company defines the following terms:
Definition of Spam/Unsolicited Commercial Email (UCE). Spam is unsolicited email sent to recipients who have neither requested such information or with whom no pre-existing business relationship exists. For the purpose of this policy, the terms Unsolicited Commercial Email (UCE) and Unsolicited Bulk Email (UBE shall be interchangeable).
Definition of Commercial Email
Commercial Email (Legitimate Commercial Email) is email sent to recipients who have requested such information (Consent or Opt-in) or with whom a pre-existing business relationship exists.
Definition of Intentional Spam/UCE
Intentional Spam/UCE is electronic email sent from a computer in which the computer owner willfully and knowingly engages in the direct sending of Spam/UCE from one or more accounts or computers. Intentional Spam/UCE carries an immediate suspension of all access and privileges provided by Company and may result in criminal or civil prosecution under the law.
Definition of Unintentional Spam /UCE
Unintentional Spam/UCE is electronic email sent from a computer in which the computer owner neither intends nor willingly knows that they are sending out Spam/UCE. In most cases, this is due to the computer being infected with a virus or the machine becoming a "zombie" and sending out email on behalf of a spammer and no longer under the computer owner's direct control. Unintentional Spam/UCE may carry an immediate suspension of all access and privileges provided by Company in order to safeguard systems and services; however, it will not result in criminal or civil prosecution by Company.
Instead, Company will try to work with computer owner to bring about a resolution to the sending of Unintentional Spam/UCE by the computer owner.
Definition of Pre-existing Business Relationship
A pre-existing business relationship is one where the recipient has made either a purchase or a request for information; responded to a direct mail piece, contest entry, survey, or questionnaire; or had some sort of offline contact with your business or staff.
Definition of Consent
Consent ("Informed Consent") is defined as verifiable notification by your recipient that the collection and use of their email address is agreeable and the recipient has consented prior to such collection and use. Federal Anti-Spam law (Can-Spam Law).
Company adheres to the laws and provisions of the CAN-SPAM Act of 2003, which states:
All commercial emails must now contain:
Proper header, routing, and subject line information, the physical address of the company doing the mailing, a proper label for adult content, and an opt-out mechanism. The content is exempt if it consists of: religious messages, content that broadly complies with the marketing mechanisms specified in the law, or national security messages. If a recipient chooses to opt out, the sender has ten days to cease sending commercial email to the recipient, or risk further emails to the recipient being label as Spam/UCE under the law.
The sender is not required to remove the address from the sender's list or database under this law, but just has to cease and desist sending any and all commercial email to the recipient. The CAN-SPAM Act also restricts the sale or other transfer of an email address after a recipient has made an opt-out request. The requirement under this law is that the sender "must be able to process opt-out requests for at least 30 days. Further, under the CAN-SPAM Act of 2003, use of any automated means to register for multiple email accounts from which to send Spam/UCE further compounds and constitutes additional violations.
A full copy of the CAN-SPAM Act is available on the FTC web site at: http://frwebgate. The new federal anti-Spam law went into effect on January 1st, 2004 and preempts all state laws. The penalties can include fines and/or imprisonment for up to five (5) years.
Excessive Use of Services
Company may impose an additional charge or restriction of services at any time that Customer's use of any Email, Hosting, or ISP Services imposes a considerable effect on Company resources or system performance. Company shall have sole discretion as to what constitutes excessive use and what activity is considered a violation of either the Company Acceptable Use Policy, or level of service that the Customer is currently using. Company is responsible for monitoring such excessive use for the account as a whole, and has no responsibility for identifying a customer's individual end-user, employee, or other agent who may or may not be responsible for the excessive use of services.
This includes the sending or receiving of Unintentional Spam as defined in Section 1 of this policy.
Additional Policies Regarding Email
The following email practices or activities are also prohibited by Company and may result in termination and/or criminal or civil prosecution.
Harassment via Email. This is defined as sending email with content that is generally perceived as physically threatening or harassing the intended recipient. Letter Bombing. This is defined as sending email with content or attachments that could harm the intended recipient's computer or damage Company network or services.
Mail Bombing. This is defined as purposefully sending an unreasonably large number of emails to a single recipient, network, system or other destination for the purpose of disrupting, harassing, or otherwise trying to damage the recipient in some manner. This is defined as engaging a third-party company or agent to send UCE to recipients as defined above that contains direct or indirect links to a web site owned or operated by Customer.
SPAMvertising also includes the use of third-party email accounts or services not hosted or controlled by Company that send UCE on behalf of Customer. Company takes all SPAMvertising complaints seriously and will investigate these claims to the fullest extent of its ability. Customers are encouraged to review our policies governing such activity and contact their Company account representative PRIOR to engaging in such activity in order to avoid potential problems with regulatory agencies.
Email Content, Spam Content, UCE Content, and Censorship
Company will exercise no control whatsoever over the content of the information passing through the network, email (Spam, UCE or otherwise), or web site and takes no responsibility for the suitability or legality of any content passing through its network or Customer's accounts.
Warranties, Interruption of Service(s) due to Spam/UCE
Company makes no warranties or representations of any kind, whether expressed or implied, for the service it is providing. Company also disclaims any warranty of merchantability or fitness for any particular purpose and will not be responsible for any damages that may be suffered by Customer, including loss of data resulting from delays, blacklists, non-deliveries or service interruptions by any cause or errors or omissions of Customer due to Spam/UCE complaints, the investigation thereof, or any delays resulting from any third-party action or activity. Use of any information or service obtained by way of Company is at Customer's own risk. Company expressly limits its damages to Customer for any non-accessibility time or other down time to the pro-rata monthly charge during the system unavailability due to Spam or investigations into allegations of Spam/UCE.
Company specifically denies any responsibilities for any damages arising as a consequence of such unavailability.
1 Shared Email Hosting Disclaimer
Company is not responsible for the actions of other customers it may place on the Shared Email Hosting Server or any other resource that the Customer may use. Company will make every effort to ensure that all customers abide by the Company Acceptable Use Policy (AUP) and Spam/UCE policy and will periodically review Customer activity to ensure compliance with all Company policies. Company is not responsible for any blacklisting of Customer's IP or domain by any third party or resource that the Company does not have direct control over.
2 Antivirus, Trojan, and Malicious Code Disclaimer
Company email servers make use of enterprise class antivirus software to protect the server and detect virus infected email messages. Infected email messages will be handled per Company policy and preferences prior to the Customer receiving the messages. Additional antivirus options are available and the Customer may configure these options for inbound and outbound email antivirus scanning in their Email Hosting Control Panel. Due to the nature of virus, Trojan, and other malicious code dangers, Company makes no warranty that these features will detect, delete, or otherwise protect Customer from these dangers.
Customer is responsible for implementing its own internal policies and procedures for opening potentially dangerous attachments, and is encouraged to install antivirus software on all access points or computers using Company Email Hosting Services.
Company may terminate this Agreement at its sole discretion upon the occurrence of one or more of the following events: 1) failure to comply with any provisions of this Spam/UCE Agreement or the Acceptable Use Policy upon receipt of written notice from Company of said failure, 2) appointment of Receiver or upon the filing of any application by Customer seeking relief from creditors, or 3) upon mutual agreement in writing of Company and Customer.
Account Deactivation, Termination, or Cancellation
Upon account deactivation, termination, or deletion, all stored files, logs, email messages, attachments, address book entries, mailing lists or other data stored on Company servers will be immediately deleted. Company has no obligation or responsibility to store Customer's data after Customer's account has been deactivated or terminated.
If legal proceedings are commenced to resolve a dispute arising out of or relating to this Agreement, the prevailing party shall be entitled to recover all costs, legal fees, and expert witness fees as well as any costs or legal fees in connection with any appeals.
Customer shall indemnify and hold Company harmless from and against any and all claims, judgments, awards, costs, expenses, damages and liabilities (including reasonable attorney fees) of whatsoever kind and nature that may be asserted, granted, or imposed against Company directly or indirectly arising from the use of Company services or in connection with Customer's marketing or support services of the product or services or the unauthorized representation of the product and services or any breach of this Agreement by Customer.
It is the Customer's responsibility to prevent the sending of Spam/UCE at all times. At no time does Company accept responsibility for Customer's action regarding Spam/UCE, whether direct or indirect; intentional or unintentional; and Customer bears the responsibility to resolve all Spam/UCE complaints in a timely and complete manner.