Australian Spam Act & Privacy Laws for Email Marketing

It’s super important that you are familiar with the Spam Act and the Privacy Laws when sending emails.

The ACMA website is where you should always reference the most up-to-date information in terms of current legislation and any compliance.

For the purpose of this short course, the below is basically the overall gist of what you’re responsible for being compliant in when sending any marketing emails from your business.

What laws are there against spam in Australia?

The ACMA enforces the Spam Act 2003 and accepts complaints, reports, and inquiries about spam in Australia. The Spam Act specifically relates to messages sent to Australians by email, SMS, MMS and instant message that:

  • offer, advertise or promote the supply of goods, services, land or business or investment opportunities
  • assist a person to dishonestly obtain property, commercial advantage or another gain from another person.

The Spam Act contains three main rules that message senders must comply with – consent, identification and unsubscribe facilities.


In Australia, commercial electronic messages sent to you must be sent with your consent. The Spam Act provides for two types of consent – express and inferred.

Express consent means you have deliberately and intentionally opted-in to receiving electronic messages from the message sender. Some examples include:

  • ticking the box next to a statement seeking permission to send you marketing messages
  • entering your mobile telephone number on a website to opt-in to receive regular ringtones and games on your phone, then replying to a subsequent SMS to complete the opt-in process
  • entering your email address on a competition entry form and ticking a box next to a statement that says you wish to receive regular updates on the activities of the business
  • contacting a business directly, in writing or on the phone to ask for information to be sent to you on an ongoing basis.


All commercial electronic messages must contain clear and accurate identification of the sender of the message and information on how you can contact the sender. If a message sender does not clearly and accurately identify themselves, the message should be reported to the ACMA.

Identifying information about the message sender may be found in:

  • the ‘from’ field or subject line of an email,
  • the body of the message text,
  • a website address and/or
  • the sender identification of an SMS or MMS message.


Finally, all commercial electronic messages must contain an unsubscribe facility. This means there must be instructions on how you can opt-out of receiving messages. Whatever consent you may have given to receiving commercial electronic messages, you can withdraw it if you no longer wish to receive those messages. You should always use the same email address to unsubscribe as that used to subscribe.

A message sender has five working days to act on unsubscribe requests, and they will often be dealt with more quickly.

If a message does not contain an easy to use unsubscribe facility, the message should be reported to the ACMA.

Some examples of unsubscribing facilities include:

  • A sentence at the bottom of an email advising ‘to unsubscribe, reply to this email with unsubscribe in the subject line’ or ‘to unsubscribe, click on this web address and enter your email address’
  • A notification in a text message to reply ‘stop’ to opt-out or ‘unsubscribe’;
  • A notification to ‘change your preferences’ in your account to opt out of receiving commercial messages.