Reading time: 5 minutes

An Australian online marketplace, Oneflare, recently had to pay $75,600 for breaching the Spam Act 2003 (‘Spam Act’). Oneflare sent commercial messages to a large number of people, breaching its responsibilities under the Spam Act. If your business uses electronic advertising, you should understand what the Spam Act means for you and how to avoid making Oneflare’s mistakes. This article will explain:

  • Oneflare’s mistake;
  • what Oneflare had to promise to do to rectify the situation; and
  • some of the key requirements under the Spam Act.

The ACMA Investigation 

After receiving many complaints about unwanted messages, the Australian Communication and Media Authority (ACMA) investigated how Oneflare was finding and communicating with individuals without consent. It found that Oneflare sent messages to phone numbers available on public directories and did not provide an unsubscribe option. 

What Does the Spam Act Say?

The Spam Act contains certain rules that businesses must abide by, including:

  • when businesses can and cannot send commercial electronic messages; and 
  • what text these messages must include. 

‘Commercial electronic messages’ include digital forms of direct marketing (e.g. emails or text messages). These are distinct from physical messages (e.g. sending letters by post).  

To send an electronic marketing message, you must:

  • have consent from the recipient to send marketing messages;
  • identify your business as the sender; and
  • include an option to unsubscribe within the message. 


To receive consent from recipients, you can obtain either express or implied consent. You will need to keep a record of this consent. 

You can obtain express consent by asking the customer if you can send them marketing messages. 

For example, you could include an opt-in checkbox offering the customer marketing material. The customer can then choose whether or not to tick the checkbox. 

You may receive implied consent from a customer when they purchase a product from you and you send them marketing material about similar products. 

For example, a customer purchasing a camping tent from your online store could imply that they would like to receive material about other camping equipment (e.g. a portable stove).

You can also infer consent if the customer conspicuously displays a work-related email. This means that if a work-related email address is accessible to the public (e.g. on a businesses’ website) and there is no statement withholding consent, you may be able to send messages to this email address. The key issue here is that the email address and your communication must both be work-related. Any personal or unrelated marketing you wish to send to personal email addresses would not fit within this exception. 


Any message you send should include your businesses’ name so that the recipient knows who the message has come from. 


Every commercial or marketing message you send should include an unsubscribe function, such as: 

  • a link to unsubscribe; or 
  • the steps the recipient should take to opt out of receiving messages from you (e.g. “to opt out, reply ‘stop’”). 

If a customer requests to unsubscribe or opt out, you must action their request within five days. 

ACMA may conduct investigations in response to complaints from individuals who feel that a business is spamming them. It is important to ensure that you always comply with the Spam Act so that you can easily explain your processes if ACMA decides to investigate you. 

The Spam Act applies to any business that sends commercial electronic messages. However, if you are an APP entity, you will also need to comply with the Privacy Act when you send commercial electronic messages. APP entities are businesses who:

  • have an annual turnover of more than $3 million;
  • trade in personal information;
  • provide a health service; or
  • contract with the government.

These businesses must comply with the Australian Privacy Principles (APPs). 

How Did Oneflare Breach the Spam Act?

Oneflare had neither express nor implied consent from the recipients of its messages. Rather, Oneflare simply contacted individuals on a public database. These individuals never expressed an interest in receiving communications from Oneflare. Lastly, the messages that Oneflare sent did not contain an unsubscribe function. 

As well as paying the $75,600 fine, Oneflare had to make statements in an enforceable undertaking to promise to comply with the Spam Act. Oneflare also had to appoint an independent consultant to review its internal advertising procedures.

The enforceable undertaking revealed that Oneflare tried to infer consent simply because the recipients’ contact details were available on a public database. ACMA found that Oneflare could not infer consent by conspicuous publication because Oneflare’s advertisements did not relate to the work-related business of the recipients. That these details were publicly available did not mean that the recipients had provided either express or implied consent to receiving marketing from Oneflare. Oneflare had to remove these contact details from its system. 

Oneflare’s key mistakes were that it:

  • had not received consent; 
  • could not rely on ‘conspicuous publication’; and 
  • did not offer an unsubscribe function to recipients. 

Key Takeaways

If you plan to send electronic marketing messages, you should ensure that you do not wind up in the same position as Oneflare. To avoid doing so, you should: 

  • ensure you have consent; 
  • identify yourself as the sender of the message; and 
  • allow recipients to unsubscribe from future messages. 

If you have any questions about your business’ compliance with the Spam Act, contact LegalVision’s Data and Privacy lawyers on 1300 544 755 or fill out the form on this page.


Employment Essentials for Tech Businesses

Thursday 5 May | 11:00 - 11:45am

Protect your tech business and your employees by understanding your employment legal obligations. Register for our free webinar today.
Register Now

How to Protect and Enforce Your Trade Mark

Wednesday 11 May | 11:00 - 11:45am

Protect your business’ brand from copycats and competitors. Register for this free webinar to learn how.
Register Now

Corporate Governance 101: Responsibilities for New Directors

Friday 13 May | 11:00 - 11:45am

If you are a new company director, join our free webinar to understand your legal compliance obligations. Register today.
Register Now

How Franchisors Can Avoid Misleading and Deceptive Conduct

Wednesday 18 May | 11:00 - 11:45am

Ensure your franchise is not accused of misleading and deceptive conduct. Register for our free webinar today.
Register Now

New Kid on the Blockchain: Understanding the Proposed Laws for Crypto, NFT and Blockchain Projects

Wednesday 25 May | 10:00 - 10:45am

If you operate in the crypto space, ensure you understand the Federal Government’s proposed licensing and regulation changes. Register today for our free webinar.
Register Now

How to Expand Your Business Into a Franchise

Thursday 26 May | 11:00 - 11:45am

Drive rapid growth in your business by turning it into a franchise. To learn how, join our free webinar. Register today.
Register Now

Day in Court: What Happens When Your Business Goes to Court

Thursday 2 June | 11:00 - 11:45am

If your business is going to court, then you need to understand the process. Our free webinar will explain.
Register Now

How to Manage a Construction Dispute

Thursday 9 June | 11:00 - 11:45am

Protect your construction firm from disputes. To understand how, join our free webinar.
Register Now

Startup Financing: Venture Debt 101

Thursday 23 June | 11:00 - 11:45am

Learn how venture debt can help take your startup to the next level. Register for our free webinar today.
Register Now

About LegalVision: LegalVision is a commercial law firm that provides businesses with affordable and ongoing legal assistance through our industry-first membership.

By becoming a member, you'll have an experienced legal team ready to answer your questions, draft and review your contracts, and resolve your disputes. All the legal assistance your business needs, for a low monthly fee.

Learn more about our membership

Need Legal Help? Submit an Enquiry

If you would like to get in touch with our team and learn more about how our membership can help your business, fill out the form below.

Our Awards

  • 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice Winner – Australasian Lawyer
  • 2021 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review
  • 2021 Law Firm of the Year - Australasian Law Awards
  • 2019 Most Innovative Firm - Australasian Lawyer