26 March, 2014
10:53 AM


RSS Feed


Get smart about purchased lists

By Editor

In previous blogs, we’ve talked about the things to watch out for if you’re using a purchased list—but recent ACMA investigations have shown that businesses are still being caught out.

If you purchase a marketing list, you need to make sure that the consumers have given their permission to receive marketing messages from third parties. Your business also needs to be able to demonstrate that consent exists, in the event that the ACMA investigates a complaint about your marketing practices. 

The need to demonstrate consent means that a simple assurance from your list broker that the marketing list is an ‘opt in’ list, or that subscribers have consented, may not be enough.

So, if assurances from the list broker aren’t enough, what should you do? Here are two useful tips:

  1. Question your list broker

Make sure you ask questions and get examples. Start with question like these:

  • How did the subscribers opt in to the list? If they filled in a form or entered a competition, ask for a sample so you can see exactly what fields they were asked to complete.
  • What exactly did the subscribers consent to? Ask to see any terms and conditions, and clarify what they were told when they signed up and if the consent specifically includes third parties.
  • When did the subscribers consent to be on the list? If they gave their information to the list broker years ago, will they really still be expecting to receive marketing messages?
  1. Satisfy yourself that the list is reliable

You should now have answers to the above questions, but remember:

  • your business needs to be able to show that every person agreed to receive your marketing message
  • you need to be satisfied that your list broker can give you this information for all of the people you contact.

If you’re not satisfied that the list broker can provide the information you need, make sure you go back to them for further assurances or evidence.

Purchasing the marketing list without asking the right questions puts your business’s reputation at risk and leaves you in danger of not complying with the Spam Act.

Add your comments
  • Abramo Ierardo

    26/03/2014 2:06:21 PM

    Good, sound and practical advice. All marketers need to use email lists that comply, and there are plenty of them. A good broker will willingly supply the permission basis of the lists they recommend.
  • Mike Hayward

    26/03/2014 3:08:11 PM

    I have just read your article "Get smart about purchased lists". I have a question: does the opt-in requirements apply to postal mailing, telemarketing and faxing?
    Mike Hayward
    • In reply to Mike Hayward

      The ACMA

      9/04/2014 2:57:41 PM

      Hi Mike
      The Do Not Call Register Act applies to telemarketing calls and marketing faxes.  If you have consent you can send marketing faxes or make telemarketing calls to numbers on the Register.  Neither the Spam Act nor the Do Not Call Register Act applies to post.
  • Kerryn Marlow Media M Group

    26/03/2014 5:09:54 PM

    Could not agree more with ACMA on this. But you need to correct your information here on who does what.
    List BROKERS do not collect data....that duty belongs to a LIST COMPANY or LIST OWNER. Brokers buy lists FROM list owners on behalf of their client, based on a client's brief, so brokers act as a consultant/go between.
    The only problem is, there are a lot of list owners (not brokers) who sell data that is not spam-compliant yet neglect to tell the buyer or bury this detail deep in their terms and conditions! A reputable list broker will avoid these list owners.
    It is frustrating for us brokers as we try to guide clients on the Spam Act, but many clients think that "spam comes from overseas" or "spam is when you send thousands of emails...but people will WANT to see our product."
    We lose business every single day because we cannot supply email lists...people get angry with us and go to one of the less reputable list sellers (and there are many of them selling cheap spammy 5 year old data), buy a list of emails, then spam the planet, not realising the risk they are taking.
    So ACMA, list brokers try to do the right thing by clients as it's in nobody's interest to see a client named as a spammer. But you really need to promote the Spam Act to businesses a lot more because the awareness is very low out there in business land.
    I have brought this up with ACMA on at least 3 occasions over the years... about spending some of that revenue from the Do Not Call Register on an advertising campaign to businesses making them aware of the Act?
    ...or sending info to marketing schools and marketing'd be unpleasantly surprised at the number of marketing and advertising people who have no idea about the Spam Act.
    Thanks for listening.
    Kerryn Marlow
    Media M Group
    • In reply to Kerryn Marlow Media M Group

      The ACMA

      10/04/2014 3:58:20 PM

      Thanks for your interest and comments.  You’ve certainly given us some food for thought.  Regarding your comment about Do Not Call Register income - these funds pay for the Register’s operation.  
  • Abbie

    29/05/2014 9:18:10 PM

    So we can send a form out requesting information to businesses to assist in creating a database for marketing via Australia post and if they reply then all is ok and no breaches are made??
    • In reply to Abbie

      The ACMA

      2/06/2014 2:15:57 PM

      It’s not clear from your question whether you intend to send the form you refer to out by post or some other means.  The Spam Act does not apply to mail-outs sent by post.  However, if your intention is to send electronic messages (ie email, SMS), and they promote or advertise products and services, then they will usually need to comply with the Spam Act and be sent with the consent of the recipient. 
  • James Collins

    8/07/2014 10:56:47 AM

    Some case studies on the website would be very handy. Examples of what is acceptable and what wasn't. 
    We are currently looking at purchasing some of the assets of a company that is in administration. This includes a large database of clients and leads that have been built up over the years. We have known the director for a nearly a decade, and it is predominately from presentations etc, so it is hard to get "proof" of the opt in as the information that was handed in a the time (i.e the clients are investors, and they usually completed a basic form and drop it in to sign up for more info or arrange a meeting). 
    If we purchase the data base, would an initial email saying something along the lines of "you are receiving this email as a former client of XYZ Pty Ltd. New Co Pty Ltd has purchased some of the assets including a list of former clients and your name appeared on the list.  We would like to offer you the ability to receive occasional information from us in relation to future [products], but we respect that you may not want to, so please feel free to Unsubscribe and we wont contact you again. Here is an example of a recent offer we sent to New Co Pty Ltd clients".
    ACMA can you tell me if you think this is acceptable? Or would this be considered SPAM. If you would take offense, can you tell me and other readers how we could comply in these circumstances.
    • In reply to James Collins

      The ACMA

      10/07/2014 12:32:29 PM

      Hi James, 
      We suggest you take a look at  the information about consent on our website. See here: You must be confident that you fulfil these consent obligations before sending messages. If you are still unsure, as these things turn on their individual facts (including the arrangements around your purchase), we suggest that you seek legal advice.
  • Brett

    15/08/2014 10:42:52 AM

    A list should defiantly have proof of double opt in I am sick of being email blasted from Australian businesses that can't comprehend double opt in and compliance to the Can-Spam-Act, reported a few but they continue to spam from Australian servers because I emailed them once using a quote form or something similar, wont even validate a un subscribe request. Fine them already.
  • Charlene

    11/03/2015 10:38:05 AM

    we purchased a email contact list in good faith. if the company we purchased the list from states a person on the list has given consent to be on the list, where do we stand?
    and if we sent another newsletter out and a complaint is made then what happens. we don't want to do anything illegal and we sent out the newsletter with all company contact details and an unsubscribe link which automatically unsubscribes the person from the list. If someone makes a complaint to the ACMA and we can't verify if they unsubscribed then were to we stand?
    we have sent out 2 newsletters from this list, and complied fully to the spam act. We are working in good faith so how can we be punished if we believe we are complying.
  • The ACMA

    16/03/2015 5:22:40 PM

    Hi Charlene
    Thanks for your interest in the e-marketing blog.
    Making sure that your messages are sent with consent, not only makes good business sense, but is your responsibility under the Spam Act.  We suggest that you contact the list provider and ask it to show you the consent it is relying on - particularly where a consumer has told you that did not provide consent.  If you’re not satisfied with the explanation, then you might wish to consider if it is worth the risk to continue using the list. 
  • Anthony Awkar

    18/05/2016 5:04:59 PM

    To whom it may concern,
    I would like to know the price on a data base list with as much information and contact as possible for the 5062 postcode. 
    It must be a washed list so can’t be any numbers on the dnc, but addresses and email addresses if available are helpful as well would like to know tagged for owner occupied as well. 
    Thank you and I will await a price
    • In reply to Anthony Awkar

      The ACMA

      25/05/2016 10:07:10 AM

      Hi Anthony, the ACMA does not sell or manage lists and is unable to assist with your pricing query. 
  • Mat

    27/06/2017 4:26:06 PM

    How does this apply to B2B contacts? I have seen one provider claim that they don't have opt-in permission at all, but that doesn't matter because the SPAM act doesn't apply to their list because they are all "non-personalised business data" and that only individual consumer contacts are covered by the law. I am sure this is not true, and the list provider is blowing smoke. Meanwhile a colleague of mine who received an email from someone who bought one of their lists is fuming about receiving an email not relevant to his business.
Back to top