Beacon technology provides a creative and effective way of sending targeted marketing messages to consumers. However, there are many laws in Australia regulating how beacons can be used and breaching these laws can have significant consequences.
This article explores some of the most important questions you should ask and answer before your organisation implements this technology.
First things first – what are beacons?
Beacons are small, wireless transmitters that use Bluetooth technology to connect and transmit information to other nearby devices, such as a mobile phone. This technology allows your business to send information directly to a consumer’s device whenever they are within range of the beacon.
The notification could be a simple push notification (e.g. alerting a person that they are near a store) or contain more detailed information (e.g. that there is a sale on products in a store that might be of particular interest to them).
Key matters to consider before implementation
Australian laws do not prohibit beacon technology, but potential uses are highly regulated by several laws including some of the laws we consider below – in particular, laws designed to protect people from unlawful privacy breaches, unwanted communications and illegal surveillance.
Your organisation needs to be aware of these laws and what compliance actions are required in response. Important questions to ask include:
1. How will you obtain each consumer’s consent?
Failing to obtain valid consent before sending a notification could breach the Spam Act 2003 (Cth) and the relevant surveillance laws in your State or Territory. For example, the Surveillance Devices Act 2007 No 64 (NSW) prohibits a person from installing, using or maintaining tracking devices to determine the geographical location of a person or object (e.g. a mobile phone) without that person’s express or implied consent. All consents should be valid, informed and extend to all aspects of your organisation’s intended use of the beacon technology.
2. What type of information are you collecting?
If the information and data your organisation collects to transmit notifications is considered “personal information” (by itself, or in combination with other collected data) the Privacy Act 1988 (Cth) will apply to the collection, use, disclosure, storage and protection of that information. Depending on the nature of data collected, other laws may apply (e.g. laws regulating the collection and use of health information).
3. What will the notification say?
Notifications sent by beacons are subject to the same laws as other more common communications with consumers (e.g. email marketing and advertising content). Your organisation should assess whether the content is permissible under all applicable laws. This assessment should include any laws that generally apply to consumer communications (e.g. the Australian Consumer Law) and any specific laws which regulate your industry (e.g. advertising restrictions on allied health professionals).
4. What other legal relationships do I need to consider?
Your organisation’s beacon notifications may involve third parties (e.g. a beacon technology provider, an owner of a geographic location, an events coordination company, a manufacturer). Your organisation should consider what contractual agreements ought to be in place with these third parties to address any potential risks and liabilities associated with their involvement including in circumstances where they breach the above laws and this damages your organisation’s reputation or relationship with a consumer.
Key takeaways
Beacons have created new and innovative ways for your organisation to communicate with and advertise to its consumers. The technology has considerable potential upside if used well and in full compliance with all laws, and considerable potential consequences if any applicable laws are breached. It is important that your organisation is both aware of and able to comply with these laws before the technology is implemented. If in doubt, you should seek legal advice.
To find out more about what your organisation needs to do to comply with the laws regulating beacon technology, call us on 02 9199 4563.
This blog post does not constitute legal advice and should not be relied upon as such. It is a general commentary on matters that may be of interest to you. Formal legal or other professional advice should be sought before acting or relying on any matter arising from this communication.