Back

Do you need to add a disclaimer to your emails?

There are many schools of thought as to whether or not email disclaimers are required by law. Many regulations that have been put in place are forcing companies to use them in order to protect their clients’ privacy. It is important that you are aware of regulations appropriate to your industry and geographic region. Some of the key ones are:


United States

The Health Insurance Portability and Accountability Act (HIPAA) requires health care institutions to keep a record of all email communications and secure confidentiality of information. The U.S. Securities and Exchange Commission (SEC) and Gramm-Leach-Bliley Act (GLBA) impose similar duties on financial institutions.

  • Steep penalties are enacted if these organizations do not comply with these regulations.
  • Companies are required to add disclaimers to their emails in order to protect the integrity of their patients/clients and to avoid any confidentiality breaches.

The Internal Revenue Service (IRS) Regulation Circular 230 forces all tax advisers for the IRS have to add an email disclaimer when sending emails about tax advice stating that the opinion cannot be relied upon for penalty purposes. The disclaimer must be near the top of an opinion in a typeface that is the same size or larger than the typeface of the tax advice.


Canada 

The Canadian Anti-Spam Legislation (CASL) will take effect on 1st July, 2014. One of the strictest anti-spam laws in the world, this legislation will be rolled out in phases:

  • Businesses have a three year transition period to comply.
  • Most of the legislation involves ‘opt-in’ rules but it also requires each message to include the mailing address, with either a phone or web address included and an unsubscribe feature added.
  • The maximum penalty is $10 million per violation with additional fines added if the breach continues.

For more information, see our post on how CASL is something that all marketers need to be aware of.


The European Union (EU) 

Introduced in 2007, the EU Directive 2003/58/EC concerns emails
sent by companies as part of their business operations. Previous regulations applying to written correspondence by letter or fax were extended to emails and other forms of electronic communication.

  • All business emails must include the company’s registration number, the place of registration and the registered office address.
  • Each member of the EU had to enforce this law before 31 December 2006.

To this end, several key members adopted the directive in a number of ways as stated below.


United Kingdom 

The Companies Act 1985 was already in place, applying to private and public limited companies or a Limited Liability Partnership. All business emails, letterheads, order forms and corporate websites must include

  • The company’s registered name (e.g. ABC Ltd).
  • Registration number (listed on Companies House).
  • Place of registration (e.g. England).

N.B. You cannot just provide a link to information on your email disclaimer.

This is enforced by Trading Standards with fines for non-compliance starting at £1,000 with an additional fine of £300 per day if the breach continues. If the disclosure of the content of an email leads to a dispute, it can be argued in court that the recipient should have known to not disclose the information. It will often depend on the nature of your business and if the disclaimer is too broad, it won’t hold up in a court as there is no legal authority in place for this.


Ireland

The EU Directive was implemented by the Minister for Enterprise, Trade & Employment on 1st April 2007. Company’s email communications have to include:

  • The name of the company.
  • Place of registration.
  • Registered number.
  • Registered office.
  • Whether the company is a limited company.
  • If it is exempt from the obligation to include Limited in its name.
  • If it is being wound up, in liquidation etc.
  • Any reference to share capital must be paid-up share capital.

Failure to display this information constitutes a criminal offense that is subject to a maximum fine of €2,000.


Germany

Implemented on 1st January 2007, all corporate electronic communication must include:

  • The company’s registered name.
  • The office location.
  • Court register.
  • Registration number.
  • The name of the managing director and the board of directors.

Failure to comply with this comes with a maximum fine of €5,000. On another note, privacy statements intended to act unilaterally, confidentiality disclaimers, and liability disclaimers have no legal standing under German law.


France

Enacted on 9th May 2007, all companies in France must include the following in all electronic communications:

  • Company name.
  • Registration number.
  • Registry location.
  • Registered office.
  • If they are in the process of insolvency proceedings.

If the body corporate is a commercial company having its registered office overseas, then these have to be included:

  • Its name.
  • Legal form.
  • Address of its registered office.
  • Registration number of relevant country.
  • If it is subject to insolvency proceedings if it is appropriate.
  • If it is run by a lease manager or an authorized management agent.

Any infringement of any of these points is subject to a fine of €750 per infringement.


Italy

All Italian companies electronic communications must include:

  • Company registered name.
  • Registration number.
  • Place of registration.
  • Registered office address.
  • If applicable, whether the company is going into liquidation or being wound up.

The Netherlands

There is a Dutch law that requires every company to display their CoC number on all outgoing written communications including email. Failure to follow this law  can result in a fine of up to €16,750 or up to six months imprisonment as it constitutes an economic crime.


Denmark

From 4th May 2006, all Danish companies were required to include their name, location and Central Business Register (CVR) number.


Our opinion

So do you need an email disclaimer? With all the regulations that are out there, particularly CASL, and the stiff penalties that can be applied to your company, it is better to prepare for all eventualities than to do nothing. It is best practice to create a disclaimer that is specific to your organization and the country you are based in, which is then strictly enforced as company policy. This means that you are less likely to run into any legal complications in the future.

Some of the largest, most elite financial and legal organizations in the world trust our software to protect the safe running of their businesses – we treat certainty as an absolute necessity. Choose from one of our award-winning solutions – Signature Manager Outlook EditionSignature Manager Exchange Edition or Mail Disclaimers – to ensure that the emails you send are protected against legal threats.