I found an excellent resource some time ago addressing the new legislation regarding email marketing. I suddenly remembered it today while listening to a lecture on the subject and thought I might post some information on it here.
The resource I am referring to is a fact sheet produced by Scottish Enterprise that can be downloaded in PDF format from their site.
The fact sheet largely discusses the EU Directive on Privacy and Electronic Communication (DPEC) but has an excellent section right at the end referring to general best practice.
Best Practice in email marketing
Inform the user
If e-mail addresses are to be used for marketing purposes, this should be clearly stated at the point of collection.
The ability to opt-out
Once informed, the user should be able to refuse permission for their e-mail to be used for marketing purposes (i.e. opt-out).
Keep it relevant
If e-mail is to be sent to those with whom a customer relationship exists, the content should be in reference to similar products and services.
Do not share email addresses without permission
If the e-mail addresses are to be shared with third parties, this should be clearly stated at the point of collection.
Do not harvest email addresses
E-mail addresses should not be harvested (e.g. copied from websites) and used for marketing purposes without the recipients’ knowledge.
Option to unsubscribe
Recipients should be able to refuse permission for further marketing messages to be sent to them at any time.
Do not hide identity
Your identity as the sender should never be disguised or concealed.
Do not hide the option to opt-out
In every communication, recipients must be given a simple and clear means of opting out from receiving future e-mails.
Honour user requests
When an opt-out request is received it must be honoured, with the contact details ideally being "suppressed" rather than deleted.