The area of communication by email is regulated by applicable legislation and recommendations are also made by various codes of ethics:
- According to the Personal Data Protection Act (ZVOP-1), an email address bound to an individual (as opposed to the general public email addresses of organizations, such as for example email@example.com) is considered to be personal data. In accordance with Article 8 of the Act, the processing of personal data is only permitted if the processing is required by law (for example, it is admissible within the industry), or if the personal consent of the individual is obtained. Processing of personal data includes any operation or set of operations which is performed on personal data that is processed automatically or manually or is intended for inclusion in a collection of personal data, especially the collection, recording, editing, storage, adaptation or alteration, retrieval, insight, use, disclosure by transmission, communication, dissemination or other availability, alignment, integration, blocking, anonymizing, deletion or destruction; processing can be either manual or automated (means of processing).
- In the area of sales and marketing, the Consumer Protection Act is used, whose Article 45 stipulates that companies can use one of the forms of electronic communication only with prior consent from the consumer for whom the message is intended.
- The field of electronic communication is governed by the Electronic Communications Act (ZEKom-1), which stipulates in Article 158 on unsolicited communications that the use of email communication for purposes of direct marketing may only be based on the customer's or user's prior consent.
- The association ESOMAR issued its Guideline for online research (chapter on ethical issues), which stipulate that we must indicate how we obtained each email address when sending email invitations. In addition, the guideline emphasizes that emails should not be sent knowingly to those who did not agree to participate in the study.
- The association CASRO issued its Code of standards and ethics for survey research (chapter on internet research) stipulates that email invitations are to be sent only to those addressees for whom it is reasonable to expect that they will accept the invitation to participate in the study. The basis for this may be the consent of the addressee on the basis of prior contact with the research team/individual.
On the basis of the above, we can conclude that, unless there are exceptions, we need to obtain prior permission to send an email invitation to a survey. For business email addresses, expectations are a bit more tolerant, as business addresses are, at least in principle, open to business contacts. Exceptions include email addresses collected for surveys for narrow administrative purposes only; an example might be an internal survey of an association where participants agree, by virtue of their membership, to take part in the survey and to be notified of this by email.
Note that potential respondents are often annoyed by unwanted invitations and in extreme cases intervene with 1KA (despite 1KA not being the sender of these invitations) or even threaten to attack the 1KA servers. Such reactions are of course unethical and illegal, and we report them to the Slovenian Computer Emergency Response Team (SI-CERT). We may remove the 1KA survey in question because sending unsolicited invitations violated a basic prerequisite for using our services. So far, we have restricted 2 surveys that have violated the spam policy.