CAN-SPAM Compliance Strategies

The CAN-SPAM Act originally went into effect in 2004, is also known by its official name: Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (One can’t help but wonder how much time is spent by Congress in devising cute acronyms, as opposed to drafting the legislation itself).  Anyway, the gist of it is this: each separate email sent in violation of the CAN-SPAM Act is subject to penalties of up to $16,000, so non-compliance can be costly. But following the law isn’t complicated. Here’s a rundown of CAN-SPAM’s main requirements:

– Don’t use false or misleading header information. Your From, To, Reply-To, and routing information including the originating domain name and email address must be accurate and identify the person or business who initiated the message.

– Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message. Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.

-Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox youve registered with a commercial mail receiving agency established under Postal Service regulations.

– Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.

– Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipients opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act.

– Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.

Because of the relative ease of compliance, the CAN-SPAM Act is occasionally referred to as the “You-Can-Spam” Act because the bill explicitly legitimizes many types of e-mail spam.



Author: Seth Heyman
Seth D. Heyman is a California attorney with extensive experience in advertising and marketing law, corporate law, contracts, governmental regulations, international business, and Internet law. He has counseled numerous successful companies, both public and private, and was responsible for regulatory compliance, contract management, corporate governance, and HR best practices for multiple organizations in many diverse industries, including marketing, telecommunications, energy, and technology development. He offers insight and guidance on federal and state direct mail, TV, radio, telemarketing, and Internet marketing laws, as well as online promotions, Internet privacy, data protection regulations, and similar matters.

Leave a Reply

Skip to content