CAN-SPAM: Email Legislation in the US

Many years ago, inboxes were being flooded with spam, and it became apparent that something must be done. In 2003, President George W. Bush signed the CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing) Act into law. While CAN-SPAM provides guidance on the types of emails to be sent and the rules around them, it does not address permissions.

Take a look and see what CAN-SPAM covers:

What is the CAN-SPAM Act?

The CAN-SPAM Act established a set of rules for commercial electronic emails and messages. It gives recipients the right to easily request that a business stop sending them emails and outlines penalties for violations. Some of the other elements of this Act help identify marketers clearly and requires clear identification of advertisements or offers.

CAN-SPAM Legislation is focused on marketing emails, but the FTC (Federal Trade Commission) also provides guidance on transactional messaging and when CAN-SPAM requirements apply to those messages.

Below is the definition of a transactional email:

  1. facilitates or confirms a commercial transaction that the recipient already has agreed to;
  2. gives warranty, recall, safety, or security information about a product or service;
  3. gives information about a change in terms or features or account balance information regarding a membership, subscription, account, loan or other ongoing commercial relationship;
  4. provides information about an employment relationship or employee benefits; or
  5. delivers goods or services as part of a transaction that the recipient already has agreed to.

(from the FTC.gov website, https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business)

Marketers can add a certain amount of marketing content to their transactional emails and are still qualified to be transactional rather than promotional. There are some guidelines on this. The loose interpretation is that if the primary intent of the message is transactional, then it is. And if it’s marketing, then it’s a promotional email. Placements of content inside marketing messages will also make a difference. The transaction should be first and visibly the primary email content, and the subject line should be related to the transaction.

5 Myths about CAN-SPAM for Email Marketers

#1

B2B vs. B2C

Myth

I’m a B2B marketer so I don’t have to worry about CAN-SPAM.

Fact

CAN-SPAM applies to all commercial messages that are sent through email.

#2

Opt-out Everywhere

Myth

Transactional email requires an opt-out. If it’s not on there, we could get in trouble.

Fact
Like many things, it depends. Technically, transactional emails do not need an opt-out. But a transactional email is defined in a specific way, and sometimes marketers combine marketing messages into those highly opened transactional emails which could tip the scales and make the email a marketing message. Some marketers use a standard footer across all emails, and in the spirit of good customer experience, include the opt-out link. And others do not, feeling strongly that it is not required.

#3

Deliverability Killer

Myth
Adding marketing to my transactional emails will lower my deliverability.

Fact
The factors of good deliverability don’t include the type of message; it’s whether the message is wanted, along with a host of other things. Transactional email usually has good deliverability rates because people open them – they are waiting for them. Marketing emails could be anticipated the same way. This isn’t the reason not to add marketing to your transactional messages.

#4

Managing the Unsubscribe

Myth
My opt-out is just fine, inside my preference center, where it’s safe and secure.

Fact
If your preference center requires a login or credentials, it may not be fine. The spirit of CAN-SPAM is that the unsubscribe is visible and operable. Requiring the login is a hurdle the user should not have to leap over to get to the Unsubscribe. On the other hand, if your email unsubscribe button immediately opts the recipient out of the message, you may be losing a big opportunity to provide some other options and collect some information about why the recipient is leaving you.

#5

Stop Emailing Me!

Myth
When someone opts out, we need to remove them immediately from our list, or we’ll be in big trouble.

Fact
You have 10 days to remove the recipient from your email list. A little piece of advice: put that language on your unsubscribe form; otherwise, the unsubscribed who are still receiving emails could start hitting the Spam button because in their mind, you have not done what they asked. This could cause you big deliverability problems later. Or remove them as quickly as you can; you won’t change their mind about your emails by continuing to send them.

8 Easy Steps to CAN-SPAM Legislation Compliance

 

  1. Don’t use unclear header information

    The email address you send “FROM” and “REPLY TO” must all be accurate to correctly identify the person or business that has sent the message.

  2. Don’t use misleading subject lines

    Make sure your subject lines reflect the message that is being opened – nobody wants a bait and switch, including the FTC.

  3. Include your location/address in your emails

    Sometimes people forget about this one, but you need a valid physical postal address in your emails. A year after CAN-SPAM was put into effect, an amendment was made that allowed marketers to use a Post Office Box or private mail box service instead of a street address.

  4. Unsubscribe the users in a timely manner

    You have 10 days to unsubscribe the user, which should be plenty of time to remove them from your lists and mark them as unsubscribe. As stated previously, consider adding a message to your opt-out page that tells people that it could take 10 days, to hopefully prevent them from making spam complaints on your domain.

  5. Tell people how to opt-out of your messages

    General guidance is that the opt-out should be within one click from the email. Don’t put up barriers and give them a simple way to unsubscribe. This can include checking a box, managing all the messages you send to them, or offering an email address for them to send an unsubscribe request. Most marketers today are using preference centers or pages and trying to save the opt-out by offering a different cadence or type of content.

  6. Disclose your message as an advertisement

    You might be aware that the FTC often requires messages to be labeled as advertisements and email is no exception. There is no requirement for placement of this statement, other than “conspicuous” so you may want to do some competitive research and your legal team may have an opinion on this as well.

  7. Know who is responsible

    Many companies use agencies for their email and creative. If you are using a third party, you are responsible to comply with the law as the sender of the message.

  8. What about the fines?

    In the mid-2000’s, some individuals and companies were prosecuted on CAN-SPAM violations. Even if you don’t hear about it, it doesn’t mean it’s not happening. Fines can be as high as $16,000/email that doesn’t adhere to the CAN-SPAM act. Penalties can include imprisonment if the emails have misleading claims about products or services. If someone uses false information to register an email account or domain name, they can also be penalized.

Conclusion—CAN-SPAM is the first step!

Many senior leaders in the email industry and other legal and watchdog groups were not very satisfied with CAN-SPAM when it was released, as it failed to take on one of the biggest issues – permission.

Now that GDPR has paved the way toward protection of user data and information, we will see some changes coming in the US as well. In fact, it’s already happening; California has passed laws that will go into effect in 2020 that are considered “lite GDPR”.

Disclaimer: The information provided here is only for better understanding of CAN-SPAM impact on email marketing and cannot be relied upon for any legal advice. You may consult your own professional advisors before taking, or refraining from taking, any course of conduct. By reading this article you indemnify Pepipost of any legal implications and cannot hold it responsible for any action pertaining to the information shared in this article.

Ready to get started?

30,000 emails free for first 30 days.
Then 100/day forever.

Pepi thinking

Start typing and press Enter to search

Thank you for your details!

Fill out your information below, and we will send you a PepiAlert, that will describe your domain’s email deliverability situation. Please note that your email address must match the domain, or the domain must be owned by the company matching the email address. We have the right to refuse the request, if we can’t verify the information.

*All fields are required