CAN-SPAM Compliance

If you’re starting an email campaign or if you’ve been email marketing already but aren’t sure if your marketing emails are CAN-SPAM compliant, this article explains what CAN-SPAM laws are and how to make sure that your email program is complaint with them.

What is CAN-SPAM and Why is It Important?

It’s possible that you don’t even know what CAN-SPAM is. Maybe you think that it involves a popular processed meat product. However, if you’re going to send email to your customers, CAN-SPAM is a very important law that you need to know about. It governs whether the email you send is considered a legal communication or an illegal piece of unsolicited spam. If you don’t abide by it, you’re subject to fines and penalties from the U.S. federal government.

In this article, Comm100 will give you the history of what CAN-SPAM is. Then Comm100 will tell you what you need to do in order to be compliant.

A Touch of History: The Passing of the CAN-SPAM Law

In 2003, as inboxes were being flooded with unwanted email spam, the United States federal government took action with the passing of the CAN-SPAM law. CAN-SPAM stands for Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003. Essentially, the law set forth a number of requirements that need to be met in order to send commercial email to customers.

It’s important to note that the law makes a difference between a commercial email and transactional email. If you’re responding to a customer service inquiry or sending an automated email receipt of purchase, you don’t need to worry about CAN-SPAM. However, any email that contains marketing information or a customer solicitation must comply with the requirements of the law (and that includes promoting links to content on advertising-driven websites). Each individual violation of a rule in the CAN-SPAM requirements can leave you open to a fine of up to $16,000, so following the rules is important! Fortunately, there’s an easy checklist for you to follow.

CAN-SPAM Compliance Checklist

Once you get past all the government language, CAN-SPAM isn’t that complicated. If you just follow seven simple steps, you’ll be completely safe.

Step One: Be Who You Say You Are!

You can’t pretend to be another website or company just to get a user to open an email (or to get into the inbox). This is a popular trick offshore spammers use to get through spam filters, but it’s illegal. The email address that you send from (the “from” address and the reply-to address) must be your own. The domain that you promote in the email must either be your own or be one that you are authorized to promote, and it MUST be the domain that you say it is (i.e.: you can’t tell people that they are going to a site that sells coffee and then send them to an adult entertainment site). Basically, the information that a customer sees in the email has to actually be you or your business.

Step Two: Don’t Lie in the Subject Line

This one is easy. If your subject line says that opening the email will give the user a daily quote of the day, then that’s what needs to be in the email. You can’t use a subject line that promises a discount on groceries and then present an email that promotes anything other than a discount on groceries. In short, your subject line has to be truthful. The terminology of the law is that your subject line can’t be “misleading”.

Step Three: Tell Them That You’re an Advertisement

You can do this many ways, including small print at the bottom of the email. However, somewhere in your email, you need to make it clear that the email is an advertisement. It may seem obvious to you, but the law says that you need to make it explicit at least once in the email.

Step Four: You Need to Have an Actual Physical Location

This one is also simple. Somewhere in your email you must provide a physical postal address (street or postal box) where you can receive communications via mail. This ensures that you are not a scammer and also allows customers a way of sending a verified communication to you to remove themselves from your mailing list.

Step Five: You Have to Let People Know How to Opt-Out

You cannot (and should not) send a marketing email without letting users know how to stop you from sending future emails to them. This is called allowing users to Opt-Out of your email list. This is typically done at the bottom of the email. The only actual CAN-SPAM requirement is that it be easy for an ordinary person to recognize and read this information. Also important is the “universal unsub rule”. If you have multiple newsletters or email lists, you may allow a person to unsub from only one list. However, you MUST provide the option of unsubscribing from ALL future marketing email of any kind. Unsubscribing from all future marketing email is called a “universal unsub”.

Step Six: When People Want Off Your Email List, Take Them Off.

When somebody requests an opt-out or unsub from your email list or lists, you have up to 10 business days to remove them. When you send an email, the information or link to unsubscribe from that email must be valid for 30 days. You’re not allowed to charge a fee for removal from the list or require any information other than the user’s email address. Most importantly, the user can’t be required to do anything other than send you a reply email or visit a SINGLE webpage to unsubscribe. Finally, once a user has unsubscribed, you may not under any circumstance sell or rent that person’s email to anybody else. This is the most complicated part of the law, but it’s also the most important. And, if you don’t honor it, it’s the easiest to get in trouble for because people will get upset if they continue to receive unwanted email from you.

Step Seven: Make Sure You Know What Your Marketing Agency is Doing!

Also make sure that you know what your affiliates are doing! Make sure that you know what anybody who sends email on your behalf is doing! You are legally responsible for the actions of anybody you hire or authorize to send marketing email on your behalf.

There you go. Follow these simple seven steps, and you will be CAN-SPAM compliant. Most third-party email platform providers will actually make sure that any of these criteria that can be automated (such as physical address, unsub links and removing unsubscribed members) are automated. However, it’s in your best interest to always review your marketing emails before they go out to make sure that they meet every criterion on the checklist!


TOP