Legal Issues Facing Email Marketers … and How to Comply With Them, Part 1

What follows is part 1 of a three-part series on legal issues facing email marketers, including what the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act is and how to comply with it; how to safely manage your behavioral targeting campaigns; and how European data protection laws affect email marketers. This week I’ll tackle CAN-SPAM compliance. Behavioral targeting will be the focus of part 2 coming May 14, and finally, in the May 28 issue, I’ll examine European data protection laws.

The CAN-SPAM Act came into law on Jan. 1, 2004, applying to anyone sending commercial email. Violations of the law are subject to a fine of up to $11,000 per incident. To avoid legal problems with direct email marketing, take the following actions:

  • DON’T use false or misleading headers. The email’s “To” and “From” lines must accurately identify who sent the email.
  • DON’T use deceptive subject lines. This could mislead readers about the content of the message.
  • DO provide a return address that permits the recipient to request that no further emails are sent to their email address, and honor that request. You must be able to process opt-out requests up to 30 days after the original email and be acted upon within ten working days of receipt.
  • DO ensure that your messages include a valid postal address.

Additional fines apply to companies that do the following:

  • generate email addresses by combining multiple permutations of names, letters or numbers;
  • harvest email addresses;
  • take advantage of open relays or proxies without permission; and
  • use scripts to register for multiple email accounts for commercial email purposes.

Criminal penalties and imprisonment are levied to marketers who do the following:

  • send commercial email through another computer without permission;
  • use a computer to retransmit messages and mislead a recipient or internet access service about the origin of the email; and
  • use false information to register for multiple email accounts or domain names.

In a Responsys study of 100 large online retailers, as reported in the New York Times, five times more retailers are now requiring at least three clicks to opt out of email marketing lists than in 2008. What’s more, the number requiring just one click to be removed from an email list has dropped to 3 percent, down 6 percent in that same time period.

This trend may be the cause of an increase in consumers using the “Report as Spam” button, potentially having a detrimental impact on the reputation and delivery of the sender. Networks will block senders if their complaint rate is too high. Senders shouldn’t require more than one click for an opt-out. A second optional click can be added, whereby the sender might try to capture reasons for the recipient opting out, among other things. Requiring more than one web page visit to opt out isn’t in compliance with the CAN-SPAM Act, which states the following:

  • “The steps required to opt-out shall not include more than a single webpage visit or sending a reply email message”;
  • “Opt-out methods cannot be fee-based for the recipient”; and
  • “The recipient should not be required to give more information than the recipient’s email address and opt-out preferences.”

Steve Lucas is chief compliance officer at Blue Sky Factory, a Baltimore-based email marketing services provider. Reach Steve at

Publish date: April 30, 2010 © 2020 Adweek, LLC. - All Rights Reserved and NOT FOR REPRINT