08 Aug Introduction to The CAN-SPAM Act Compliance

Many new businesses all too often learn that there are state and federal email laws that they are required to comply with when it comes to email marketing campaigns.  CAN-SPAM is just one example of a set of federal regulations that governs direct email marketing and lead generation, but even the most practiced businesses can sometimes engage in emailing techniques and behaviors that run afoul with current regulation. By learning more about the CAN-SPAM regulations and other state and federal email laws, new lead generation ideas and direct marketing plans can be developed by businesses in a way that is compliant with the law.

Learning More About CAN-SPAM

The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) act is a set of federal regulations governing the requirements for and transmission of commercial electronic communications with customers, such as commercial type emails and electronic communications sent to customers via social media platforms. Rather than being a set of laws that encourages email spamming of customers, the CAN-SPAM laws are actually a set of laws designed to regulate electronic marketing, i.e., the laws “can” or get rid of unwanted commercial spam messaging. The laws are enforced by the Federal Trade Commission (FTC).  A single email that is in violation of the CAN-SPAM regulations can lead to penalties of up to $16,000, so it is critical that companies that use email communications in their marketing and lead generation strategies take compliance seriously.

What Businesses Can Do Under the CAN-SPAM Act

There are many things that businesses can and cannot do under the CAN-SPAM Act. The CAN-SPAM act regulates the online collection of email information, meaning that in order for a business to be able to send commercial electronic communications to a given email address, the email recipient must have consented, or “opted in,” to receive those types of emails. To say this another way, the CAN-SPAM Act prevents unwanted solicitation via email. The CAN-SPAM Act only applies to commercial communications, which are electronic communications meant to convey a commercial advertisement or promotion of a commercial product or service.

Under the CAN-SPAM Act, businesses can only send commercial electronic communications to customers who have given their affirmative consent to receive such commercial communications. A company cannot simply collect email addresses that are available through online social media sites and then send a mass email campaign to those collected email addresses since the owners of those email addresses has not affirmatively given consent to receive commercial emails from the company.

Limitations On How A Business Can Obtain Email Data Under the CAN-SPAM Act

There are many limitations placed on how a business can obtain email information under the CAN-SPAM Act, as well as limitations on data collection. For example, the automatic harvesting of email addresses from websites and search engines through techniques such as scraping is prohibited under the CAN-SPAM Act where at the time the address is obtained the address was collected from a website or online service that contains a notice that the operator of the website or service will not give, sell or otherwise transfer the addresses contained on the site or service.

Similarly, a business cannot collect email addresses and other personal information from “friends” or contacts using a false social media profile. Nor can a business collect email addresses from other websites or services that contain such notices against the transfer or sale of email addresses contained therein, and then use those addresses for commercial email purposes. Nor can a business resell email addresses that have been collected in such a manner.

Companies that purchase email information from a data broker can be liable for how the email information was obtained under the CAN-SPAM Act. For instance, sending electronic communications to email addresses that are obtained illegally, or email addresses that have already opted out of receiving commercial emails from your company, is in violation of the CAN-SPAM Act.

Nor can a business necessarily sell any and all information collected from customers under the CAN-SPAM Act. For example, a customer may have given consent to receive commercial electronic communications from a company by providing the company with his or her email address. However, if the customer withdraws his or her consent by “opting out” of receiving such email communications, the company is not permitted to sell the customer’s email address or other personal information as a consequence of opting out.

Building your brand is important to your business, and lead generation and email marketing are key ways for building your customer base. But there are specific email laws in place that businesses need to be aware of. Consult with an experienced business and email lawyer.