Skip to main content

CAN-SPAM: Do not risk your Email Strategy


Knowledge of CAN-SPAM requirements is essential for Email Marketers because the downside of being non-compliant have severe implications for the business, i.e. each email in violation of the CAN-SPAM Act is subject to penalties of up to $43,280, and the maximum is not specified. Besides SPAM act knowledge, implementing and monitoring the compliance process is vital to stay compliant of these rules. While these regulations are region-specific, the underlying theme that encompasses these rules is the same, i.e. protecting the consumer’s interests. Hence, these rules weight a lot of strength and forms integral of email strategies of all key brands. In this write-up, I provide the laws that govern the email and give examples of a good and lousy adoption of these regulations. 

How Email Regulations unfolded?

I feel it’s appropriate for readers to give the premise of how these regulations unfolded in the marketing ecosystem. Spam refers to unsolicited marketing messages, and receiving these messages resulted in a lot of resentment from users because of the hostile internet prices. As a result, there were a lot of complaints from the user about the nature of the content, frequency and other deceptive practices that few marketers adopted for email success. So, on December 16, 2003, the US passed this act that came into implementation from 2004. 

What does the act say?

Rather than going by the bare act rules and regulations, I have collated the summary of best practices to stay compliant with this law for both Transactional and Commerical emails. Moreover, adopting the methods will also greatly help in improving the ISP reputation and more importantly customer trust.

Consent: The requirement of an opt-in is applicable for all electronic messages sent to new customers and those already contained on a database. The opt-in can be either explicit or inferred and the opt-in for new customers shall be defined based on the onboarding strategy that business adopts. Primarily double opt-in is a prevalent practice to gain quality leads rather than volume.

Unsubscribe: Honoring opt-outs and the ability for the users to easily unsubscribe forms an integral part of these requirements. Firstly, a conspicuous message that can be easily comprehended by an average individual in the email shall be made available. This should be an internet-based approach for the users to select the preferences (centre) for the communications received from the brand. Honouring the unsubscribe requests within ten days (5 working days for Australia) is prescribed in the rules. Usually, brands consider these requests on priority and remove the users from the active database. Lastly, the opt-out mechanism shall be functional for a minimum of 30 days from the subscriber receives this message. 

Preference Management for email subscriptions

Identity: While the previous two covers the onboarding and exits of users from the brand communications, identity refers to the email message templates and the minimum information for sending compliant messages. Following are a few requirements that require attention. 

Can SPAM identity rules in email

Email header: The header of an email constitutes “From”, “To”, “Reply-To” should accurately identify the person or business who initiated this email
Subjective lines & Preview Text: Subject line shall accurately define the content of the email. Deceptive practices of gabbing the user attention by adding “important” “Re:” and excessive capitalisation “Warning” “Attention” are some of the few prevalent practices. This also goes same for the preview text in the email

Physical location: Mention the physical place of the business at the bottom of the email for the user to identify the location

Email Unsubscribes

Monitoring controls: This law explicitly stipulates the shared responsibility of non-compliance between the third party agency sending the emails and the business that contracted the work. Hence, as a best practice auditing the vendor and establishing an approval mechanism for the emails developed in the vendor location is an excellent start to ensure quality and compliance. 

Exemptions: Certain types of electronic messages and some organisations may be exempt or partially exempt from compliance with the Spam Act. An exempt person or organisation is not required to meet the consent and unsubscribe requirements of the Spam Act. However, they must meet the identity requirement.

Specific messages from the following types of organisations are exempt: Government bodies, Charities, Religious and non-government organisations; or Registered political parties.

Sai Hari_Salesforce

Sai Hari is a consulting professional who primarily practices in the area of strategic planning, Business analysis and Marketing Automation. He is a certified Salesforce Marketing Cloud practitioner helping businesses to design, build and implement digital solutions


(All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site


Popular posts from this blog

Regulating claims and advertisements on food products in India

In the light of FSSAI gazette standards on claims and advertisements, a proper dissemination approaches are required to be adapted by regulator to sensitize the industry and safeguard the consumer interests FSSAI claims and advertisements standards

How to respond to an improvement notice from FSSAI ?

E commerce integration with business applications

Ecommerce, ERP Integration