The CAN-SPAM Act

The CAN-SPAM Act refers to the Controlling the Assault of Non-Solicited Pornography and Marketing Act which was enacted in 2003 as the national standard for regulating commercial email messages. It aims to protect the public from unsolicited emails from businesses. The Federal Trade Commission enforces the provisions of this law.  


Who and What Does the Law Apply To?

The CAN-SPAM Act applies mainly to senders of marketing emails or electronic messages—including those sent to cell phones—with commercial intent. Senders include the companies selling a product or providing services, and the affiliates or business partners who resell a company's products and send marketing messages promoting them. Email recipients who agree to forward promotional emails in exchange for money, discounts, or other rewards from the company or affiliate are also considered senders and answerable to this law.


Commercial vs. Transactional Intent

Become a smarter influencer in 3 minutes, for free.

Subscribe to the world’s #1 influencer marketing newsletter, delivered biweekly on Thursday.

Emails with commercial intent refer to messages that promote or advertise a service or product, including content from a business website. Examples include introducing new products, promoting events or programs related to a product or service, and notification of sales. 

Emails with purely relationship or transactional content are exempt. These types of emails include: 

  • Confirmation of an order or delivery that has already been agreed on
  • Account updates (memberships, subscriptions, loans, and so on)
  • Warranty, recall, and safety information
  • Employment benefits or other related information
  • A non-promotional subject line
  • Transactional information at the start while promotional content is secondary in positioning and text volume.

Emails can have both commercial and transactional content. But if the email's primary purpose is to market a new item or service, it's still considered a commercial message.


CAN-SPAM Requirements for Emails

The law has seven main sections that we've turned into a checklist below to help you verify whether your emails comply with the law:

  • Provide clear and accurate sender information. 

Role addresses such as [email protected] or [email protected] can trigger spam filters. It's better to use your brand or a team member's name appear for the sender field instead. Ensure that the "From," "Reply to," and "Signed by" fields contain your company information and not the agency handling your email marketing.

Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) provide a way for receiving mail servers to verify that messages from a certain domain comes from someone authorized by the domain's administrators. Email marketing services offer plans with SPF and DKIM protection. These security keys also prevent scammers from spoofing someone else's domain.

  • Write short and honest subject lines.

Using promotional words are allowed as long as they truly represent your offer you're giving the reader. There are free and subscription-based subject line testers you can use to determine whether the subject lines you've written are both creative and functional.

  • Acknowledge that the mail is an ad.

You don't have to include the word "ad" in the subject line although email providers now automatically assign such labels for promotional mails. You can include the information in the body of your message, i.e. "This is an advertisement" or "This ad is sent by (your company)."

You should include this identification even to people who have given prior consent to receive messages from your company.

  • Include your company's postal address. 

Recipients should be able to find your physical business location—or at least your P.O. box—in the email, even at the bottom of your message. This gives readers another way to contact or find a business if they wish to visit the brick and mortar store or office.

  • Include an easy opt-out feature.

Avoid making your readers log into a separate site or answer a long form to unsubscribe. Also, don't hide the link deep in the footer or by using light-colored font.

You can design your unsubscribe link to allow recipients to choose the type of mails to receive.

  • Act on unsubscribe requests as soon as possible.

Businesses need to comply with the request within 10 business days. The request is considered indefinite so you should honor the opt-out even when changing service providers. 

  • Ensure your email marketer adheres to the law.

Not only are you accountable to the law—the marketing agency or IT platform you've chosen to work with should also respect CAN-SPAM provisions. Check the emailing process and review each email for compliance before release.


Penalties for Violating CAN-SPAM

The court may order erring businesses to pay up to $43,792 in penalties for each email that violates the law. Guilty individuals may also be sent to jail for up to five years. Moreover, properties acquired through spam earnings will be confiscated by the government according to the law.