Thomas C. Carey
Sunstein LLP
FAQs about the CAN-SPAM Act
Table of Contents
As we build an intent-based advertising network that’s beneficial for consumers, brands, and publishers, we at Customers.ai are conscientious of privacy and in compliance with laws and regulations regarding compliance.
Disclaimer: This webpage regarding the CAN-SPAM Act, the CCPA and GDPR is intended solely for informational purposes and is not intended to constitute legal advice or to create an attorney-client relationship with Sunstein LLP. This is not intended to be an exhaustive summary of all requirements of the CAN-SPAM Act, CCPA, or GDPR. If you have questions about complying with the CAN-SPAM Act, CCPA, or GDPR, contact your legal counsel.
Last update: July 31, 2023
1. What are the requirements of the CAN-SPAM Act?
According to the Federal Trade Commission, the requirements of the CAN-SPAM Act are as follows:
“Don’t use false or misleading header information. Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message.
- Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message.
- Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.
- Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations.
- Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.
- Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act.
- Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.”
2. Does the CAN-SPAM Act require a recipient to opt-in?
3. Who does the CAN-SPAM Act apply to?
4. What type of email does the CAN-SPAM Act apply to?
- Commercial content. This is content which “advertises or promotes a commercial product or service, including content on a website operated for a commercial purpose.
- Transactional or relationship content. This is content which “facilitates an already agreed-upon transaction or updates a customer about an ongoing transaction.
- Other content. This is content which is “neither commercial nor transactional or relationship.”
According to the Federal Trade Commission, if the primary purpose of an email is commercial content then it must comply with the requirements of CAN-SPAM.
If it only contains transactional or relationship content, the email may not contain false or misleading routing information. Those emails are otherwise exempt from most CAN-SPAM Act provisions.
5. Does the CAN-SPAM Act only apply to bulk email?
6. How does the CAN-SPAM Act define the sender of an email?
7. How does the CAN-SPAM Act define the recipient of an email?
The term “recipient”, when used with respect to a commercial electronic mail message, means an authorized user of the electronic mail address to which the message was sent or delivered.
If a recipient of a commercial electronic mail message has one or more electronic mail addresses in addition to the address to which the message was sent or delivered, the recipient shall be treated as a separate recipient with respect to each such address. If an electronic mail address is reassigned to a new user, the new user shall not be treated as a recipient of any commercial electronic mail message sent or delivered to that address before it was reassigned.
This FAQ is for informational purposes only and does not constitute legal advice. For specific legal advice, please consult with an attorney. The CAN-SPAM Act is a complex law and this FAQ does not cover all of its requirements. If you have questions about complying with the CAN-SPAM Act, please contact your legal counsel.
Additional resources
This document is for informational purposes only and does not constitute legal advice. For specific legal advice, please consult with an attorney. The CAN-SPAM Act, CCPA and GDPR are complex laws and this document does not cover all of its requirements. If you have questions about complying with the CAN-SPAM Act, CCPA or GDPR, please contact your legal counsel.
Thomas Carey, Sunstein LLP