The CAN-SPAM Act of 2003, or the Controlling the Assault of Non-Solicited Pornography And Marketing, dictates the rules outlining appropriate and inappropriate actions as well as requirements regarding commercial email.
On the official website of the FTC, it is stated that:
"... Sets the rules for business email, sets requirements for business messages, gives recipients the right to stop you from emailing them, and spells out tough penalties for violations."
What are the main CAN-SPAM requirements?
Misleading or false header information should not be used. The "From," "To," "Reply to" fields, and the routing information, which includes the originating domain name as well as the email address, must be clear, and the person or company sending the message must be identified.
Do not use false or misleading subject lines. The field or subject line must accurately reflect the content of the email.
The message must be identified as an advertisement. In this regard, the law is quite flexible about how to achieve this, but it must be explicitly stated that the message is an advertisement.
You must tell the recipients the location from where the message is sent. The message must include a real physical postal address. This can be the actual current address, a P.O.box that has been registered with the US Postal Service, or a private mailbox that has been registered with an agency that receives business mail constituted in accordance with Postal Service regulations.
You must tell the recipients of the message how not to receive future emails. The message must include clear instructions so that the recipient has the option of not receiving further emails in the future. The notification should be made so that is is easy for the common person to identify, read and understand. A return email address must be indicated that allows people to express their choice.
Requests for voluntary refusal must be honored and honored immediately. Any form of voluntary rejection presented to a recipient must process voluntary rejection requests within 30 days after the message is sent. The said request must be fulfilled within ten business days, without charging fees, nor asking the recipient for personal identification information (only an email address), nor leading the destination user to do anything other than be sending a response email, as well as requesting a single page on an Internet website to be visited as a condition of fulfilling an opt-out request.
Activities carried out by third parties must be controlled. It is clearly established in the law that although third parties are hired to take care of email marketing, they are not exempted from compliance with legal responsibilities. In this case, both parties can be held legally liable.
What are the penalties for not complying with CAN-SPAM?
The costs of non-compliance with CAN-SPAM can quickly add up for a business breaking the law, with potential penalties ranging up to $ 42,530 for each email that violates the law.
In addition to this, non-compliance with CAN-SPAM can be classified as a crime, leading to penalties, including jail time, being included among the possible consequences for non-compliance.
There was a case in 2006 in which a person was charged under CAN-SPAM and was fined $ 5.3 million in damages to AOL for allegations of email violating tactics.
Why is the CAN-SPAM Act important?
This is because public email providers such as Gmail, Yahoo, and Hotmail, as they are American providers, enforce compliance in order to send emails to their email services.
Failure to comply with the CAN-SPAM law does not mean a sanction, since this law is not mandatory outside the United States. Still, emails can be considered spam or be blocked when they are sent to these domains or to private domains that use the services of email companies that work with the servers of these email providers.