Home > Resources > What is the CAN-SPAM Act? Everything Email Marketers Should Know

What is the CAN-SPAM Act? Everything Email Marketers Should Know in 2024

Written and researched by experts at AvadaLearn more about our methodology

By Sam Nguyen

CEO Avada Commerce

Drive 20-40% of your revenue with Avada
avada email marketing

In this increasingly digital world, companies rely on tools like email marketing to get the word out about their latest and most fantastic offerings.

Studies reveal that up to 89% of marketers use email as their main channel to generate leads in 2021.

It is a great way to reach customers directly with multimedia and catered CTA (calls to action). Besides, it allows a brand to remain at a customer’s top-of-mind while gaining traction in a way that can be measured and analyzed.

The only catch? Compliance.

When talking about the legalities of email content, many marketers and content creators remain in the dark. As a matter of fact, most are unaware that some pretty strict email marketing laws exist, limiting what can and can’t be done.

The following is a detailed review of the CAN-SPAM Act, which is one of the first pieces of legislation to tackle the issue of email spam. Read it carefully to make sure that you remain CAN-SPAM compliant in 2021 and beyond.

What is the CAN-SPAM Act?

The CAN-SPAM Act (or Controlling the Assault of Non-Solicited Pornography and Marketing Act) comprises several rules outlining appropriate and inappropriate actions regarding commercial emailing.

What is the CAN-SPAM Act?
What is the CAN-SPAM Act?

In short, the CAN-SPAM Act provides businesses, customers, and other internet users the choice of whether to receive unsolicited commercial emails from spammers.

Spam is a bulk email message sent to a recipient without his or her prior permission - and without an underlying business relationship from which that permission can be implied. In other words, spam is the electronic equivalent of the junk email sent through the U.S. Postal Service daily.

Additionally, the CAN-SPAM Act imposes a labeling requirement on emails to help parents protect their children from receiving offensive emails. For example, senders are required to place warning labels on emails containing sexually oriented or pornographic materials. If senders knowingly violate, they are subject to criminal penalties and imprisonment.

Who must comply with the CAN-SPAM Act?

The CAN-SPAM Act widely reaches the business world as it applies to any kind of commercial email - bulk email sending is not a requirement to trigger a violation. Therefore, if you are an email marketer of any kind, you need to be aware of the CAN-SPAM Act.

The primary situation in which a business wouldn’t need to worry about the CAN-SPAM Act is if the email is purely transactional or relational. And that begs the question:

What is a commercial email?

The CAN-SPAM Act defines a commercial email as a message whose primary purpose is the commercial ad or promotion of a commercial product/ service. In short, if the main reason for sending an email is to sell something, it is considered a commercial email.

What is a transactional or relational email?

A transactional email offers an update to an already agreed-upon commercial transaction or relationship. For example, it would be something like notifying a customer that their order has shipped. Or, it might be a quote or reminder about an upcoming meeting.

The FTC (Federal Trade Commission) lists 5 kinds of content that are acceptable in a transactional/ relational email:

  1. Updates about an order or previously agreed-upon transaction
  2. Warranty, safety, recall, or security information
  3. Change in terms, features, subscription, loan, account information for a membership, or another ongoing relationship
  4. Employment information or employee benefits
  5. Actual delivery of goods/ services as part of a transaction the subscriber has agreed to

As long as the email only contains these kinds of content and does not contain false or misleading information, the CAN-SPAM Act probably doesn’t apply.

What are the main CAN-SPAM requirements?

Complying with the CAN-SPAM Act is relatively simple. The FTC spells out 7 rules that can help businesses and individuals remain CAN-SPAM compliant. So, businesses and individuals must ensure that their internal communications have mechanisms to guarantee compliance with these rules.

7 rules pertaining to emailing and messages are as follows:

1. Avoid using false or misleading header information

This concerns the “From” and “To” fields of an email. The CAN-SPAM Act mandates that both fields must accurately identify the sender and recipient. The domain, email address, and the sender’s name (business or individual) must be identified and correct.

Avoid using false or misleading header information
Avoid using false or misleading header information

2. Avoid using a misleading subject line

Your insider email content should match the subject line. Your subject line should always be an accurate representation of what’s to come once your recipients open the message. Think of your email subject as an appetizer before the main course is served!

3. Clearly label your message as an ad

According to the CAN-SPAM Act, commercial emails sent for the primary purpose of advertisement or solicitation must be labeled clearly and conspicuously as an advertisement.

At the end of the day, most recipients understand that the goal of your message is to drive them to your company’s storefront or website. There is no reason to pretend to be something that you are not.

4. Include your business’s location in all messages

This one is simple, yet sometimes forgotten.

Make sure to include your company’s valid physical postal address. Ensure that your recipients know exactly who you are and where they can find you.

5. Give your recipients an option to unsubscribe

Under the CAN-SPAM Act, people have the right to opt-out of receiving emails from your business at any time. There are 3 specific features of this rule that you must follow to comply:

  • Display an apparent means of opting out. Include an easy-to-find unsubscribe link in the text or footer of every email you send. This link should indicate that recipients can unsubscribe or opt-out of getting future messages.

  • Allow opt-out for at least 30 days. After you have sent a message containing an opt-out function, recipients have at least 30 days to opt-out of communications using that opt-out function.

  • Recipients can’t be incentivized against opting out from your list. The CAN-SPAM Act specifies that recipients can’t be required to pay a fee, provide information other than their email address and unsubscribe preferences, or follow any steps other than sending a reply email or visiting a single Internet Web page to opt out of receiving future emails from a sender.

6. Honor opt-out requests

Presenting recipients with an unsubscribe link or button is pointless if you don’t honor those requests. To comply with the CAN-SPAM Act, you must address these requests by removing them from your list within 10 business days of receiving the request.

The opting out process should be clear and easy for them, and you should make every effort to honor these requests quickly and without conflict.

7. Ensure your affiliates are CAN-SPAM compliant

Even when your product/ service is being promoted by a 3rd party, you’re still responsible for ensuring that emails promoting your business adhere to the high standards of the CAN-SPAM Act.

Be careful when using 3rd-party services - whether email marketing platforms or marketers - and be sure that emails sent from or about your business comply with requirements listed in the FTC guide.

What are the penalties for not complying with the CAN-SPAM Act?

The penalties for not complying with the CAN-SPAM Act
The penalties for not complying with the CAN-SPAM Act

The costs of non-compliance with the CAN-SPAM Act can quickly add up for a company breaking the law, with penalties ranging up to $42,530 for each email that violates the law.

In addition, non-compliance with the CAN-SPAM Act can be classified as a crime, leading to penalties, including jail time, being included among the possible consequences.

In 2006, there was a case in which a person was charged under the CAN-SPAM Act and was fined $5.3 million in damages to AOL for his violating email tactics.

Do ESPs help with CAN-SPAM compliance?

Yes, but actually, they can only do so much.

ESPs (Email Service Providers) generally prevent marketers from sending campaigns without a contact address and unsubscribe link. Many even include their own email footer by default that contains this information.

Some ESPs go a step further by verifying the “From” email address as well as requiring previous unsubscribers to confirm consent manually before being added back to a list.

However, that still leaves a large swath of compliance, such as the bulk of the content as well as how a large portion of the header appears, in the hands of email marketers and content creators themselves.

So, the point is ESPs are not going to take care of CAN-SPAM compliance for you.

The bottom line

In 2019, the FTC reviewed the CAN-SPAM Act to determine if it remains relevant and determined that it must remain in its current form. In short, the CAN-SPAM Act isn’t going anywhere.

All the information and guidelines above might seem a bit too cumbersome to follow. Nevertheless, CAN-SPAM compliance boils down to some simple principles: transparency, accuracy, and clearness.

If you remain mindful and make sure that your email contents are accurately reflected in your header, all information concerning you (the sender) is represented clearly and accurately in the email, and recipients are given the opportunity to opt out of future content, then you are set.

In case your business relies on a 3rd party for disseminating emails, the responsibility of ensuring CAN-SPAM compliance still falls on your shoulder. Therefore, to avoid future inconvenience, you must ensure that your affiliates and partners are also in compliance. It is always much better to be safe than sorry.

Sam Nguyen is the CEO and founder of Avada Commerce, an e-commerce solution provider headquartered in Singapore. He is an expert on the Shopify e-commerce platform for online stores and retail point-of-sale systems. Sam loves talking about e-commerce and he aims to help over a million online businesses grow and thrive.