CAN SPAM Act
CAN-SPAM stands for "Controlling the Assault
of Non-Solicited Pornography and Marketing." The act was put
into place January 2004 to set out requirements for those
sending out commercial emails, establish penalties for spammers,
and give consumers the right to ask emailers to stop spamming
Basics: A 10-Point Checklist
Many of these are very basic and already second nature to opt-in
email marketers: no fraudulent transmission data, no harvesting
email addresses. Others are more complex, such as new rules
regarding inclusion of a physical postal address. These are good
starting points in ensuring your email program is in compliance
with the new law:
Don't use fraudulent transmission data, such as open relays
and false headers (sections 4(a), 5(a)(1), and 6).
Don't use misleading sender or subject lines (section
5(a)(1) and 5(a)(2)).
Add your postal address to all email (section 5(a)(3) and
If your email list isn't opt-in or double opt-in ("prior
affirmative consent"), include a clear notice that states
the email is an advertisement or solicitation in commercial
messages (section 5(a)(5)(A)(i)). If your list is opt-in or
double opt-in, you're exempt from this provision.
Include a "clear and conspicuous" unsubscribe mechanism in
every email (section 5(a)(5)(A)(ii)).
Have a process for handling unsubscribes within the 10-day
window. Ensure this is in place electronically, as well as
for unsubscribes received via postal mail (and any other
contact information you include in the email, such as phone
and fax) (section 5(a)(4)).
Offer recipients a way to receive some types of email from
you while blocking others, along with a "global unsubscribe"
option to stop all future email from your organization
Don't share the address of a person who unsubscribed with
any other entity seeking to send that party email (section
Don't harvest email addresses or use automated means to
randomly generate addresses (section 5(b)(1)).
Remove any sexually oriented material from your messages.
The law requires such material be readily identified in the
subject line. When "initially viewed," the message body
should include only instructions on how to access the
sexually oriented material, as well as your postal address,
a notice the message is an advertisement or a solicitation,
and a working unsubscribe mechanism (section 5(d)(1)). You
can ignore this if the message is sent to someone who opted
in (section 5(d)(2)).
Another note, not so much on compliance as protection. Under
this law, if you want to protect email addresses on your Web
site from being harvested, add a notice you don't "give, sell,
or otherwise transfer" these addresses to "any other party for
the purpose of initiating, or enabling others to initiate,"
email messages (section 5 (b) (1)(A)).