A Complete Guide to Email Marketing and Anti-Spam Laws

A Complete Guide to Email Marketing and Anti-Spam Laws

If you’re an email marketer, there are laws, and they are serious. So, to help you stay out of jail we have put together this article to help you understand anti-spam laws and cover some of the big dos and don’ts of email marketing.

There are protocols internationally that help prevent spam when it comes to email marketing. Many of these can lead to massive fines, penalties, and more when broken. Plus, your company’s or personal reputation can go down the drain with lousy email practices.

We’ll be covering spam, different types of emailing (legal vs. illegal), the CAN-SPAM Act, and all the essentials of ensuring you’re not sending out spam. You’ll understand what you can do and not do when it comes to email marketing.

This article will be going over:

So, let’s start with a good question…

What Is Spam?

Spam image of envelope with exclamation mark.
What is this “spam” stuff?

You’re probably familiar with the word “spam.” But, what is it exactly, and how is it defined?

Spam is unwanted junk email sent out in bulk to an indiscriminate list of recipients. Usually, spam is sent for commercial reasons.

A funny thing about it is the name. It’s from a Monty Python sketch, where the name of the canned pork product (Spam) is unavoidable and repetitive. Otherwise, spam definitely isn’t a laughing matter for those who receive it.

To elaborate a bit more, spam is unsolicited bulk email. The email recipient has not granted verifiable permission for the email to be sent to their inbox.

The keyword is bulk and unsolicited. Bulk means that the message was sent out to many inboxes, and unsolicited means not asked for. A message is spam only if it’s BOTH bulk and unsolicited.

A technical definition of spam, according to Spamhaus.org is:

“An electronic message is “spam” if (A) the recipient’s identity and context are irrelevant because the message is equally applicable to many other potential recipients; AND (B) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent.”

Spam mostly boils down to consent. It doesn’t matter what the message is (e.g. scam, porn, meds, etc.). It would be spam if it were sent unsolicited and bulk.

It goes without saying, spam emails are typically irrelevant and not asked for. They can fill up an inbox, become annoying, and become a gateway for hackers.

Spam cartoon.
Hmm. I wonder?

The good news is there are anti-spam software and filters that scan emails for red flags and can often be caught and end up in your junk mail. Your email inbox provider (e.g. Gmail) will send an email through the filters built into their systems.

Filters look for suspicious subject lines, shortened URLs, and other factors—basically, red flags.

Spam prevention is constantly evolving. Spammers are clever and figuring out ways to get past software and filters regularly, while email companies are evolving to find those loopholes and fix them.

It’s a game of cat and mouse that goes on and on…

Spam vs. Opt-In Email

Image of two envelopes.
One is good and one is bad.

There can be a lot of confusion regarding what’s considered spam. This is especially true if you have someone that opts in to your email list. If you bulk send out an email to the list, is it spam?

Opt-In email is different from spam in the sense that you have permission to email that recipient – even if it’s in bulk. If you have a list of people that have agreed by either clicking or entering their email address, you’ll fall within the bounds of opt-in.

The difference between opting-in and spam is the approval factor. You’ll be sending content that the recipient wants to get. It’s not unsolicited.

That being said, sometimes, a recipient will mark an email as spam – even if they opted-in. It could be they forgot they signed up for permission to get the emails, or possibly your content DID become spammy (e.g. emailing way too much).

With proof from an email provider that a recipient did opt-in, sending out emails to that recipient is not considered spam. Spammy content, however, can get you to lose a contact and an ‘unsubscribe’, so be sure to practice good email etiquette.

What are Anti-Spam Laws?

Image of a gavel and envelope.
There are laws out there to help prevent spam.

In a nutshell, anti-spam laws are – you guessed it – rules based around unsolicited emails that help protect people from receiving unwanted spam emails.

In the U.S., an act called CAN-SPAM in 2003 pre-empted a handful of these laws. That said, most email service providers require that every user agree to abide by anti-spam policies via their terms of service.

If you’re wondering why it’s essential to follow anti-spam policies when sending out emails, consider this – a violation of anti-spam laws can result in fines up to $43K. Yikes!

These anti-spam laws are different in each country. You can view a list of various anti-spam laws by country here. I’ll also touch on a few other countries later on in this article.

It’s important to familiarize yourself with your market before sending unsolicited emails.

So, let’s get into a biggie that’s prominent in the United States: CAN-SPAM.

What Is the CAN-SPAM Act?

Image of hand writing on paper.
CAN-SPAM Act has some details you need to know about.

CAN-SPAM (Controlling the Assault of Non-Solicited Pornography And Marketing) is an act passed way back in 2003. It is a United States law that sets national standards for sending commercial emails.

It essentially establishes rules for commercial email and messages. It gives recipients the right to have a business or establishment stop emailing them, and, for those who violate the law, it outlines the penalties.

This law requires the Federal Trade Commission (FTC) to enforce its provisions.

Senators Conrad Burns and Ron Wyden sponsored the CAN-SPAM bill. After being passed, it was commonly referred to as the “You-Can-Spam” Act because the bill failed to prohibit various types of spam. For example, it doesn’t require marketers to get permission before sending an email.

It was required the FTC report back to Congress within 24 months of the passage to determine its effectiveness. On December 20, 2005, the FTC reported that the volume of spam was leveling off, and no changes were recommended.

There were a few modifications that came along. For example, Congress added the definition of the term “person” and modified the name “sender.” They clarified that a sender might comply with the act by adding a PO box or private mailbox.

The penalties for noncompliance with the CAN-SPAM Act can affect your pocketbook.

For EVERY email that violates the Act, you can get up to a $46,517 fine from the FTC. Think about what that would amount to if you mailed out to a list of 15,000. (Hint: It’s a lot…)

Yes, you want to be compliant.

CAN-SPAM Compliance

Image of a compliance checklist
Does your compliance check all of the boxes?

Marketers have to comply with requirements when it comes to email marketing and as part of the CAN-SPAM Act. The three basic types of compliance defined in the Act are as follows:

1. Unsubscribe Compliance: Email recipients must have a way of opting out of your emails. Unsubscribing is done simply by adding an unsubscribe link or having the recipient email you back for email list removal. Then, the opt-out request MUST be honored within ten business days.

The unsubscribe button
An example of the unsubscribe button on our The WhiP newsletter. (But, why would anyone ever unsubscribe from The WhiP?)

2. Content Compliance: This includes having accurate “From” lines, relevant subject lines, a legitimate physical address of the publisher or advertiser, and a warning if the content is adult.

3. Sending Behavior Compliance: There are a few things this includes. They are:

– A message can’t be sent without an unsubscribe option

– A message can’t contain a false header

– A message should contain a minimum of one sentence

– A message cannot be null

– A message unsubscribe option should be below the message

These three basic types of compliance, when followed, will keep you safe from getting fined.

To make it simple, here are the DOs and DON’Ts when it comes to email marketing and following the CAN-SPAM Act.

DO

  • Include your valid physical postal address in all outbound emails.
  • Have a simple and easy opt-out method included with every email, and honor the unsubscribe within ten business days.
  • Include a clear understanding of who it’s from, who it’s to, and “reply to” language that’s accurate.

DON’T

  • Make it hard to unsubscribe. You can’t charge a fee, make it terribly tough (e.g. including tons of steps), or ask to provide additional information other than an email address.
  • Don’t sell or transfer email addresses to a different list.
  • Avoid using any deceptive lines in your emails that misrepresent the content.

Keep in mind that this article isn’t legal advice. We’re not lawyers, so be sure to check out the FTC website for additional information or consult an attorney if you have some questions that you feel are not answered in this article.

Cold Emails

Image of a snow covered piece of mail.
Cold emails are snow much better than spam.

One common misconception is that you can’t legally send cold emails. That being said, you can. Legally.

It’s important to follow the guidelines listed above when sending emails. As long as you do so, you should be safe from fines. It’s how many marketers stay in business, and cold emails are sent regularly.

What’s the difference between a cold email and spam?

Like someone opting into a list, it’s geared towards that specific person. Successful emails include intentional and personalized contact with the email recipient.

They also communicate valuable information, aim to form a trusting relationship, and – of course – comply with components of the CAN-SPAM Act and include an unsubscribe link (or option).

International Anti-Spam and & Data Protection Laws

International spam laws image
Yes, there are spam laws worldwide.

There are similar laws in other countries that are comparable to the U.S. CAN-SPAM Act. So, if you’re marketing out to other countries, and you’re based in the U.S., you’ll need to comply with international law – or you could be held liable and get fined or face punishment (even imprisonment).

You may be familiar with GDPR (General Data Protection Regulation), which is Europe’s version of the CAN-SPAM Act. This law is implemented for all of the European Union states.

At a glance, the UK GDPR has seven principles:

  1. Lawfulness, fairness, and transparency
  2. Purpose limitation
  3. Data Minimisation
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidentiality
  7. Accountability

For more on GDPR, be sure to read our comprehensive article that covers absolutely everything.

In Canada, there is the Canada Anti-Spam Legislation (CASL). It sets requirements for all commercial email messages and is similar to other regulations requiring businesses to identify themselves and provide an opt-out option.

Canada’s anti-spam legislation is considered one of the world’s most robust data protection regulations. The big difference is that CASL requires people to opt-in to get messages from brands. That means that brands can only market out to emails that gave consent.

The CASL recognizes two types of consent:

  1. Express Consent: This means that a person gives explicit verbal or written consent for emails. This type of consent doesn’t have an expiration date and remains valid until the user withdraws consent.
  2. Implied Consent: Some activities, like purchasing a service or inquiring about a product, can imply consent to receive emails. With Implied Consent, it does expire. It is valid for two years for purchase, and for an inquiry, it’s valid for six months. The recipient can renew consent by purchasing another product or another service inquiry.

Companies must keep a record of acquired permissions from subscribers. Violations of CASL can lead to the sender being sued by the recipient.

All CASL requirements are:

  1. The company must provide identifying information (e.g. business name, postal address, etc.).
  2. A sender can only email people who have given either express or implied consent.
  3. Records of consent must be kept.
  4. Contacts must be removed from the mailing list upon expiration of the consent.
  5. Corporate email messages must include an opt-out option, and the unsubscribe request must be honored within ten business days.

For more on CASL and its requirements, please visit their website.

Laws vary by country, so be sure to investigate exactly what your country requires in terms of anti-spam laws.

Email Marketing Services

To make sure you’re a law-abiding marketer, there are some great email companies out there.

These companies have built-in compliance with email regulations and policy requirements. Plus, they have feedback mechanisms (e.g. compliant warnings), so this helps to minimize the risk of incurring violations.

Please note that these are not affiliate companies with us. (We do not have affiliates and never will!). However, they’re all recommended by us and have a solid reputation.

These are just a handful of companies that are available. They’re all a safe bet that your email marketing is in good hands!

Along with a good email company, there are other steps you can take to…

Image of an envelope with a green checkmark
Ensure those emails you send check out.

We’ve covered a lot about email marketing and spam. So, to wrap things up, let’s take a look at how to ensure you’re completely legal when it comes to sending content to another inbox.

After all, it’s not just legalities – it’s your company’s or individual reputation. It’s obviously always good to follow the rules and comply with international anti-spam requirements.

1. Know Who You’re Emailing

Email allows you to reach out to practically anyone around the world. If you plan on doing so, be sure to get familiar with country-specific legalities (e.g. CAN-SPAM Act).

Of course, it can be tricky knowing where everyone is from in a contact list. You could always have an opt-in option for specific regions and segment accordingly. In general, most anti-spam laws have many of the same conditions, so keep that in mind.

2. Ensure Your Contact Has Opted-In

It’s not required in the United States to have your subscribers be opt-in subscribers, but other anti-spam laws do need it.

Opting-in will help protect you internationally and ensure that your subscribers are legit people wanting information.

3. Store Their Consent

Storing a contact’s consent in a safe and reliable place can help protect you and can be used to make your case legal. Have the ability to demonstrate what you told them they consented to and how they consented (e.g. by opting-in).

4. Have Opt-Out Option

We’ve talked about this earlier, but again, it’s vital to give your users the ability to opt-out and ensure they are opted out after a set amount of time.

5. Do Not Buy Email Lists

It is legal to buy email lists, but you’ll have to obtain specific consent from people on the list to keep using them. You can run into trouble if someone on that list opted out, and then you reach out to them since they’re now on your list, and unbeknownst to you, they didn’t want to be.

It’s best to collect leads through your website or opt-in form.

6. Be Open About Who You Are

Bottom line: Don’t hide your identity. Include your name, last name, and company where you work. Add links to the company website to ensure the contact knows who sent the email. Also, provide your mailing address.

Transparency is key to being extremely open about who you are as the sender.

7. Be Honest

Whatever your proposal is with your email, don’t mislead and be honest about it. Be sure it’s clear and straightforward. This goes for the subject line and content.

8. Send Quality (and not too many) Emails

There’s no legality about sending massive amounts emails to legit contacts, but for best practices and to help ensure that you don’t get dinged for anything illegal, practice good email policies and don’t oversend.

In terms of quality, avoid spammy things, like using all capital letters, too many exclamation points, and gimmicky words or phrases.

In other words, don’t make your quality, legit (and legal) emails look like spam by emailing too much or by containing spammy content.

9. Use a Compliant Email Service

Using a compliant email service (e.g. Mailchimp, Constant Contact, etc.) has numerous benefits to ensure you’re legal. They monitor bounce, unsubscribe & abuse rates, and issue warnings to accounts when exceeding industry standards.

Plus, they store information and keep a “paper trail” of opt-ins and help manage your audiences. They also have support, so any questions you may have about legalities, they can help answer.

Spam I Am (Not)

As you read, there’s a ton you can do to ensure you’re legally up to par when it comes to email marketing. It’s just a matter of putting good practices in place and maintaining quality standards that can be used internationally.

Also, just being familiar with the laws, what’s spam, and what isn’t will keep you from becoming a spammy marketer that’s not doing yourself – or your email list – any favors.

Luckily, you don’t have to worry about massive fines and penalties if you just play by the rules. If you even THINK you might be sending out Spam – you probably are. You now know better not to.

After all, there’s no glamor in being a spammer.

What do you think of the laws in place to prevent spam? Let us know in the comments!
N. Fakes
N. Fakes Nate is an L.A.-based writer. When he's not pounding keys on his MacBook, you might find him scribbling inappropriate things as a syndicated cartoonist. He's fond of family time, hanging out at Venice Beach, and pizza coupons.