Free! Sign Up to Receive The Jennings Report Learn about Jeanne's book The Email Marketing Kit   Jeanne S. Jennings  Consultant, Marketing and New Product Development Specializing in Email and Websites MBA, 15+ years of online experience The Jennings Report relies on   Search The Jennings Report Search the WWW

January 8, 2004

Complying with the CAN-SPAM Act – A 10-Point Checklist for Marketers
by Jeanne S. Jennings

Happy New Year! January 1 marked the start of 2004 as well as the day the provisions of the CAN-SPAM Act of 2003 take effect. Some went into place last week and are well-defined; other things, like ‘ADV’ or some other label in the subject line of commercial mail, are in the Act but not yet fully defined; then there are the real gray areas, like whether you should, under law, include your brand or the list owner’s brand when sending a commercial message to a third-party list.

Here’s a ‘quick reference’ version of a report that I put together for myself and my clients, based on my reading of the Act. It includes:

1. an overview of some of the new terminology Congress introduced
2. a 10-Point Checklist of things to do right now
3. a timeline of when future provisions of the Act will be fleshed out and take effect
4. a link to the full-text (all 21 pages of legalese) of the Act
5. an invitation to attend a teleseminar to learn more about CAN-SPAM

Disclaimer: I’m not a lawyer (and I don’t even play one on TV!), so the following are recommendations based on my reading of the law, not legal advice. I have cited section numbers where applicable to help you refer to the original language of the Act.

1. New Terminology
Congress created some new terminology you’ll want to be familiar with. Here are the high points.

Affirmative Consent – Basically opt-in, with an added responsibility that if you’re sharing the e-mail address with a third-party you must give the recipient ‘clear and conspicuous notice at the time the consent was communicated.’ (section 3(1))

Commercial Email Messages vs. Transactional or Relationship Email Messages – The act treats these types of messages differently, so it’s important to know which group your missive falls into. The basic distinction laid out here is the purpose of the message – if it’s an advertisement or promotion for a commercial product or service, it’s the former. If the purpose is to ‘facilitate, complete or confirm’ a previously agreed upon commercial transaction, it’s the latter. Also included in the latter definition is warranty information and product updates or upgrades on that previously agreed upon commercial transaction, as well as benefit/other information to your own employees,

Additional detail on how to categorize e-mail is forthcoming (see the timeline below). But the act does state that simply referencing or including a link to a commercial entity in an e-mail message is not enough to make it a commercial e-mail message under this act (sections 3(2) and 3(17)).

2. The Basics of Compliance – A 10-Point Checklist
Many of these are very basic and second nature to opt-in e-mail marketers – like not using fraudulent transmission data and not harvesting e-mail addresses. Others are more complex, like the new rules on including a U.S.P.S. address. Either way, it’s a good place to start to be sure your e-mail program is in compliance with the new rules.

1. Don’t use fraudulent transmission data – open relays, false headers, etc (sections 4(a), 5(a)(1) and 6).
2. Don’t use ‘from’ and ‘subject’ lines that are misleading (section 5(a)(1) and 5(a)(2)).
3. Do add your U.S. Postal Service address to all e-mails you send (section 5(a)(3) and 5(a)5(A)(iii)).
4. If your e-mail list is not ‘opt-in’ or ‘double opt-in’ (‘prior affirmative consent’ per the act), do include a clear notice in commercial messages stating that they are an advertisement or solicitation (section 5(a)5(A)(i)). If your list is opt-in or double opt-in, you are exempt from this provision (section 5(a)5(B)).
5. Do include a ‘clear and conspicuous’ unsubscribe mechanism in every e-mail you send (section 5(a)(5)(A)(ii)).
6. Do have a process for handling unsubscribes within the 10-day window – be sure this is in place for unsubscribes received via U.S.P.S. mail (and via any other contact information you include in the e-mail, i.e. phone, fax, etc.) as well as electronically (section 5(a)(4)).
7. Do offer recipients a way to receive some types of e-mail from you while blocking other types along with a ‘global unsubscribe’ option to stop all future e-mail from your organization (section 5(a)(3)(B)).
8. Don’t share the address of a person who unsubscribed with any other entity who is looking to e-mail them (section 5(a)(4)).
9. Don’t harvest e-mail addresses or use automated means to randomly generate them (section 5(b)(1).
10. Do remove any sexually-oriented material from your messages – the act provides that such material must be readily identified in the subject line and when ‘initially viewed’ should include only instructions on how to access the sexually-oriented material, your U.S.P.S. address, notice that it is an advertisement or solicitation and a working unsubscribe mechanism. (section 5(d)(1)). You can ignore this is the message was sent to someone who opted-in (section 5(d)(2)).

One more note, not so much on compliance but protection. If you want to protect e-mail addresses on your website from being harvested under this Act, add a notice that you don’t ‘give, sell, or otherwise transfer’ these addresses to ‘any other party for the purpose of initiating, or enabling others to initiate,’ e-mail messages. (section 5(b)(1)(A)).

4. Timeline
Most actions are to be undertaken by the Federal Trade Commission, some with input from the Attorney General, the Federal Communications Commission, the Department of Justice and other appropriate Federal Agencies.

January 1, 2004 – The effective date of the CAN-SPAM Act of 2003 (section 16).

On or before March 1, 2004 – Regulations announced for adding ‘clearly identifiable marks or notices’ for e-mails with sexually-oriented material to inform recipients and facilitate filtering. (section 5(d)(3)).

On or before July 1, 2004 – A plan and timetable provided for a Do-Not-Email Registry, along with any concerns about such a registry and how it would function with respect to children’s e-mail addresses (section 9(a)).

On or before October 1, 2004 – A plan announced for rewarding people who help identify organizations who are violating the provisions of this Act. This document will also outline how violations are to be reported to the FTC, including an electronic submission option (section 11(1)).

On or before October 1, 2004 – Regulations announced to protect consumers from commercial e-mail messages delivered to wireless devices (cell phones, blackberrys, etc.). They will consider the ability of the sender to know that they are sending to a wireless device (sections 14(b) and 14(c)).

No sooner than October 1, 2004 – The FTC may implement the Do-Not-Email Registry (section 9(b)).

On or before January 1, 2005 – Regulations provided on how to define the primary purpose of an e-mail in order to categorize it as either commercial or transactional/relationship. (section 3(2)(C), Regulations Regarding Primary Purpose)

On or before July 1, 2005 – A plan for the labeling of commercial message in the subject line announced. The use of ‘ADV’ is mentioned as an option; if the do not have standards by this date they need to explain why they are against the plan. There is precedent in the plan to exclude opt-in lists from this provision (section 5(d)(2)), which I agree with, but it’s not a done deal until they release their plan. This is one for opt-in e-mail marketers to watch and provide input on (section 11(2)).

On or before January 1, 2006 – Presentation of a report on how successful the provisions of this act were, identifying any additional measures Congress should take. This will include an analysis of technical and marketplace developments, recommendations on addressing e-mail sent from other countries and any additional ideas for protecting recipients, especially children, from obscene and pornographic e-mail messages.

5. Full Text -- CAN-SPAM Act of 2003
To view the full text on Thomas, the Free Legislative Information System managed by the Library of Congress:

1. Visit http://thomas.loc.gov/

2. Search Bill Text 108th Congress (2003-2004) for Bill Number 'S.877.ENR' (This is the 'Enrolled' version -- i.e. the version passed by both the House and the Senate).

6. Invitation to a Teleseminar on CAN-SPAM
Confused? Then please join me and a group of other e-mail marketing professionals at the MarketingSherpa-sponsored Emergency Teleseminar on CAN-SPAM, taking place Thursday, January 15th from 1-3pm ET.

You must RSVP by Wednesday, January 14 to reserve your space. The cost is $199. All you need is access to a telephone -- you're welcome to use a speaker phone and have your entire staff take part. Afterward you'll receive a printed transcript and audio CD of the teleseminar as well as a report on practical recommendations for compliance. 

Invited speakers include: The FTC, PricewaterhouseCoopers, NetCreations, Affiliate Summit and MarketingSherpa

Topics will include: How new laws affect e-mail campaigns, affiliate programs, list rentals, e-mail newsletters and house list database management. Your specific questions will be answered in detail by the experts.

Thanks for reading! I'd love to hear what you have to say. Feel free to contact me with any thoughts or feedback about this publisher's note.