A Marketer’s Guide to CAN-SPAM

By BrainStation November 12, 2019

It goes without saying that email is a major communication channel for businesses and a dependable tool in the marketing mix. 

Think about how many emails you clear from your personal inbox on a daily basis – it’s likely upwards of 20. This can get understandably frustrating, especially if you haven’t invited this form of communication. It’s for this reason that consumers and regulators alike have become protective of the inboxes of consumers. 

In 2003, then-President George W. Bush introduced the CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing) Act in response to a growing number of consumer complaints. The law became the first set of guidelines for commercial email communication in the U.S. and is enforced by the Federal Trade Commission (FTC).

So, how does this impact your business? If you’re sending emails to potential, existing, or former customers in the U.S., you’ll want to read on. It might help you avoid a hefty fine. 


Become a Digital Marketer in just 12 weeks!

BrainStation’s Digital Marketing Diploma Program is a full-time, 12-week program that equips professionals with the skills and experience to start a new career in marketing.

Speak to a Learning Advisor

What is CAN-SPAM?

The CAN-SPAM Act spells out the rules around how businesses can promote their products or services to consumers through email marketing. It gives consumers the right to stop hearing from you and lets businesses know what consequences are in store if they don’t comply. 

The Act stretches beyond mass emailing marketing, covering individual electronic business communication as well as messages from internet-to-phone (SMS). More specifically, CAN-SPAM covers “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.” This includes business to business email marketing.

The Dos and Don’ts of CAN-SPAM

Luckily, like most customer-focused business practices, CAN-SPAM rules are pretty intuitive. 

You can think about them in the context of the three stages of the email experience: receiving the email, reading the email, and choosing to opt-out. 

Receiving Emails

When a customer first receives an email from you, they must be able to clearly identify who the sender is and what the email is about. 

  1. The “From” field of your email needs to explicitly state your business name and the name of the person sending the email. This information can’t be considered false or misleading. 
  2. Your subject line needs to give your customers a good idea of what they’ll find inside. Don’t mask a promotional email as a transactional one. If the email content is sexually explicit, this needs to be made clear in the subject line.

Reading Emails 

Once a customer opens your email, they must know where your business is located, whether the email is promotional in nature, and how they can opt-out of receiving emails in the future.

  1. The email body must include your business’ physical mailing address. This can be your street address or a registered postal box address.
  2. You need to clearly and visibly identify that the email is an advertisement. While this doesn’t necessarily have to be done in the subject line, you need to make it transparent enough to avoid any confusion. If the customers on your mailing list have agreed to hear from you, then you don’t have to label the email as an ad, but you do need to meet all other CAN-SPAM requirements.
  3. Your customers should be able to find and understand exactly how to opt-out of your mailing list. They should be able to do this within one step, by either visiting an external page or replying to your email without having to give you anything in return. Don’t use font size or color to make opting out difficult. 

Opting Out of Emails 

If a customer has decided to opt-out of your emails, you need to have a process in place that can quickly act on their request. 

  1. You must let your customers opt-out of your mailing list for at least 30 days after the email is sent. You need to be able to process the opt-out request within 10 business days. At this point, you can’t transfer their email to any third-party business unless it’s a business helping you comply with regulations.

Keep in mind that even if you outsource your email marketing, your business is ultimately responsible for complying with the CAN-SPAM Act.  

Transactional Versus Commercial Emails 

The Act does differentiate between a transactional or relationship email and a commercial or promotional email. Some examples of transactional emails are when you send customers a confirmation of purchase, let them know an invoice is available, or alert them to changing terms or service updates. Commercial emails are the ones you send that promote a product or service, even if it’s just sharing your most recent blog posts. 

If you’re sending an email that combines transactional and promotional messaging, you need to keep in mind the primary purpose of the email. If the primary purpose is transactional, then the only rules you need to comply with is a clear subject line and “From” field.

Below is an example of a transactional email from the FTC website. 

Email example from ftc.gov

Email example from ftc.gov

If the primary purpose of the email is promotional, then you’ll need to fully comply with all CAN-SPAM rules. Below is an example of a commercial or promotional email. 

example of email from ftc.gov

Email example from ftc.gov

What are the Consequences for Violating the Act?

You can be charged up to $42,530 for every email that doesn’t comply with the CAN-SPAM Act. The FTC can also make your penalty public, potentially causing reputational damage. 

What Does This Mean for Your Business?

If email marketing is important for your business, be aware of the rules of engagement. Parts of the law are flexible and open to interpretation, so it’s best to err on the side of caution. Educate yourself on the finer details, especially if your business buys mailing lists or is planning to run a campaign asking customers to forward your email to friends. 

Remember that the CAN-SPAM Act was born from consumer frustration, so don’t just think about it as a pesky legal compliance – consider it another way to put the customer experience center stage. 

For more information or FAQ, read the FTC’s Compliance Guide for Business


Learn marketing skills to boost your career – from home!

BrainStation offers Online Live Certificate Courses in data, design, development, marketing, and product management. Attend live classes and interact with Instructors and peers from anywhere in the world.

Speak to a Learning Advisor