The name of the CAN-SPAM Act scares some people. They think it severely regulates, or maybe even prohibits, e-mail marketing. In a somewhat surprising twist of Internet law, however, e-mail marketing is less heavily regulated than several other methods of electronic marketing.
First, let’s dispel the threat from the CAN-SPAM title (long version: Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003). Although the title suggests an intent to restrict e-mail marketing, the marketing industry actually advocated for the bill, to create a uniform federal standard in lieu of more restrictive California rules that would have otherwise set the de facto national standard.
For years before CAN-SPAM, states experimented with a variety of restrictions on e-mail marketing, including requirements for certain subject headings (for example, beginning with the abbreviation “ADV”), and stringent opt-in or opt-out requirements. All those state laws became inapplicable when CAN-SPAM took effect on January 1, 2004.
The CAN-SPAM Act is fairly friendly to commercial users. Technically, it only regulates commercial e-mails – e-mails designed to promote a commercial product or service. Mere informational e-mails aren’t covered. Nor are transactional and relationship e-mails, such as e-mails to confirm purchases, or notifications about recalls, upgrades and account information.
As to covered commercial e-mails, the act presumptively permits them so long as they meet certain minimum requirements:
The header must not be false or misleading;
The subject line must accurately reflect the content of the message;
The message must be identified as an advertisement (usually in a footer);
The sender’s physical address must be included; and
Specific requirements for disclosing, allowing and implementing opt-outs must be followed.
Essentially, CAN-SPAM sets up an opt-out system for e-mails. You can send the first one, but the recipient can opt out of receiving further e-mails. (By contrast, the Canadian e-mail law, known as CASL, follows an opt-in system.) Obviously, in the U.S. opt-out system, commercial e-mail senders need to comply with opt-out requests. That usually means maintaining company-wide opt-out lists, and scrubbing all e-mail-send lists against those opt-outs.
Most marketers follow the CAN-SPAM rules (including the statutory opt-out notice) for all their e-mails, including informational e-mails, because of the narrow view that some regulators and courts take of informational e-mails. Some courts and regulators unfairly brand every communication made with a commercial purpose as “advertising” and thus non-informational.
Additionally, the Federal Communications Commission construes the act’s opt-out requirement quite broadly, insisting that opt-out notices and procedures need to be provided even for solicited communications. That position is currently being challenged, but prudent mass e-mailers generally include fully compliant opt-out notices and procedures for all of their commercial e-mails.
Of course, even these mild requirements for e-mail ads go beyond the requirements on postal mail, which, for example, does not have to be marked as an advertisement, and doesn’t have to include any opt-out notices or methods. So in this sense CAN-SPAM is indeed the Internet law twist relating to marketing mail.
Faxes and text messages
But the real twist is that other electronic methods of delivery are regulated even more heavily. The Telephone Consumer Protection Act (TCPA), which prohibits unsolicited fax messaging advertisements, is full of pitfalls, dangers, and liability risks.
The TCPA originated in the days when fax machines and special fax paper were expensive, and it seemed improper for someone to send an unsolicited and unwanted advertisement by fax. So the law essentially prohibits the sending of unsolicited advertisements by fax, and severely penalizes violations. (Informational and transactional faxes aren’t covered.)
While the act exempts faxes to a party with whom the sender has an “established business relationship” (EBR), that exemption is narrower than the words suggest. Among other things, to have a valid EBR, at least with respect to relationships that began after July 2005, you had to obtain the fax numbers you used from direct past voluntary dealings with the recipients.
The penalties and enforcement methods of the TCPA are the real problem for marketers. Each improper fax, to each recipient, carries a minimum $500 civil penalty. And the TCPA is enforceable by private attorneys, who usually bring their claims as class actions. A single mistaken fax to thousands of recipients can lead to millions in liability. (CAN-SPAM, by contrast, is only enforced by federal and state agencies, and the maximum penalty per e-mail campaign is $16,000.)
For these reasons, most marketers avoid faxes these days, except for those situations where they can prove that the faxes concern active transactions (like purchase confirmations), or where they can clearly prove an EBR.
Fax advertisements, however, aren’t the end of the TCPA’s hazards for marketers. Because of the definitions of faxes and telephone calls in the TCPA (which also regulated telemarketing), advertising text messages — which didn’t even exist when the act was passed in 1991— are also covered. That means that advertising text messages could be subject to the same draconian penalties of $500 per message as fax advertisements, at least if they are sent through an automatic telephone dialing system, or without prior written opt-in consent.
Marketers who move from postal mail to new methods of delivery need to take careful note of these laws. There’s good reason why most electronic marketing uses e-mail, not faxes or text messages.
Mark Sableman is a partner in Thompson Coburn’s Intellectual Property group. He is the editorial director of Internet Law Twists & Turns. You can find Mark on Twitter, and reach him at (314) 552-6103 or firstname.lastname@example.org.