The CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act) was enacted in 2003 to establish national standards for commercial email communications in the United States. This law applies to all commercial messages, including business-to-business emails, and sets strict requirements to prevent deceptive practices in email marketing.
Key Compliance Requirements
CAN-SPAM regulations have the following core requirements:
- Accurate Header Information: The sender’s “From,” “To,” “Reply-To,” and routing details must be truthful and clearly identify the entity initiating the message.
- Non-Deceptive Subject Lines: The subject line must accurately reflect the content of the email.
- Valid Physical Address: Every commercial email must include a physical postal address, which can be a street address, registered P.O. box, or private mailbox.
- Opt-Out Mechanism: Recipients must be provided with a clear and conspicuous way to opt out of future emails, and businesses must honor opt-out requests within 10 business days.
- Third-Party Responsibility: If a company outsources email marketing, it remains legally responsible for compliance with CAN-SPAM regulations.