CAN-SPAM Summary for Legal Marketing

The CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) was signed by President Bush on Dec. 16, 2003 and went into effect on Jan. 1, 2004. While unsolicited commercial e-mail is still legal under the new federal law, marketers must follow five rules to keep their outbound marketing messages above the board. What follows is a brief summary of the transmission rules:

1. Prohibition of False or Misleading Transmission Information

This is directed at “spoofers,” but applies to all senders. Don't try to hide the individual or organization sending the transmission. It is acceptable to send e-mail from a non-personal corporate address (ie, [email protected]). If you have doubts about your header/transmission information, contact your IT department or Internet Service Provider (ISP).

2. Prohibition of Deceptive Subject Headings

Although this is ostensibly directed at egregious behavior, creative marketers should be wary, because the language is very broad. The subject line AND the content should not mislead the recipient about its purpose or objective. A common example are those pornography e-mails with subject lines like “I've been trying to call you!” But this provision goes well beyond those obvious violations. For instance, a link in your e-mail to the “purchase publications” section of your Web site should not be misleading about where it's taking the recipient.

3. Inclusion of Return Address or Comparable Mechanism in Commercial Electronic Mail

When the recipient hits “reply” to your e-mail, the return address should go somewhere such that “remove me”-type e-mails are received and acted upon. Such return addresses must remain valid for 30 days from the date of transmission of the initial e-mail. Note that the law provides an exception for temporary outages, such as your firm's e-mail server crashing for a brief period of time. A common area likely to trip up businesses is when an employee responsible for broadcast e-mail leaves the company. If his or her address was being used as the “reply-to” address, that address must remain valid (or be forwarded to a valid address) for 30 days from the most recent transmission.

4. Prohibition of Transmission of Commercial Electronic Mail After Objection

This is the big one! If somebody replies (or follows your other opt-out procedure) and says, “no more!”, you've got 10 days to get them off your list. If you send them another e-mail 11 days or more after they sent you an unsubscribe request, break out the checkbook – the fine is up to $250 per e-mail address. Be wary of vacation/holiday schedules of employees responsible for this task. Ten calendar days go quickly.

5. Inclusion of Identifier, Opt-Out, and Physical Address in Commercial Electronic Mail

This is the second big one! Your e-mail must contain:

• (A)(i) clear and conspicuous identification that the message is an advertisement or solicitation (Note: This does NOT have to be in the subject line; though some state ethics rule require this of attorney solicitations);
• (A)(ii) clear and conspicuous notice of the opportunity to decline to receive further commercial electronic mail messages from the sender; and
• (A)(iii) a valid physical postal address of the sender. (Note: Some commentators interpret this paragraph to mean you cannot use a P.O. Box address, but there is nothing in the law itself that prohibits the use of a post box or mail stop address to fulfill this requirement.)

Subparagraph (A)(i) does not apply to the transmission of a commercial electronic mail message if the recipient has given prior affirmative consent to receipt of the message.

Like most new laws, CAN-SPAM has many vague attributes.

For instance, if a recipient sends a “remove” request in response to a transmission from your real estate law distribution list, does it mean you have to take the recipient out of ALL your firm's distribution lists, or just the real estate law list? And while pure legal updates to existing clients most likely fall outside the reach of CAN-SPAM, what if it includes the occasional announcement for a legal seminar that has an admission price? What if it includes information on an area of law for which the firm is not already representing the client?

Until these uncertainties are clarified by further legislation or judicial opinion, it is probably wise for each firm to devise its own CAN-SPAM policy and then stick to it. Such policies might include a definition of the external communications that fall within the law, specific instructions on how to draft e-mails that comply with CAN-SPAM provisions and a clear procedure for tracking and implementing opt-ins and opt-outs.

The CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) was signed by President Bush on Dec. 16, 2003 and went into effect on Jan. 1, 2004. While unsolicited commercial e-mail is still legal under the new federal law, marketers must follow five rules to keep their outbound marketing messages above the board. What follows is a brief summary of the transmission rules:

1. Prohibition of False or Misleading Transmission Information

This is directed at “spoofers,” but applies to all senders. Don't try to hide the individual or organization sending the transmission. It is acceptable to send e-mail from a non-personal corporate address (ie, [email protected]). If you have doubts about your header/transmission information, contact your IT department or Internet Service Provider (ISP).

2. Prohibition of Deceptive Subject Headings

Although this is ostensibly directed at egregious behavior, creative marketers should be wary, because the language is very broad. The subject line AND the content should not mislead the recipient about its purpose or objective. A common example are those pornography e-mails with subject lines like “I've been trying to call you!” But this provision goes well beyond those obvious violations. For instance, a link in your e-mail to the “purchase publications” section of your Web site should not be misleading about where it's taking the recipient.

3. Inclusion of Return Address or Comparable Mechanism in Commercial Electronic Mail

When the recipient hits “reply” to your e-mail, the return address should go somewhere such that “remove me”-type e-mails are received and acted upon. Such return addresses must remain valid for 30 days from the date of transmission of the initial e-mail. Note that the law provides an exception for temporary outages, such as your firm's e-mail server crashing for a brief period of time. A common area likely to trip up businesses is when an employee responsible for broadcast e-mail leaves the company. If his or her address was being used as the “reply-to” address, that address must remain valid (or be forwarded to a valid address) for 30 days from the most recent transmission.

4. Prohibition of Transmission of Commercial Electronic Mail After Objection

This is the big one! If somebody replies (or follows your other opt-out procedure) and says, “no more!”, you've got 10 days to get them off your list. If you send them another e-mail 11 days or more after they sent you an unsubscribe request, break out the checkbook – the fine is up to $250 per e-mail address. Be wary of vacation/holiday schedules of employees responsible for this task. Ten calendar days go quickly.

5. Inclusion of Identifier, Opt-Out, and Physical Address in Commercial Electronic Mail

This is the second big one! Your e-mail must contain:

• (A)(i) clear and conspicuous identification that the message is an advertisement or solicitation (Note: This does NOT have to be in the subject line; though some state ethics rule require this of attorney solicitations);
• (A)(ii) clear and conspicuous notice of the opportunity to decline to receive further commercial electronic mail messages from the sender; and
• (A)(iii) a valid physical postal address of the sender. (Note: Some commentators interpret this paragraph to mean you cannot use a P.O. Box address, but there is nothing in the law itself that prohibits the use of a post box or mail stop address to fulfill this requirement.)

Subparagraph (A)(i) does not apply to the transmission of a commercial electronic mail message if the recipient has given prior affirmative consent to receipt of the message.

Like most new laws, CAN-SPAM has many vague attributes.

For instance, if a recipient sends a “remove” request in response to a transmission from your real estate law distribution list, does it mean you have to take the recipient out of ALL your firm's distribution lists, or just the real estate law list? And while pure legal updates to existing clients most likely fall outside the reach of CAN-SPAM, what if it includes the occasional announcement for a legal seminar that has an admission price? What if it includes information on an area of law for which the firm is not already representing the client?

Until these uncertainties are clarified by further legislation or judicial opinion, it is probably wise for each firm to devise its own CAN-SPAM policy and then stick to it. Such policies might include a definition of the external communications that fall within the law, specific instructions on how to draft e-mails that comply with CAN-SPAM provisions and a clear procedure for tracking and implementing opt-ins and opt-outs.