Just as laws have been passed to better regulate the telephone, so are email marketing laws evolving to protect the consumer.
Most of us here are old enough to remember the days of ringing telephones during dinner. While a few calls were welcome, like those coming from family and friends, the majority were annoying. And before the age of caller ID, many of us had to pick up every call-or let the answering machine pick up. Some people got really annoyed and complained to regulators. Laws were eventually passed.
So what does this have to do with email marketing? If you aren’t careful, sending too many emails can be just as annoying as those junk calls during dinner. This is especially so in the age of smartphones and push notifications. Few things interrupt our quiet moments quite as much as the smartphone going off. In that sense, nothing has changed.
In many ways, junk emails have become just like junk calls once were. There are too many of them, and it’s irritating a lot of people. People are getting annoyed: 86% of consumers believe that there should be better data protection laws.
As with the irritating junk calls, governments are listening to consumer complaints. Beginning in the early 2000’s, laws were passed and regulations written which restrict the sending of commercial emails. These laws go far beyond the simple spam filters of the past, and often provide stiff penalties for violations. In addition, data protection laws must be followed every time a commercial email is sent. Let’s take a look at different email marketing laws in major markets.
- What is the CAN-SPAM Act?
- What is the Canada Anti-Spam Legislation (CASL)
- What is the GDPR?
- What is the CCPA?
- How to Ensure that You Comply with Email Marketing Laws
- Always get permission to email the people on your list
- Use double opt-in to ensure that you did your best to get permission from people
- Write an honest subject line describing your intentions without potentially misleading the recipient
- Remind people why they are getting emails from you
- Make sure you have your physical company address on all emails
- Make opt-outs painless
- Honor opt-out requests promptly
What is the CAN-SPAM Act?
In 2003, the United States passed the CAN-SPAM Act, the first of the major email marketing laws that exist today. This law regulates all commercial email, including anything that advertises a product or service, makes a product launch announcement, or encourages you to check out a commercial website. It applies whether you’re sending a single email of this type, or many of them. The Federal Trade Commission has a business guide to the rules on their website.
In a nutshell, the CAN-SPAM Act has a handful of major provisions:
- Commercial or promotional emails must be marked as such.
- You must be honest and up front about who you are, where you can be reached (including email and a mailing address), and the contents of your message.
- Allowing recipients to opt out isn’t optional, and you must respond to opt out requests promptly.
- You are responsible for the actions of your subcontractors, which means that it’s important everybody complies with the rules.
As marketers, we primarily deal with commercial email, such as newsletters, sale announcements, and product releases. These emails are subject to the more restrictive provisions of this law, meaning we must always be careful to mark those emails as ads. It also means that if we refuse to let people reject our emails then we can be fined.
Understanding Commercial / Promotional Emails vs Transactional / Relationship Content
Perhaps the hardest part of complying with the CAN-SPAM Act is understanding the difference between promotional emails and transactional or relationship building content. This distinction is sometimes hard to master, as even the FTC admits. Perhaps the biggest problem here is with dual-purpose emails: ones which both nurture the relationship and offer a promotion.
Let’s look at one example. Many mail-order catalogs and e-commerce websites will send out coupons with order confirmation or shipping emails. These come in addition to the typical “we’re having a sale” announcements. If the only thing these emails did was provide a receipt or packing slip, then they’d clearly be transactional emails. However, the addition of an extra coupon or promotion makes this a mixed-purpose email.
Although the FTC doesn’t give answers to every case, there are some useful clues to help distinguish between commercial and transactional emails. Generally speaking, the dominant purpose of each email controls which regulations apply. Their example of a mixed-use email that’s considered commercial is one where the commercial content dominates, with a brief mention of the transaction. If the email has mostly transaction information, then it’s typically considered transactional.
What are the Penalties for Violating the CAN-SPAM Act?
As with many other FTC regulations, sending marketing emails which are out of compliance gets expensive very fast. In fact, the penalty for each email is $43,792. That adds up really fast, and it covers every email sent to each address that’s in violation. Marketers must be certain that they’re in compliance at all times.
What is the Canada Anti-Spam Legislation (CASL)
Many companies here in the US also engage customers overseas or send email through outsourcing companies. Any time that you send emails across an international border, it’s critical that you know the email marketing laws for each country involved. Many countries, including Canada, have reciprocal agreements with other governments.
In 2014, Canada enacted their anti-spam law, called CASL. This regulation, found on the government Fight Spam website, covers more than simply sending junk emails. Instead, it goes further to protect Canadians from the unauthorized collection of their email for marketing purposes. Even scraping websites for emails is illegal in Canada. Finally, the regulation prohibits unsolicited commercial text and social media messaging.
Violations of CASL are taken seriously. Some violations, such as hacking computers for personal information, are handled criminally. Others, however, can subject you to civil fines or other penalties. According to the legislative website, an individual can end up owing $1M CAD and businesses $10M.
From an email marketer’s perspective, the implications are simple. You cannot obtain or use a Canadian’s personal information without their express permission. This means that the unsolicited “hi I’m XX brand” emails seen in the US tend to be illegal in Canada. Rather than allowing a brand to email until told to stop like we see in the US, Canadian spam emails are opt-in only.
What is the GDPR?
The European Union’s General Data Protection Regulation is the anti-spam law which applies to all EU countries. However, it’s much more than an email law. Rather, it controls the way in which the information on EU recipients is handled. Besides being binding only on EU businesses, though, it applies to every business that interacts with EU parties.
In a nutshell, the GDPR requires that personal data be protected. To send commercial email, you must get explicit consent from each user. This permission must not be buried at the bottom of a “place order” page, either. And similarly to both US and Canadian regulations, it must be easy to unsubscribe. Finally, you may not use private information for any purpose besides those you disclosed at the beginning, and safeguard the information carefully. File information must be provided on request.
As email marketers, this is a tough regulation. It means that we must get permission from everyone that we email, and that we can’t send even one unsolicited message. Besides this, the “disguised” methods of opting in for emails that are common in the US are illegal. Once someone opts in, their information must be kept private. Customer lists, therefore, are strictly protected and can’t be passed on to anyone.
Like other rulemaking entities, the European Union has made violations expensive. Fines are assessed on global revenues from the previous year, with a maximum of 4% or 20 million Euros. These are huge numbers, so paying attention and complying are critical.
What is the CCPA?
Finally, let’s look at the California Consumer Protection Act, or CCPA. This law was passed in 2018, and took effect in 2020. In a nutshell, it requires businesses to tell consumers about information they are collecting and what it’s used for. They must also delete certain types of information on request, and respect a customer’s wishes to not have their information sold to third parties.
For email marketers, the main implication is that there are certain notices you must give when the data is collected. In addition, your ability to sell or pass on information to other companies is much more limited. Since this is a new law, it should be monitored carefully.
How to Ensure that You Comply with Email Marketing Laws
With so many regulations to follow worldwide, it can be easy to lose track and become noncompliant. Most notably, things which are legal in the US will get you massive fines in Canada or the EU. From a purely practical standpoint, the easiest way to ensure compliance is to follow best practices worldwide. This may seem like you’re overdoing it for an American audience, but some of the safeguards will make you look like a good corporate citizen. Not only that, but it’s often cheaper to be over compliant than get fined.
Always get permission to email the people on your list
No matter how strict the opt in rules for your country, it’s always a good idea to ask permission. Here in the United States, you are probably fine using check boxes on order forms or lead magnets. However, if you have even the potential to send those emails overseas, be sure the permission process is more active.
Use double opt-in to ensure that you did your best to get permission from people
A double opt-in is when you send someone an email that indicates their email has been submitted to your list. Then, it asks the recipient to confirm their subscription. When you do this, there is no question that the owner of an email address is OK with being sent commercial emails. If you then keep a log of this permission, it will be difficult for a regulator to argue that you have insufficient permission to send these emails.
Write an honest subject line describing your intentions without potentially misleading the recipient
A frequently used email subject line for us marketers amounts to “open for X% off,” and another is product release announcements. In both cases, it is critical that the subject line indicate you are trying to sell goods and services. The worst thing you can do is deceive a recipient about what you are trying to do, either by disguising a commercial email as a transactional one or misrepresenting the discount.
Remind people why they are getting emails from you
Especially with emails that nurture a relationship, it’s important to remind people it exists. The most common way I see this done is a disclosure at the bottom saying “You’re getting emails from X because Y.”
Make sure you have your physical company address on all emails
This one isn’t just required, it’s good etiquette. People may need to reach out for many different reasons, from customer service inquiries to complaints. Don’t make them chase you.
Make opt-outs painless
You know those annoying subscriptions that you can’t get rid of without following a million prompts on the website? Don’t be that company. Instead, put a simple opt-out or unsubscribe link at the bottom of every email. It’s fine to ask customers why they’re opting out, but don’t make it a hassle. Just one or two questions are enough.
Honor opt-out requests promptly
Once people request to have their email addresses removed from your email list, it is important to do so promptly. Many list owners tell subscribers it can take a few days for the request to work its way through the system. This allows for the adaptation of automated software. However, you shouldn’t drag this out or you risk breaking the law.
Globally, the tolerance for unsolicited commercial email is dwindling. Unwanted emails are annoying and take time away from more important tasks in the life of consumers. In response, governments have passed laws that penalize bad actors. At the end of the day, knowing these email marketing laws and following best practices is imperative, especially considering the importance of email marketing as part of a complete digital marketing strategy.
Hero photo by Grianghraf on Unsplash