E-mail spam–the bulk transmission of unsolicited e-mail–has become a problem of epidemic proportions. Anyone with an e-mail address has experienced the frustration of receiving hundreds of messages from businesses they have never heard of, advertising products they have no interest in. Even worse for the recipient, some of these e-mails are scams that cost consumers millions of dollars per year. Spam also presents several problems for legitimate businesses: the clutter of unwanted e-mail in a customer’s in-box makes it more difficult for the customer to see your message, spam steals bandwidth from your company’s network, and your employees’ efficiency is reduced when they are forced to sort and delete spam from their own in-boxes.
Spam has become such a problem that the U.S. Congress enacted the CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing Act) Act of 2003 to govern the use of commercial e-mail. All businesses should be aware of the Act and follow its rules to avoid prosecution.
It is important to note that the CAN-SPAM Act only applies to commercial e-mail whose purpose is primarily the advertising or promotion of a commercial product or service. The Act does not restrict “transactional or relationship” e-mail, which is defined as:
The CAN-SPAM Act took effect on January 1, 2004. At that time the U.S. Federal Trade Commission (FTC) was authorized to monitor and enforce compliance, and the U.S. Department of Justice was authorized to prosecute cases. The Act has three primary goals:
To accomplish these goals, the CAN-SPAM Act declares four broad principles:
Following the CAN-SPAM Act’s Rules
In this section we discuss the Act’s most important rules and how to adhere to them. The complete text of the CAN-SPAM Act can be found at http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=108_cong_public_laws&docid=f:publ187.108.pdf. Since its inception, the Act has been updated several times; you can stay current with these changes by visiting http://www.ftc.gov/bcp/conline/edcams/spam/rules.htm. If you have any questions about implementing the Act, you may want to consult an attorney.
Recipient Must Give Affirmative Consent to Receive E-Mail
A fundamental concept of the CAN-SPAM Act is that the sender may not transmit commercial e-mail to a recipient until that recipient has given affirmative consent that they are willing to receive e-mail from that specific sender. Under the Act, there are three ways that a recipient can indicate affirmative consent:
Recipient Must Be Able to Decline Further E-Mail
A recipient must be allowed to opt-out of receiving future commercial e-mail from the sender. Further, the sender’s commercial e-mail message must include a clearly marked mechanism that the recipient can use to decline further e-mail. This opt out mechanism must:
The sender must stop transmitting commercial e-mail to the recipient within 10 business days of receiving an opt-out request. Further, it is illegal for the sender to “sell, lease, exchange, or otherwise transfer” to another party the e-mail address of a recipient who has declined to receive further e-mail from the sender.
E-Mail May Not Be Deceptive
An e-mail’s header information must be technically accurate; the e-mail cannot appear to be from a domain name, IP address, or e-mail address that has been fraudulently used or obtained by the sender. Also, the information in the “From” line of the e-mail message must accurately identify the person (or company) who sent the message.
The “Subject” line of the e-mail must accurately describe the content of the message. It is unlawful to use the Subject line to trick the recipient into reading the message.
The sender’s return e-mail address must be included, it must be technically accurate, and it must be a valid, working e-mail address for 30 days after the transmission of the e-mail message. It is unlawful to include a non-functioning return address in an e-mail message.
Further, any e-mail messages containing sexually-oriented content must be clearly marked. One preferred method for warning recipients is to put the words “SEXUALLY-EXPLICIT” in the e-mail’s subject line.
Legally Obtained E-Mail Addresses
Once again, the fundamental principle at work is that recipients must give consent before receiving commercial e-mail. If a recipient’s e-mail address is not obtained legally, then they did not give consent. Following are two illegal methods, described in the Act, for obtaining recipient’s e-mail addresses:
Further, it is illegal for the sender to use an automated means of creating e-mail addresses that are used to transmit e-mail to recipients.
CAN-SPAM’s Criminal Penalties
The FTC has trained more than 1,700 law enforcement agents in the U.S. and Canada to enforce the CAN-SPAM Act. The CAN-SPAM Act details severe penalties for anyone convicted of breaking its laws. Depending on the nature of the offense, the number of times it occurred, and the damages done to consumers, the penalties can include:
International Anti-Spam Laws
If your business has international customers, you need to be aware of the anti-spam laws enacted by other countries. Canada has joined with the United States in pursuing and prosecuting businesses and individuals under the CAN-SPAM Act. In April of 2004, the Australian Communications Authority (ACA) passed the Spam Act 2003, which is similar to CAN-SPAM, except that it more easily allows for individuals who send even a single fraudulent e-mail to be prosecuted and fined up to A$220,000. Australia ‘s Act also levies fines of A$1 million per day for repeat offenders.
The European Union passed its own anti-spam laws. Like the CAN-SPAM Act, the EU’s laws require that recipients opt-in before receiving e-mail messages. The EU law also states that cookies cannot collect data about a Web site visitor unless that visitor first gives permission. Likewise, that visitor’s information cannot be exchanged or sold without prior permission. Punishment for violations varies from country to country, with Germany being especially strict.
Hong Kong is currently in the process of enacting an anti-spam law which will cover not only e-mail, but text messages, faxes and telemarketing. Their law is expected to take effect in 2006.
For more information about anti-spam laws enacted around the world, go to www.spamlaws.com.
Verio is a leading global provider of web hosting and cloud services. As a part of NTT, one of the world's largest telecommunications companies, we offer the stability businesses need in a long-term technology partner.
Domain Name Registration Verio offers Domain Name Registration. Every domain purchased through Verio includes a FREE 3-page website. Our Web Hosting Plans include FREE design and marketing tools and a FREE domain name to help you start your business online.
VPS Hosting For businesses looking to control costs, but that require higher security and performance, Verio VPS Hosting is ideal. You can rely on it for your high-traffic ecommerce sites, content management systems like WordPress and Joomla, or multisite hosting.
Dedicated Hosting When uptime is critical, Verio Dedicated Hosting provides you with private managed servers that let you focus on your business, test environment or website, while Verio handles the hardware.
Verio, viaVerio, and Verio's product names and their related logos are trademarks, service marks, and/or registered marks of Verio Inc. in the United States and other countries. All other names are trademarks or registered marks of their respective owners. All rights reserved.