CAN-SPAM Compliance

Home » CAN-SPAM Compliance

The Controlling the Assault of Non-Solicited Pornography and Marketing Act (“CAN-SPAM Act”) is a federal law enacted in 2003. It sets out requirements for businesses and or people who are soliciting services or products via commercial mail to potential consumers.  Commercial mail is defined as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.”

This checklist was assembled by Logan Peppin at the UW Privacy Law Clinic

Covered by CAN-SPAM?

Step 1: Ask yourself: Are you a company that is soliciting a product or service via email to prospective consumers?

  • If no, CAN-SPAM is not applicable to your company. Stop.
  • If yes, proceed to step 2.

Purpose of email

Step 2.   Identify what is the purpose of your email?

  • Commercial – advertising;
  • CAN-SPAM applies;  Go to step 3
  • Transactional – already agreed upon communication with a customer;
  • CAN-SPAM does not apply; stop
  • Other -
  • CAN-SPAM does not apply; stop

Content of email

Step 3. Content of E-mails. Every email that solicits a service needs these things:

  • Accurate Header Information
    • No misleading/false information
    • To/From must be correct
    • Accurate Subject Lines
  • Disclosed as an ad -- Must be “clear and conspicuous”
    • Companies physical postal address
    • A clear opt-out 
    • EX: bottom of email an unsubscribe button to click
    • Consider the font color, size, and style

Special spam steps

Step 4: consider special requirements and risks

  • If this is a sexually explicit email, there are other requirements you must follow
  • You can still be liable for email sent by a hired third party who is in charge of promotional messages.  
    • If someone opts out and tells the third party, you are also liable for your contractor's failure.
  • Email sent to a phone are still subject to CAN-SPAM
  • SMS text messages are NOT subject to CAN-SPAM