Marketers Prepare for Federal E-Mail LawWhen Congress officially passed the CAN-SPAM Act of 2003 on Dec. 8, marketers switched from girding for California's draconian anti-spam measure to preparing for the kinder, gentler federal law.
Unlike many state spam laws, the federal bill regulates all commercial e-mail, solicited and unsolicited. Many of its requirements are standard best practices, but e-mail marketers look to make some tweaks to comply with the law when it takes effect Jan. 1.
The federal law requires commercial e-mailers to include truthful header information; provide an opt-out tool, either through an e-mail address or Internet-based form that works for 30 days after the mailing; process opt-out requests within 10 business days of receiving them; use accurate subject lines; put a physical postal address in all messages; and give "clear and conspicuous" notice that messages are ads.
All commercial e-mail needs to comply, except for the requirement to label messages as ads, from which senders with affirmative consent are exempted.
Marketers are liable to enforcement actions by the Federal Trade Commission under the law, with penalties up to $11,000 per violation. State attorneys general can sue for damages of up to $250 per message, with a $2 million cap. Internet service providers also may sue for up to $1 million in damages. Consumers cannot sue, unlike in the law planned for California and those in other states. Advertisers also are liable for any fraudulent e-mail marketing of their products or services.
FTC attorney Brian Huseman said regulators would look first and foremost to prosecute spammers using fraud and deception, not legitimate e-mail marketers.
"The most important new requirement for marketers is to offer an opt-out mechanism and honor it quickly," Huseman said. "That's going to be one of the primary areas of consumer protection, and it will be a primary area of FTC enforcement."
Atlanta e-mail service provider Silverpop is making an opt-out field a requirement in its SmartView technology, which ensures commercial e-mail is formatted correctly. Without the opt-out field completed, clients cannot send their mailing. Silverpop CEO Bill Nussey said the tweak is a precaution against a client accidentally forgetting the opt out.
The 10-day deadline for processing of such requests could pose a challenge for large companies using multiple e-mail marketing vendors. Because the law identifies the sender as the advertiser, all marketers should keep a constantly updated suppression list to check all mailings against, said Ken Hirschman, general counsel at e-mail service provider Digital Impact, San Mateo, CA.
"You may want to consider consolidating under a single vendor," he said.
The law allows the FTC to alter the 10-day rule if it finds compliance by legitimate mailers is too much of a burden.
The law leaves it to regulators to implement rules to guide businesses. The FTC has a year to figure out a definition of what constitutes commercial e-mail and 18 months for a labeling plan to apply to commercial e-mail.
"There's going to be some questions," Hirschman said. "You're going to have to make those judgment calls."
One such call is how to treat newsletters. Hirschman does not think the law applies to them because it defines commercial e-mail as messages whose "primary purpose" is to advertise.
Huseman said many ambiguities in the law could be addressed through the FTC's rulemaking authority. Early next year, the FTC will seek industry and consumer comment to clarify possible gray areas, he said.
One major issue facing marketers is whether the law's requirement for labeling commercial e-mail will lead to increased deliverability problems from filters keying off the notification, Hirschman said.
As for making the notice clear and conspicuous, he advises marketers to follow the FTC's "Dot-Com Disclosures" guidelines, which guides online companies to consider placement of the disclosure, its proximity to the content and its prominence. The FTC also suggests using clear language. The law does not require marketers to include notice in the subject line.
Still looming is the fate of the do-not-e-mail list. The FTC is required to submit an implementation plan, along with technological and practical objections, in six months. The CAN-SPAM Act does not enumerate how marketers would comply with a registry. The FTC has expressed doubt about the feasibility and effectiveness of a do-not-e-mail list.