Total Compliance -- What Do the Changes in CAN-SPAM Mean for You?
On July 7, the Federal Trade Commission's new rules for the CAN-SPAM Act of 2003 went into effect. If you are an e-mail marketer, you probably already have heard about this. But do you know exactly how those changes will affect your sending practices? To ensure you are in total compliance with the law, let's look at the key issues of the new CAN-SPAM requirements.
If you don't know anything about CAN-SPAM, you're not alone. Unfortunately, 81 percent of e-mail marketers are unaware of the CAN-SPAM Act and its requirements. Here's a quick recap: In 2004 when the law took effect, a lot of topics were unclear. It didn't answer a lot of questions surrounding multiple senders or forward-to-a-friend. Also, industry critics were concerned that the 10-business-day rule for removing opt-out requests from a mailing list was too long. It was clear that a little tweaking would be necessary to clear up confusion among commercial e-mail marketers.
Now here we are, four years later. The new CAN-SPAM requirements clearly define "the sender," and answer some marketers' concerns around multiple-sender best practices. Here are the main points the new rules clarify:
* Multiple Advertisers -- This is where it gets a little tricky, but stay with me. Multiple advertisers have the option of designating one person or party among them as the "CAN-SPAM sender." This would actually work out to their advantage, as it significantly reduces the complexity of complying with the law in a joint-marketing scenario. If multiple senders do choose to do this, the "designated sender" may be the only one in the "From" line and is the only sender required to include an unsubscribe link and physical address.
In order to qualify as a sender in a multi-advertiser scenario, the law is also much more favorable now. To qualify as the "CAN-SPAM" sender, one must first be "advertising or promoting" one's own products. Secondly, you must be an initiator of the e-mail. Only "initiators" that advertise their own product, service or Web site can qualify as a sender. After the above two conditions are met, the "From" line must show who will be the "designated sender."
Keep in mind that this new "designated sender" rule is optional. Marketers can still have two senders in an e-mail if they want to, so that all parties are fully compliant. This is important to note, because if the "designated sender" fails to comply with the law, all other marketers in that message are now potentially liable for compliance.
* Opt-Out Process -- The new requirements specify that senders cannot complicate the opt-out process. You can only require an e-mail address on the opt-out page that visitors get to when they click the "unsubscribe" link in your e-mail, and you can't require a user to visit more than one Web page to opt out.
If you require users to log in to an account with a username and/or password to "manage their e-mail preferences" when all they want to do is unsubscribe, you're out of compliance. If you have an opt-out survey or a five-page opt-out process designed to make your customers think twice before opting out, you are definitely not in compliance with the law. Charging a fee or requiring any information beyond their e-mail address is now strictly prohibited.
The single-page, single e-mail address form, Web-based opt-out has always been considered a best practice, and now that level of simplicity is a requirement by the law. Keep in mind that you can, however, ask for more information on the opt-out page -- you just can't require it.
One thing that did not change is the 10-day opt-out rule. The reality is that spammers do not honor opt-outs at all while legitimate marketers have not been opportunistic with the 10-business-day window, so the FTC saw no reason to shorten the time frame.
* Forward-to-a-Friend -- If a marketer induces or offers an incentive to someone to forward a message, then that marketer has "initiated" that message, and full compliance with CAN-SPAM is required. This may not seem like a big deal, but it is an important clarification of this law. Full compliance means you must scrub outbound forwards that were induced or incented against your suppression list before delivering the forward. It means that an opt-out link and physical address must be included, and the "From" line should probably be the marketer rather than the individual that wants to forward the message. And to top it all off, it doesn't matter if the forward was done inside the forwarder's e-mail client or on your Web site. If the sending of the message is not procured by the advertiser, then the advertiser is not an "initiator" and can't be held liable for CAN-SPAM compliance.
All in all, the new regulations are something that legitimate marketers should embrace, and make compliance and liability discussions easier to have. If you follow sending best practices, you may have nothing to worry about or change since the FTC's position is well in line with the prevailing philosophy in the industry.
The one thing all marketers should check is their opt-out page. Make sure it complies with the new opt-out requirements, as that's probably the one place where people are most out of compliance.
Whether you are starting from scratch or just ensuring you are on the right track, total compliance is in your hands.
John Engler is the vice president and general manager of UnsubCentral, an Austin, Tex.-based company that offers advertisers and affiliates CAN-SPAM suppression list management solutions. Reach John at email@example.com.