The law seems like good news for people who dread a mailbox brimming with annoying e-mail ads, e-newsletters and even phishing. Read the full story published Friday, July 30, 2004 in the Portland Press Herald.

July 30, 2004

For more information contact:
Alfred Frawley
afrawley@preti.com

When Congress passed the Can-Spam Act in January, companies that use e-mail to market to their customers and prospects faced new legal requirements designed to protect Americans from the onslaught of unwelcome commercial messages.

The law - formally known as Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 - seems like good news for people who dread a mailbox brimming with annoying e-mail ads, e-newsletters and even phishing - the latest trend in fraudulent e-mail identity scams, where e-mail recipients are tricked into giving up personal financial information to the phisher, who then sells it or uses it himself.

But businesses that rely on e-mail marketing worried the law would put a crimp in their customer communications. Fines for violating the act can reach $2 million. And felony violations of the Can-Spam law carry a penalty of up to three or five years imprisonment.

Despite the threat, studies estimate that between 32 percent and 50 percent of all e-mail traffic within the second quarter of 2004 qualifies as spam.

Most consumers are so irritated with what they see as an invasion of privacy, they enthusiastically support initiatives like the Can-Spam law, block lists, antispam filters that snag unwanted e-mail electronically and opt-in requirements that would mandate consumer permission for the receipt of e-mail advertising.

In fact, 74 percent of e-mail users favor a do-not-spam registry, according to a study by the e-Privacy Group and the Ponemon Institute.

A closer look at the law, though, demonstrates not just the legal requirements for outgoing commercial e-mails, but presents some opportunities for businesses to build trust-based relationships with their customers. Under the Can-Spam Act, companies that send commercial e-mail must:

• Maintain an opt-out system to allow recipients the opportunity to request that you stop sending e-mails. In the past, improper use of this function by spammers only increased the problem. Spammers commonly ask for opt-outs, but, instead of taking the recipient off the mailing list, used the information to confirm a valid e-mail address.
• Honor all opt-out requests within 10 business days of receipt. Include the opt-out provisions in each e-mail you send, unless the recipient has given clear consent to receive commercial e-mail from you.
• Refrain from selling, exchanging or transferring the e-mail address of anyone who has made an opt-out request, except as necessary to comply with the Can-Spam law.
• Refrain from sending messages with misleading subject headings. Advertisement or solicitation e-mails must use the phrase "ADV" in the subject line.
• Include a notice in the body of the message explaining how recipients can prevent the transmission of future messages by using the sender's return e-mail address or Internet-based reply mechanism. Make sure your address is functioning for at least 30 days from the transmission of your message. You must also include a valid postal address.
• Consult a lawyer if you're worried that you're not following the rules and need help in devising your own e-mail protocol and policies.

Although the law restricts many aspects of commercial e-mailing, it creates avenues for building trust with the consumer.

Again, setting yourself apart from illegal spammers and fraudulent "phishers" can be as simple as changing your pre-checked boxes or other passive opt-in mechanisms in your e-mail signup process to unchecked boxes.

You could also provide some sort of affirmative consent process, which makes it clear to the customer that they are opting-in to an e-mail relationship with your company.

Your company also could offer a link from your e-mails to a page on your Web site that enables customers to update their address, opt-in or opt-out of communications, or make edits to their preferences. Or provide recipients with an opportunity to easily unsubscribe to recurring messages via a global suppression feature. This is important if you send more than one type of recurring e-mail newsletter or promotional message. The global suppression allows them to opt out and never receive any future e-mail from your company.

Also, you can make your e-mail privacy policy clearly available next to the "submit" button. An abbreviated version in the e-mail is appropriate, but offer a link to the complete version.

Obtaining permission to send e-mails limits your legal liability and builds a stronger relationship with customers and a better image in the marketplace.

The Federal Trade Commission is the primary agency responsible for enforcing this law, and it is scheduled to report on the effectiveness of the law later this year. For more information on the Can-Spam Act, visit www.spamlaws.com or www.ftc.gov.