Are Your Marketing Emails Illegal? How to Comply (and Thrive) with The CAN-SPAM Act


Are Your Marketing Emails Illegal? How to Comply (and Thrive) with The CAN-SPAM Act

5e8c15d280dd187b0e4a4303 Carena Marchi Profile Pic Copy
Carena Marchi
Jul 5, 2023

We’ve all been there. Standing in line for a cup of overpriced coffee, reluctantly deciding to click on the little envelope icon on our smartphones because we know exactly what’s coming: a flood of emails with everything from sales on shoes from a store you barely remember visiting to deals on yoga classes that never seem to stop coming in after you innocently attended a studio’s free week trial. After a certain point, you stop deleting these messages altogether.

So, how do marketers make sure that their content lands in your inbox rather than being shunned to the spam folder? The complexities of what seems to be an easy way to reach audiences may surprise you.

In the increasingly digital world we live in, companies rely on tools like email marketing to get the word out about their latest and greatest offerings. It’s a great way to reach audiences directly with multimedia and catered calls to action. And, it allows a business to remain at a customer’s top-of-mind while gaining traction in a calculated way that can be measured and analyzed.

Download Free White Paper Now: A Beginner’s Guide to Email Marketing

The only catch? Compliance.

Many marketers and content creators remain in the dark when it comes to the legalities of email marketing content. In fact, most are unaware that some pretty strict email laws exist, limiting what can and can’t be done.

What are the boundaries of email marketing, and how often do companies cross the line from legal to illegal? How will these email marketing regulations affect your business on a day-to-day basis?

When considering email marketing as an outreach tactic, it’s important to understand the rules and regulations that can turn your company’s innocent approach into a legal nightmare. Let’s start by exploring the different components of an average user’s email inbox.

The Anatomy of an Email Inbox

In order to understand what makes a marketer’s email legal or illegal, we need to address the different types of emails that the average consumer encounters on a daily basis.

The fact is that more than 50% of the emails a person receives on a given day are categorized as “promotional material.” It’s no wonder consumers often feel lost in a whirlpool of messages that seem to drown out one another. All of the businesses someone has supported in the past are competing for attention the minute an email inbox gets opened. Knowing this information can impact how your own company pursues its outreach.

60d5608b297e2a4b02abe1a1 DlfczxZlAZkKBpkGSMlK0rQKXwCsTwz0yHFPOYk1ROZhuP6iLR9lQ5qrZ5uHPdvB2dZik3Ni6SPQbsQcho2rRG9ZdY1lJIs7SZA2Sj LNqIdMD971gWf5m1ABIIkn9 HEPx6 8gJ

One of the most valuable facets of promotional email marketing is permission. Yes, it’s definitely important to understand your audience and develop a specific call to action, but at the end of the day, without the permission and interest of your audience members, your emails go against their wants and might even break some laws, too.

Opening up a CAN of SPAM

The CAN-SPAM Act sets regulations for commercial messages, as well as gives email recipients the right to unsubscribe. A company that disobeys these regulations can be subject to some incredibly steep fines. By establishing a clear set of guidelines, this law aims to ensure that companies remain compliant throughout all of their email marketing endeavors.

What are these CAN-SPAM email requirements?

When it comes to taking a closer look at the “ingredients” of the CAN-SPAM Act, seven is the lucky number. In order to make sure your business is compliant with all parts of the CAN-SPAM Act, it’s important to understand the basics behind the regulations. Here’s a breakdown of what this law means for your company’s email marketing strategy:

  1. Avoid using a misleading header for your emails

Each email’s header needs to contain the correct information for the intended recipient. An email sent by your company should always address the right person or business who initially started the conversation. This means that your “To,” “From,” and routing information need to be accurate every time you press “send.”

  1. Make sure your email’s subject line matches the content it contains

Your email’s content should match the subject line you choose. The subject line should always be an accurate representation of what’s to come once your recipient opens the message. Think of the email subject as an appetizer before the main course is served!

  1. Address the fact that your message is an ad

It’s important to clearly convey the goal of your content as an ad. At the end of the day, most consumers understand that the goal of your email is to drive them to your company’s website or storefront. There’s no reason to pretend to be something that you’re not.

  1. Include your business’s address in all messages

This one’s simple, yet sometimes forgotten. Be sure to include your company’s valid physical postal address. Make sure your email recipients know exactly who you are and where they can find you.

  1. Give your recipients an option to unsubscribe

Every message you send out must include an obvious unsubscribe link to opt-out of future emails from your company. Be sure to craft this in a way that is creative and logical to your audience. It should be legible and easily recognizable!

  1. Be sure to actually unsubscribe those who choose to do so

Any opt-out you offer must be able to process requests for at least 30 days after you send your message. This request must be honored within 10 business days; a solid CRM platform with email marketing automation will be able to handle this automatically. Lastly, be sure you aren’t charging a fee or asking for any additional personal information, and that you do not sell their email addresses in the future.

  1. Be wary of what others are saying about your company

The last thing to be mindful of is to make sure you are monitoring what other people you hire are saying and sending on your company’s behalf. At the end of the day, your company is responsible for the actions and messages that any of your marketing affiliates commit and produce. Both the party responsible for sending marketing emails and the company being promoted are at risk when dealing with law compliance issues.

What’s the Deal with Cold Emails?

Now that we’ve gone through some anti-spam laws, let’s think about the concept of “cold-emailing.” A common misconception is that it’s illegal to send cold emails. If you make sure to follow each of the laws above when sending out emails, then you should be safe from the fines and headache at risk. For sales outreach, cold emails can lead to new opportunities and active audience members for your company.

So, how can you tell between a cold email and spam?

In order to decipher between these two close classifications, look for certain defining characteristics. A successful cold email will:

  • Include intentional and personalized contact with an individual.
  • Communicate information that is valuable and does not rely solely on automated content.
  • Aim to foster a trusting relationship with the recipient.
  • Comply with all components of the CAN-SPAM Act and offer an opt-out or unsubscribe option.
60d5608c6fd9b7f34e4e774b EYioNSpxwyN5 NOWo Du DoyQ77yozlZ2rbj6xItd5BZQ8FYw73pIPS9D2qTNeYRrE7nWXoM2a9mPGwFAJmjGOaCvnebv6uosO Oe8rRrI0RY5cVgoxuuwau6X2NX8ycM6ACvEvm

International Anti-Spam & Data Protection Laws

While the CAN-SPAM act is specific to the United States, it’s important to note that there are similar anti-spam and data protection laws across the globe — most notably in Europe and Canada. Although based in other countries, if a company in the U.S. does business internationally, that company must comply with international law or be held liable.

General Data Protection Regulation

Europe’s version of the CAN-SPAM Act, the General Data Protection Regulation (GDPR) was enacted in 2018 to overhaul how businesses protect and handle data. Lauded as a progressive approach to handling personal data, this data protection law covers all the European Union states.

Here are the GDPR requirements:

  1. Lawfulness, fairness, and transparency: Collect data in a lawful, fair, and transparent manner.
  2. Purpose limitation: Data is collected for specific, explicit, and legitimate purposes, and cannot be further processed.
  3. Data minimization: Only collect personal information that is adequate, relevant, and absolutely necessary.
  4. Accuracy: Personal data should be accurate and up-to-date; reasonable steps must be taken to either erase or rectify inaccurate data.
  5. Storage limitation: Personal data should be stored no longer than is necessary for original purpose. Data may be stored longer solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes.
  6. Integrity and confidentiality: Collected data must be processed in a manner that ensures appropriate security and protection against unauthorized or unlawful processing, accidental loss of information, or destruction or damage.
  7. Accountability: Those who have collected the personal data — the “Controllers” — must show compliance and be held responsible.

Canada’s Anti-Spam Legislation

Widely considered the world’s strongest set of data protection regulations, Canada’s Anti-Spam Legislation (CASL) sets clear requirements for all commercial email messages. Similar to other regulations, CASL requires businesses to identify themselves and provide the option to opt-out of certain communications.

What sets CASL apart is the requirement for people to “opt-in” to receive messages from brands. In other words, brands can only send emails to people who’ve expressed consent to receive messages from them. CASL recognizes two types of consent:

  1. Express consent: A person gives explicit verbal or written consent to receive emails from a company. There is no expiration date for this consent; it is valid until the person withdraws their consent.
  2. Implied consent: Certain activities, such as purchasing a product or inquiring about a service, can imply consent to receive emails from marketers. Unlike express consent, implied consent can expire. Implied consent for a purchase is valid for two years, and implied consent for an inquiry is valid for six months. Consent can be renewed by the recipient purchasing another product or inquiring about a service again.

It is up to the company to keep a record of acquired permissions from subscribers including when and where the consents were gathered. If a company is found in violation of CASL, the recipient of that email is able to sue the sender.

Here are all the CASL requirements:

  1. A company must provide identifying information: business name, postal address, and either a phone number or email address.
  2. The sender can only email people who have given either express or implied consent to receive emails.
  3. Records of consents, including date, manner, and location, must be kept.
  4. Contacts must be removed from mailing lists as soon as their consent expires.
  5. All corporate email messages must include an unsubscribe option, and unsubscribe requests must be honored within 10 business days.

Final Thoughts

The last thing you want to deal with is the potential fines your business can face by failing to follow the compliance terms of anti-spam and data protection laws like the CAN-SPAM Act, GDPR, and CASL.

The bright side to all of this is that compliance ensures that your marketers and sales reps can focus on content creation and outreach that will result in higher response and engagement rates.

By following these guidelines, your team will be able to reach people who are actually interested in your company’s mission. By honing in on the value created by trusted relationships with your recipients, you increase your chances of making a sale or securing a devoted follower of your brand.


Kathleen Thieme contributed to this blog.

To learn more about the basics of email marketing, download A Beginner’s Guide to Email Marketing by Mirabel’s Marketing Manager. Click on the button below to download your copy:


Watch an overview to learn how B2B marketing automation by Mirabel Technologies can help you increase traffic, optimize your funnel, drive more leads, improve conversions, and boost ROI — at a price you can afford!

A Beginner’s Guide to Email Marketing

A free white paper with tips and best practices to help make your email marketing efforts successful

Download it now

Ready to close more deals with less effort?

Try the Marketing Manager FREE for one month.

Request Free Trial