So you are finally listening to the advice of your marketing guru, agency, etc. and are sending out an email newsletter on a regular schedule (monthly, quarterly, etc.). Now for the big question...are you compliant? If you aren't following the basic guidelines from the Federal CAN-SPAM Act then you are putting your business and pocketbook at risk, to the tune of potentially $16,000 per violation.
What Is This CAN SPAM Thingy?
In 2003, George W. Bush signed into law the CAN-SPAM Act, which mandated national standards for the sending of commercial email to recipients. The Federal Trade Commission (FTC) is the enforcer of these rules. CAN-SPAM is short for Controlling the Assault of Non-Solicited Pornography And Marketing. For the most part, this law has not been enforced as well as everyone had hoped it would. But this year, the new FTC Director of the Bureau of Consumer Trade has made it clear that they will start going after businesses who violate these rules. As you can see from her actions this year, it's high on her priority list. That, combined with Canada's new Anti-Spam Legislation for our friends in America's hat, means it's time to start paying attention to this.
Oh Crap! What Do I Need to be Doing?
Believe it or not, there is a pretty simple set of rules to follow. Here's what you need to do to ensure you are CAN-SPAM compliant:
- Do not send to anyone that has not expressly opted into your email marketing list. While the CAN-SPAM act says there are no restrictions against a company emailing a customer or anyone who has inquired about your products or services, it's a better policy to just ask for permission. In your online forms, it's as easy as adding a checkbox that says "Subscribe me to news and offers."
NOTE: If you are medical practice, not only are you responsible for CAN-SPAM compliance, but also HIPAA compliance. The penalties for HIPAA violations are stricter than in the CAN-SPAM. You cannot email patients without their express consent. - No harvesting emails! If you are thinking about buying an email list, the same rules apply. If they have not opted into being marketing to by you, you should not be sending to them.
- Make it easy to unsubscribe. Anything you send out needs to have clear instructions to unsubscribe and it needs to work! If someone does unsubscribe, you must remove them from your list within 10 business days. You must also list your postal address in the email so that if a subscriber chooses, they can write to you.
- Communicate relevant content. If you are a bike shop, you should be talking about bikes and related topics. Your subject line and From address should reflect that.
- Don't be deceptive. Your From, To, and Reply-To names must accurately reflect who you are and your business. Subject lines must reflect the content in your newsletter message.
- Be Responsible. Ultimately you are responsible for compliance, including actions taken by any 3rd party vendors you use. Even if they violate these rules while working for your, you are still at risk.
So What! I'm a Small Business and the Likelihood of Them Catching Me Is Slim
Not so fast. If you are reported to the FTC for non-compliance and they decide to follow up and investigate, penalties can be up to $16,000 on each email violation. That means every email address you improperly sent to can have its own separate penalty. It's also considered a misdemeanor in criminal court. Still think it's a good idea?
The bottom line is whether it's you or your vendor sending message on your behalf, it's worth a little due diligence to make sure you are doing it right. Make sure whomever is sending emails for your company (even if its your front office staff sending out to a group of 10 customers) is familiar with the CAN-SPAM laws and HIPAA guidelines if applicable.