FTC Issues Updated CAN-SPAM Rules
Posted by Benjamin Dona on Friday, June 13th, 2008 at 5:31pm.
We ran across this item the other day in the NAR Newsletter and thought a synopsis might be helpful. A link to the actual Final Rule is provided below. The Federal Trade Commission has revised its rules implementing the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM). Can-Spam regulates commercial emails and since its enactment in 2005, has clarified what qualifies as a commercial email subject to the Acts requirements.
The revisions to the rules help in part to clarify the following four items:
- What constitutes an acceptable method for opting out of future emails;
- Revised definition of "sender," clarifying to whom the rules apply when the email contains multiple advertisements;
- Clarification of what constitutes a valid address for CAN-SPAM compliance;
- Clarification on the definition of "person."
The CAN-SPAM rules were enacted to regulate commercial emails only. They do not cover information messages (i.e. newsletters) unless the newsletter or message contains advertisements. Under their guidelines, all commercial email messages must contain:
- A legitimate return email and a physical postal address.
- A clear and conspicuous notice of the recipient's opportunity to "opt-out," or decline to receive any future messages.
- An opt out mechanism active for at least 30 days after message transmission and all opt out requests must be honored within ten days.
- A clear and conspicuous notice that the message is an advertisement or solicitation.
New Rule Clarifications
New "Opt Out" Requirements
A sender cannot condition the processing of an opt out on the payment of a fee or require that the person provide personal information, other than an email address, when making the opt out request. Senders must allow recipients the ability to opt out by:
- Either sending a return email with the opt out request; or
- Allow individuals to request through a website page where the individuals will use their email address.
Therefore, senders cannot require recipients to log-in into a password protected site in order to opt out or require that individuals provide any personal information except an email address in order to have their to opt out request processed by the sender.
New "Sender" Definition
CAN-SPAM defines the sender as the person who "initiates" the message and "whose product, service, or website is advertised or promoted by the message." The party who is deemed the "sender" of the multiple message email will be responsible for honoring all of the opt out requests received. When more than one company's product is promoted in an email, each one will be deemed the sender unless a single company:
- Is covered by the definition of "sender" within CAN-SPAM;
- Is identified in the "from" line as the sole sender of the message; and
- Is in compliance with the other requirements of CAN-SPAM.
New "Valid Postal Address" Requirement
The FTC has also modified the definition of a valid physical postal address. Formerly, the definition required senders to include an actual street address in their commercial emails. The new rules have broadened that definition to now include "the sender's actual current street address, a Post Office box the sender has accurately registered with the United States Postal Service, or a private mailbox the sender has accurately registered with a commercial mail agency that is established pursuant to United States Postal Service regulations."
New Clarification of Definition of "Person"
The new rules have also broadened this definition to make it clear that the requirement covers not only natural entities but also entities like corporations and nonprofit associations. The new definition of a person is "an individual, group, unincorporated association, limited or general partnership, corporation, or other business entity."
The new rules will take effect on July 7, 2008. And, since CAN-SPAM does not contain a private right of action for consumers, the law is enforced by Federal Agencies and State Attorneys General. Internet Service Providers may also bring lawsuits against violators. The rules allow for recoverable damages of $250 per message which violates the Act (up to $2 million total) and treble damages are available for willful violations. Can-Spam Final Rule
|Share Our Post:|
Be the first to comment on this blog entry!