Ignoring Anti-Spam Laws Is Risky Business

Signed into law by President Bush in December 2003, the CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) recently has been invoked in several federal and state actions brought against businesses employing commercial e-mail advertising. As these cases illustrate, the CAN-SPAM Act carries potentially serious pitfalls for businesses - including telecommunications providers and agents - that advertise products or services through e-mail. Heightening this concern is the expanding role of e-mail in today’s business markets.

The CAN-SPAM Act, which took effect Jan.1, applies to e-mail messages whose primary purpose is to advertise or promote a commercial product or service. CAN-SPAM clearly covers unsolicited e-mails containing pure commercial advertising. The act would not apply to e-mails that are personal and non-commercial in nature.

However, a gray area exists with respect to e-mails which contain elements of both. The scope of the CAN-SPAM Act is not limited to large “bulk emailers.” In fact, any telecommunications company or agent that uses e-mail to directly or indirectly market its services or products risks violating the law unless it follows the proper procedures.

The following is a brief overview of some recent proceedings as well as an overview of the general requirements of the CAN-SPAM Act.

Federal Trade Commission.

In April, the Federal Trade Commission filed separate complaints against two companies, purveyors of diet patches, for violation of the CAN-SPAM Act. According to the actions, the FTC has received nearly 1 million complaints of illegal ‘spam’ connected to the two companies since Jan. 1. The companies are being held in violation of the CAN-SPAM Act for allegedly failing to include an ‘opt-out’ provision and obscuring their identity by using innocent third party e-mail addresses for reply address. Under the CAN-SPAM Act, each company could be forced to pay up to $2 million in fines with individuals facing up to five years imprisonment.

New York.

On July 19, the New York Attorney General’s office settled a lawsuit against a Colorado-based e-mail marketing company for $50,000. According to the Attorney General’s office, the company had sent thousands of unsolicited commercial e-mails which used subject lines and e-mail addresses that were misleading to recipients. The company has agreed to provide the Attorney General’s office with customer information and all advertisements (i.e. commercial e-mails) that the company sends in the future as well as comply with the terms of the CAN-SPAM Act.

Massachusetts.

The Massachusetts Attorney General’s office is proceeding with an enforcement action against a Florida-based e-mail advertiser of mortgage broker services. A hearing was held July 21 to determine whether a preliminary injunction was warranted. Allegedly, the defendant in the case had sent unsolicited commercial e-mails to consumers while failing to provide the required opt-out provision, failing to identify messages as advertisements, failing to use a functioning e-mail address to receive consumer replies, and failing to supply consumers with a valid physical postal address for the company. Under the CAN-SPAM Act, the company could be assessed penalties of $250 per violation (up to a maximum of $2 million).

COMPLYING WITH THE ACT

While the CAN-SPAM Act does not prohibit commercial e-mail entirely, it sets forth rules governing acceptable forms of such e-mail and makes illegal many techniques commonly used by bulk e-mail advertisers. Senders of e-mail that could be considered unlawful ‘spam’ under the act should know the applicable rules and ensure that their methods of sending e-mails comply with the act’s requirements.

All commercial e-mails must, at a minimum, comply with the following:

Provide clear identification that the message is an advertisement or solicitation (unless the recipient previously has given affirmative consent to receive the e-mail).

Provide a clear notice of the method by which recipients can “opt-out” of receiving further messages from the sender.

Provide a functioning return e-mail address or other Internet-based mechanism through which an e-mail recipient may indicate their desire not to receive further e-mails. This e-mail address or other Internet-based mechanism must remain functional for at least 30 days after the original message is sent.

Provide a valid physical postal address for the sender.

The CAN-SPAM Act also prohibits the use of false or misleading transmission information which includes failure to include accurate identification of the computer used to initiate the email including the use of misleading or deceptive headers. Likewise, the use of deceptive subject headings is barred by the CAN-SPAM Act.

Additionally, senders of e-mail must comply with a recipient”s request not to receive commercial e-mails within 10 business days. It is not a defense under the CAN-SPAM Act for a business to advertise its services through illegal spam sent by a third-party because the act holds businesses knew, or should have known, their services were being promoted through illegal spam.

The CAN-SPAM Act excludes e-mail messages that are considered ‘transactional’ or ‘relationship’ messages. Examples include e-mail communications whose primary purpose is to facilitate, complete or confirm a commercial transaction; provide warranty or product recall information, or safety or security information; or deliver goods and services, including product updates or upgrades.

The CAN-SPAM Act preempts or supersedes most state anti-spam laws. Most of the act’s provisions will be enforced by the FTC and states’ Attorneys General although the FCC is authorized to enforce the act with respect to telecommunications providers subject to its jurisdiction.

The requirements of the CAN-SPAM Act can be complex when applied to real-world situations, and penalties for even unintentional violations can be severe. Thus, telecommunications businesses advertising their services through e-mail should ensure that all e-mail communications are in compliance with the CAN-SPAM Act. Moreover, the CAN-SPAM Act allows a court to consider whether a business had adopted a policy designed to ensure compliance. We strongly suggest legal compliance audits (assessing existing e-mail marketing guidelines, procedures and templates) and the adoption of policies and procedures designed to avoid liability under the CAN-SPAM Act.

Gregory E. Kunkle, Esq. and Thomas K. Crowe, Esq. are Washington, D.C.-based attorneys specializing in communications legal/regulatory matters. They can be reached at +1 202 263 3640, via email at [email protected].