Skip to main content

Keeping Your Email Marketing Legit


There’s a big difference between sending out an individual email through Gmail or Outlook and sending out mass marketing emails on behalf of a business. There may be a similar experience for the end user, but there’s a wide range of legality and ethical nuances for organizations.

As with all things legal and ethical, this gets complicated quickly. Because this is tied to an evolving technology, these details will continue to change and shift over time.

This is an effort to help you and your company keep updated with why and how to send more legitimate email marketing campaigns. Let’s dive in.

Why you should care

As long as there is email marketing, there will be spam. That’s a fact of life. So caring about doing email marketing the right way matters. These are a few reasons why it’s worth your time following the rules and best practices.

  • Legality. There are laws in place that regulate sending mass emails. (We’ll get into the details of what those laws say later in this post.) Breaking them comes with real consequences. You don’t want to be blacklisted or fined. 
  • Deliverability. Sending email the right way increases the likelihood that someone will actually get and read your email. Basically, don’t get caught in spam filters.
  • User Experience. You want people to actually read and act on your emails—not just mark them as spam or ignore them.

About the CAN-SPAM Act

The primary legislation controlling sending out corporate emails in the United States is the CAN-SPAM Act. It’s a complex law, but here are some of the basics.

  • CAN-SPAM is a backronym which stands for The Controlling the Assault of Non-Solicited Pornography And Marketing Act.
  • Signed into law by President Bush in 2003 as a response to the high levels of unwanted and sexually explicit emails being sent in the early 2000s.
  • It’s enforced by the Federal Trade Commission (FTC).
  • Sending out emails in violation is a misdemeanor. Violation is subject to penalties of up to $16,000 per non-compliant email sent.
  • However, it doesn’t outright ban spam. Just imposes laws to limit deceptive marketing methods. The name is mocked because it means you “can spam” people. We’ll get more into its shortcomings down below.

8 basic tenets of CAN-SPAM

Now that you know some of the basics and context surrounding CAN-SPAM, what does it actually say? How does it actually impact email marketing? Here are a handful of the guidelines that your company will need to follow to stay legally compliant.

  1. No misleading header info. “From,” “To,” and “Reply-To,” information must be accurate and identify who sent the message.
  2. Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message.
  3. Tell recipients where you’re located. Your message must include a valid physical postal address. Most email platforms require this for you to stay compliant.
  4. Give people the ability to opt-out. You must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future.
  5. Honor opt-out requests promptly. Stop sending emails to contacts who have unsubscribed within 10 days. Most platforms enforce this almost immediately.
  6. Identify unsolicited emails as an ad. The law gives you leeway in how to do this, but you must disclose clearly that your message is an advertisement.
  7. Don’t scrape emails. This is considered an aggravating factor. However, some other forms of email harvesting or list buying are still legal. However, that’s still unethical.
  8. Monitor what others are doing for you. Even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law.

5 shortcomings of CAN-SPAM

Things have changed since this legislation was passed back in 2003, but even then the law was viewed as too limited. Here are a few of the most common complaints about the CAN-SPAM act and how it doesn’t do enough to address bad email practices.

  1. Too many loopholes. The act fails to prohibit most types of email spam. The content may not be as egregious, but companies can still blast you with unwanted emails.
  2. Doesn’t require permission. Email senders don’t actually have to get permission to add contacts to their email lists. This goes against the main tenant of permission marketing
  3. Doesn’t allow for redress. People who receive spam can’t sue companies.
  4. Barely enforced. In 2004, less than 1% of spam complied with the CAN-SPAM Act.
  5. Overrules state legislation. The federal law prevents states (like California) from enforcing stricter legislation around emails. It’s good to have a consistent national guideline, but it’s been overly limiting for states that want these rules to be stricter.

Other relevant legislation

CAN-SPAM is not the only legislation that regulates digital privacy and email marketing. There are two primary other laws that are worth knowing about as marketers: GDPR and CCPA.

What is GDPR?

  • GDPR stands for General Data Protection Regulation
  • It was published in 2016 & implemented in 2018.
  • Replaced the Data Protection Directive of 1992.
  • Applies to all European Union members, and any company interacting with an EU user.
  • The goal was to give individuals more control over their data and simplify regulations with one consistent guideline for the entire Union.

How does GDPR apply to email?

  • Audit your email list to check for anyone who resides in an EU-member country.
  • It’s notably stricter than CAN-SPAM.
  • Companies must get “freely given, specific, informed, and unambiguous” consent before sending emails. And they must also keep a record of that consent.
  • Reports so far have shown that these regulations have helped to increase average open & click rates. You can read more about this affects your email marketing.

What is CCPA?

  • CCPA stands for the California Consumer Privacy Act.
  • Passed in June 2018. Effective in January 2020.
  • It’s similar to many of the provisions in the GDPR, but more narrowly defined.
  • Applies to for-profit businesses with revenues over $25 million, use data for more than 50K households, & earn more than 50% of revenue from selling data.
  • The law carries penalties up to $7,500 per violation.
  • California residents can sue for infractions.

How does CCPA apply to email?

  • Because of CAN-SPAM, the law can’t require consent to collect data, it just allows the consumers to opt-out.
  • Companies must give a notice before an individual’s data is sold— so there’s more transparency in the process.
  • Consumers can also request that their data be deleted.
  • This doesn’t impact all businesses yet. However, it could slowly be expanded to begin including more.
  • Read more about CCPA.

How to have more ethical email marketing

Staying legal with email marketing isn’t enough. Laws don’t regulate everything—email inboxes filter out spam, and users stop engaging with unwanted emails. If you really want to succeed with email marketing, your business needs to also be ethical and follow some best practices.

  • Be ethical, not just compliant. Don’t just do the bare minimum. Make the extra effort to be ethical.
  • Don’t blast people. Change your vocabulary to remove that term. Blasting is not a good approach to take.
  • Use an email marketing platform. These services monitor most of these regulations so they can stay in compliance. Like Active Campaign, Mailchimp, or Hubspot.
  • Test emails for spamminess. Use a tool like Mail Tester to see your spam level.
  • Don’t buy email lists. Scraped email lists are illegal. Purchased or harvested lists aren’t.
  • Get permission to send emails. CAN-SPAM doesn’t require permission. Most email inboxes do—and they filter out spam.
  • Send relevant, valuable content. Create your emails with your audience in mind. Send them stuff they care about.
  • Watch your churn rate. Keep an eye on unsubscribes, bounces, and marked as spam numbers.

At GreenMellen, our goal is to build a brighter web. That includes using more ethical marketing practices to give everyone a more positive digital experience. We can even help your business with email marketing strategy or execution

We recently hosted a free meetup to discuss email marketing best practices. You can download the slides from that presentation or check out future topics for our monthly gathering.

About the Author

Robert Carnes

Marketing Manager

Robert Carnes is a freelance writer, published author, and professional marketer. His book, The Story Cycle, is your business's guide to becoming a better marketer. Robert lives in Atlanta and you can follow him on social media @jamrobcar.

View Robert's Profile

More from Our Blog

Switching Your Website Data From Google Analytics 4 to Fathom

There are many options when considering which platform to track your website’s analytics. Google Analytics is an option most of our clients use and many…

Read More
macbook pro on brown table

Common Marketing Problem: Unclear and Inconsistent Value to our Audience

Tell us if this sounds familiar: you know what your business does, but you have difficulty explaining it to people. Friends at parties ask you…

Read More
photo of woman showing frustrations on her face

6 Advanced LinkedIn Features to Take Your Account To the Next Level

LinkedIn is a powerful social networking platform for business leaders because it is specifically for professionals. It should often be the first social account to…

Read More
smartphone with linkedin app