Spam, which accounts for 14.5 billion messages worldwide per day, is a constant nuisance for email users. But what exactly constitutes as spam? Though they may not have malintent, small business owners are recommended to brush up on their government’s email spam laws, ensuring their messages remain compliant as they are marketing-effective.
Below, we discuss spam regulations all small businesses must follow, according to CAN-SPAM, CASL, and GDPR laws.
Don’t mislead the recipient
First and foremost, never provide a misleading, false, or deceptive header. The same goes for subject lines.
According to the CAN-SPAM Act, the “From,” “To,” and “Reply-To” fields of your e-mail must accurately display your domain name and email address. Using any other name to “trick” the recipient into thinking the message has come from somewhere else is a blatant violation and can result in a fine.
When sending emails from your business, be sure to name your business or a specific representative. With subject lines, users must also take care in accurately representing the contents of their message. The recipient must know what to expect when opening your email, though a little creative leeway is provided.
Request consent before reaching out
Before sending out mass commercial messages, you must first request the consent of your recipients. This falls under both CASL and GDPR laws. “Commercial” content refers to any message promoting or advertising a specific product or service, including website content created for a commercial purpose.
Typically, businesses display sign-up forms on their websites for visitors interested in regular updates or promotion notifications. This allows them to collect the email addresses of loyal customers for future marketing purposes.
Offer an option to opt out
Along with the option to opt into mass-emails, customers must also be given the option to opt out.
According to the CAN-SPAM Act, messages must include crystal-clear instructions on how recipients can opt out of the company’s emails. Users must design their email in a way that is easy to read, recognize, and understand. Opt-out options can include providing a return email address (where recipients can communicate their choice), an interactive menu, or a button to “unsubscribe” at the end of the email. Make sure your “spam” filter doesn’t block out these requests.
Additionally, such requests must be honored within 10 business days. Charging fees, requesting private information (beyond an email address), or requiring the recipient to take other unnecessary steps as a condition for opting out (other than sending a reply email or visiting a single internet page) are prohibited.
Recipients must know who you are, what you intend to do, and where you’re located.
Under the CAN-SPAM Act, businesses must provide a valid physical postal address within their emails. This can be your street address, a post office box registered with the US Postal Service, or a private mailbox.
In the case of data breaches, recipients must be promptly informed. According to GDPR laws, consumers whose data you’ve collected have a right to know of any data breach as they occur, and they must be informed within 72 hours of you learning about the breach.
Hold those who manage your campaigns accountable
Finally, businesses are still held accountable for any illegal practices or errors made within their email campaigns, even if such tasks have been delegated to third parties. Ensure all your vendors comply with all anti-spam laws to avoid any hefty fines, as any emails sent on behalf of your company will still hold your business legally responsible.
In some cases, the contractor or agency actually sending the message may be fined as well.
Educating yourself and your workers on proper email practices can help keep your business safe from legal and financial trouble. However, companies must also beware of those with criminal intent and purposefully evade anti-spam laws to breach your private information.
To keep you and your workers safe, Netcom Solutions offers the latest cybersecurity solutions, protecting you and your private data with comprehensive assessments, network analysis, and threat prevention methods. Read our free eBook: 3 Types of cybersecurity solutions you need, which presents actionable recommendations on improving your security practices. You can also contact our experts today.