Tuesday, August 14, 2012

Working with CAN-SPAM and the Canadian Privacy Act

The CAN-SPAM Act in the US was created over eight years ago in response to the increasing amount of email spam that people were receiving in their inboxes. However, in spite of the efforts of the government and lawmakers to make it easily understood for everyone, there still is confusion over what exactly does the CAN-SPAM Act does or doesn’t do. 

The US CAN-SPAM Act was created to stem the flow of unsolicited bulk email or spam as a form of commercial advertising, thereby trying to prevent the abuse of email addresses by shady online marketers.  Congress passed the law in 2003 after much debate, becoming effective on January 1, 2004.

In creating the law, Congress has set out basic guidelines for email marketers to follow:

1.       Email marketers should not mislead recipients as to the source or content an email

2.       People should be allowed to decline or unsubscribe from any email message from any source.

However, the CAN-SPAM Act does not restrict any business from sending an unsolicited email to another company for business purposes. However, it does mention that if a person wants to opt-out of receiving emails from a particular company, the business must comply.  Other guidelines are:

·         Any unsolicited messages must not have misleading subject headings.

·         All emails must have an unsubscribe or opt-out link that is valid for 30 days after the email is sent. If the receiver wants to opt-out, you have 10 days to comply with that demand.

·         All ads must be identified as commercial advertisements in the email.

·         Every advertising email that you send out, must have a physical mailing address clearly marked in the email.

·         You cannot sell or share email addresses of people who have unsubscribed from your list.

In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) governs email marketing practices in the country.  Enacted in 2004, the PIPEDA is different from the CAN-SPAM act in that it governs how personal information is distributed and managed online.  In brief, it states that:

·         Emails marketers must obtain permission from the recipient when collecting their personal information and must be kept secure once collected. 

·         Any data collected cannot be shared or sold to another party without express permission of the recipient.

·         A double-opt in signup method is required for Canadian residents. 

·         You are liable for any data collected and stored. If there is a data breach, you will be at risk for any damages occurred. 

·         Like the CAN-SPAM act, you must have an unsubscribe link in your email clearly indicated. 

For the typical B2B marketer, these regulations were not meant to be present a challenge. The purpose of both the CAN-SPAM and PIPEDA was to protect the consumer from any scams or phishing attacks that are commonly found in B2C campaigns.  As long as marketers observe the regulations set out by both countries, there should be no problem in sending out emails.