Abstract
- Spam shift. The definition of email spam has evolved, and the anti-spam law CAN-SPAM is less relevant in today's environment.
- A new standard. Spam is now being effectively filtered, encouraging a shift towards higher standards set by mailbox providers.
- Legal delays. Anti-spam laws such as CAN-SPAM are becoming outdated as mailbox providers like Gmail and Yahoo set stricter rules.
The US anti-spam law, the Controlling Nonsolicited Pornography and Marketing Abuse Act (CAN-SPAM), was enacted in 2003. This was long before other countries enacted stronger anti-spam laws, such as Canada's CASL and the EU's GDPR, which set email marketing standards for multinational US brands.
But more importantly, CAN-SPAM was passed before mailbox providers had significantly increased their spam filtering capabilities and effectively eradicated traditional, bad spam.
Spam is almost entirely blocked before it reaches consumers' spam folders, let alone their inboxes, so consumers[スパムを報告]We were left not quite sure what to do with the button. Unless we ask that malicious messages from unknown senders be reported as spam, consumers will[スパムを報告]They began using the button to complain about other messages. For example, consumers used the button to filter out unwanted emails from brands they knew, even banning emails that the brands had given them permission to send.
Let's take a look at the anti-spam law, CAN-SPAM.
Of course, this is just one of the ways mailbox providers are taking the lead in fighting spam and establishing the rules of engagement for email marketers. For example, last month, in an unprecedented collaboration, Google and Yahoo released joint email standards for authentication, spam complaint rates and more, which will go into effect in February 2024.
Upon hearing the announcement, one of my colleagues asked, “I wonder what the FTC thinks about this?” Of course, mailbox providers, as private companies, are allowed to set higher standards. But when I thought about everything the big mailbox providers have done up until now, another question came to mind: Does CAN-SPAM no longer make sense?
Let’s answer this question by looking at the basic principles of CAN-SPAM and what major inbox providers require of senders.
Related article: 7 Important Questions to Ask When Unsubscribing from Email
Anti-Spam Law: No Permission Needed
CAN-SPAM says senders can email anyone as long as they offer a way to opt out (more on this later). In contrast to opt-in marketing laws like CASL and GDPR, CAN-SPAM codifies opt-out marketing, which doesn't require the recipient's permission.
Mailbox providers say no. They don't require permission, but they do give users the ability to report a sender's email as spam. When a recipient does this, the email will stop reaching their inbox. And if enough recipients do this, email will stop reaching the inboxes the provider controls at all.
Gmail specifies in its email sending guidelines that senders should “aim to keep spam rates below 0.10%.” It goes on to say that senders should “avoid spam rates above 0.30%, especially over a period of time.” Yahoo says it will follow this same standard. This is the first time that a mailbox provider has specifically stated a complaint threshold that it doesn't want to exceed.
Related article: Gmail Promotions Tab: 10 Years of Email Marketing Myth
Offer an easy way to unsubscribe
CAN-SPAM requires senders to include an unsubscribe link in all promotional emails — that is, all emails that are not transactional in nature. It also requires that the unsubscribe process be simple and clear, and senders may not require additional information from people who want to unsubscribe.
For example, the law prohibits senders from requiring people to create an account or log in to unsubscribe, and it also prohibits senders from asking for recipients' names or email addresses, because this creates unnecessary burdens on consumers.
Mailbox providers say it should be even easier: In addition to offering report spam buttons (essentially a one-click instant unsubscribe), Gmail and Yahoo now require bulk senders to include list unsubscribe headers in their promotional emails. These headers appear as one-click unsubscribe links next to the sender's name in your inbox interface, and when you click the report spam link in Gmail and are asked if you want to unsubscribe. Just unsubscribe and report spam or report spam.
Thankfully, most email service providers enable list-unsubscribe headers by default, but senders who have disabled these headers will need to re-enable them, and ESPs should prevent these headers from being disabled in the future.
These native unsubscribe links, in addition to the ones brands should include in the footer of their emails, can link to an unsubscribe page or preference center to give subscribers more options than simply opting out.
Related article: 10 Common Email Marketing Mistakes You Can Easily Fix
Honor will unsubscribe immediately
CAN-SPAM says senders must honor unsubscribes within 10 business days. This part of the law has been misunderstood over the years. It doesn't mean senders can continue to email opted-out subscribers for up to 10 business days. However, some opt-out confirmation pages continue to state that they will honor my request within 10 days.
The spirit of CAN-SPAM has always been to process unsubscribes as quickly as possible. The 10-day provision only existed as an exception for highly distributed businesses. Think about it: an insurance company with many independent brokers and distributors. The provision gave them time to share unsubscribe requests across their network. Back in 2003, this could take a long time. Now? The time required is much less. Here's why…
Mailbox providers now require unsubscriptions to occur within two days. This is a new limit set by Gmail and Yahoo. There is no way to enforce this if the user opts out via an unsubscribe link in the email, but senders can see if they are unsubscribing promptly if the native subscribe links provided by list-unsubscribe are used. This will certainly be used as a metric to measure compliance with this obligation.
These are the three basic principles of CAN-SPAM, and each mailbox provider sets an even higher standard. So is CAN-SPAM meaningless?
No. It does mean something, but unfortunately it means something bad. Let me explain. The problem with CAN-SPAM is not that it means very little, but that a significant number of people believe it means a lot.
Unfortunately, many organizations start by looking at what's legal and then pretty much stop there. For these organizations, CAN-SPAM gives them completely false expectations about how to gain consumer support and maintain the trust of mailbox providers that is essential to the success of email marketing. It's time for this dinosaur law to go extinct.
Related article: 5 Biggest Changes in Email Marketing in 10 Years
Asteroid approach
The good news is that the anti-spam law CAN-SPAM is due to expire soon. Starting with California's CCPA, a growing number of states are enacting their own privacy laws to fill the void left by the lack of a strong national standard. According to the International Association of Privacy Professionals' U.S. State Privacy Law Tracker, 12 states have already signed privacy laws, with more expected to do so in the coming months.
Ultimately, with so many states passing their own laws with different requirements, complying with them all would be too cumbersome, and national chains would push for new federal standards, which could lead to legislation similar to GDPR that addresses both privacy and anti-spam across channels.
That said, given historic levels of dysfunction and gridlock in Washington, this asteroid may be years away. In the meantime, marketers should keep a close eye on their mailbox providers, as they are the ones currently really setting the rules and leading the way when it comes to email marketing standards.
Learn how to join our community of contributors.
