Anti-Spam Regulations in 2020: Do You Comply?
Dealing with laws and regulations is an inevitable reality for any business. Although the variety of anti-spam laws that differ for every country might feel discouraging at first, if you are a legitimate company and a legitimate sender, you probably don’t have to worry about it much. Nevertheless, it is always better to be fluent in anti-spam laws and regulations.
Every anti-spam law is created to fight spammers and restrict them from sending unsolicited emails. So, it all boils down to this: if a person sends emails to people who did not agree to receive messages from them, it makes them a spammer, and their messages – spam email.
Note, that this article is an overview of anti-spam laws and regulations. If you need legal advice contact a legal counsel.
Get Familiar with Basic Terms
Before looking into laws for different countries, let’s briefly go through a necessary vocabulary.
There are two ways of getting a consent: opt-in method and opt-out method.
The opt-in method requires a recipient to confirm his consent with a specific action, usually – by subscribing to your emails
- Single opt-in. The subscription process that only takes one step to sign up to the company’s emails by entering an email address in the provided field.
- Double opt-in. The two-step subscription method where after entering an email address, a person has to verify the consent to receive messages, usually by responding to the confirmation letter sent to them.
The opt-out method suggests that the recipient agreed to receive emails from you until he decides otherwise (unsubscribes).
Explicit consent is a direct way of asking for an email address for email marketing purposes.
Implicit consent implies that when a customer provides you with their email address (for example, after purchasing from you), they automatically agree to receive promotional emails from your company.
Anti-Spam Laws and Regulations by Country
Of course, every country has its own laws and regulations regarding spam emails. Let’s take a look at some of them.
US: CAN-SPAM Act stands for Controlling the Assault of Non-Solicited Pornography And Marketing. Unlike European anti-spam laws, it allows using the opt-out method without prior consent to receive marketing emails. However, take into account that particular regulations also may differ from state to state.
The main rules you must follow are:
- State clearly that the message is an ad;
- Provide accurate header information (From, To, Reply-to);
- Write a clear and relevant subject line;
- Provide a simple way to unsubscribe from your emails.
Fines are up to $16,000 per email that violates regulations. Note, that according to the law, both the company that sent emails and the company whose product was advertised will be held responsible.
You can find more information about Can-Spam on the website of the Federal Trade Commission.
Canada: CASL or Canada-Anti-Spam-Legislation.
- Explicit consent (single or double opt-in);
- Accurate information about the sender and it’s contact info;
- A simple way to opt-out.
Note, that according to Canada’s anti-spam law, if you are not a Canadian citizen, but you contact people within the country, you would also be held responsible for violating anti-spam regulations. And the fines are up to $1 million for individuals and up to $10 million for businesses.
CASL guidelines and regulations are listed on the website of Canadian Radio-television and Telecommunications Commission.
EU: GDPR or General Data-Protection Regulation.
European anti-spam laws differ from country to country, including those who are a part of the EU. But the guidelines to abide by for EU members are written in the GDPR. It looks a little different since it concerns many countries, and each may adjust aspects of the regulations. However, there are general requirements:
- Opt-in is necessary, and it must be “freely given, specific, informed and unambiguous”;
- All consent information must be recorded;
- The sender must provide the correct sender’s information and contacts;
- Easy way to unsubscribe.
Fines for violators also depend on the country, so make sure you comply with a particular region you send emails to. Full official legal GDPR text can be found here.
Australia: The Spam Act
According to this act, you must have:
- Opt-in approach;
- Information about an individual or a company that sends emails;
- Working unsubscribe option.
You are not allowed to harvest email addresses, and if you purchase an email list, it is still necessary to use the opt-in method before sending emails to recipients.
Read the spam act in the Federal Register of Legislation.
UK: Data Protection Act and DECR
- The opt-in method, with allowed pre-checked boxes;
- Info and contact details about the sender;
- Clear, simple and not malfunctioning unsubscribe option.
It is important to remember that according to UK’s legislation, breaching the law will not only make you pay up to £5,000, but it is also a criminal offense!
Read the full text of Privacy and Electronic Communications (EC Directive) Regulations.
Regulations and Email Deliverability
There are arguably government practices that restrict your business from achieving better results but email marketing is not one of them. Apart from serious legal issues you might get yourself into, there are also significant consequences for your email deliverability. On the other hand, following the letter of the law and best practices will bear good fruit for your email marketing campaign and your business as a whole.
Opt-in and Deliverability
There is only one way this works: if the person is not interested in receiving marketing messages from you, they will not opt-in. By choosing to send emails to them nonetheless (be it through a purchased email list, by scraping or harvesting email addresses) you are not gaining any profit. Not only will open and click-through rates be extremely low, but you will also get a bouquet of spam complaints, hard bounces, and even spam traps.
Should I choose single or double opt-in?
As I mentioned at the beginning of the article, single opt-in is a one-step sign-up process, while double opt-in requires a second, confirmation step. I always recommend using the double opt-in process and here’s why.
Single opt-in is easier and quicker for a potential customer to do. This type of sign-up process allows you to grow your email list a lot faster than a double opt-in, but it is also a case of quantity vs quality. Since single opt-in doesn’t require any email address confirmation, you can get a lot of misspelled addresses, names that don’t exist, mailbox addresses people don’t actually use (or use exactly for subscriptions they never check on).
Another very real problem with single opt-in is bots. Maybe you have heard about ‘list bomb’ or ‘signup bomb’. Basically, a bot finds your single opt-in subscription form and signs up to it thousands of times, filling your email list with fake addresses. When you send out your next email campaign, you get hard bounces, spam folder placement, and even blocking. In other words, your deliverability will suffer.
Double opt-in, on the other hand, eliminates most of these problems. Although some argue that this process takes longer to accomplish and not all people would get to the finish line, I stand by my words and experience: it is still much better in the long run. Your email list will grow slower, but you will have legitimate addresses since email names with typos and misspellings can not pass the confirmation process.
Another advantage of a double opt-in is engagement from the first email. Since to confirm subscription the recipient has to open your email and click on a link in it, your domain reputation for this particular mailbox will already be higher, and it gives you better chances of getting into their inbox afterward.
Opt-out and Deliverability
The same logic follows the process of opting-out. Never feel bad about someone unsubscribing from your newsletter, because your ultimate goal is creating the list with people who want to receive your emails, who like them, and see value in them. You have probably noticed that all anti-spam laws listed above emphasize the necessity of adding a clear and simple way to unsubscribe. What will happen if you don’t comply (apart from substantial penalties)? Skyrocketing complaint rates, since filing a complaint is the next logical step for a recipient who has no opportunity to unsubscribe from emails he doesn’t want to receive anymore. High complaint rates impact your sender’s reputation, and, consequently, lower the deliverability.
Following strict anti-spam laws might look intimidating, but in reality, if you are a legitimate sender, there’s not much to worry about.
Although there are different acts and regulations in different countries, they all have common practices: opt-in process (except Can-Spam), quick and simple way to opt-out, providing the information about a sender.
Be it US, Canadian or EU anti-spam laws and regulations, these rules affect not only your financial well-being (each violation involves substantial fines) but also your deliverability. Increase in hard bounces, spam folder placement, complaint rates, and decrease in open rates click-through rates and overall sender’s reputation are all consequences of ignoring anti-spam laws.
Be sure to educate yourself on the legislation of the country you are operating in (or sending emails to):
United States: CAN-SPAM Act
European Union: GDPR
United Kingdom: Privacy and Electronic Communications (EC Directive) Regulations
Australia: The Spam Act