|
BUSINESS ALERT
What you should know about the Federal Anti-Spam Law |
The Can-Spam ("Controlling the Assault of Non-Solicited Pornography and Marketing") Act of 2003 (the "Act"), which was signed into law on December 16, 2003, effective January 1, 2004, attempts to regulate unsolicited commercial emails ("Emails"). The Act specifically supersedes all state laws which regulate Emails. This Article provides an overview of the Act's major provisions.
Summary of the Act. The Act requires Emails to be labeled as such and to include an opt-out function, either in email form, or as a separate system, as well as a physical postal address. It prohibits Emails from using deceptive subject lines, headers or return addresses. It also makes it illegal to send Emails to harvested email addresses, as later defined. The Federal Trade Commission (the "FTC"), state's attorneys and Internet Services Providers ("ISP") are the only parties who can initiate suits against alleged spammers. Individual citizens are not allowed to bring suit under the Act. Fines can reach $6,000,000 for the most egregious violations. The FTC is charged with devising a "Do-not-email" registry which would allow customers to opt out of receiving all commercial Emails. The Act also includes specific provisions with respect to Emails involving pornographic materials and the use of harvested emails.
The Act exempts specific types of commercial email from its regulations. Under the Act, "commercial electronic mail messages" do not include transactional or relationship messages. Generally, if the primary purpose of the commercial email is "to facilitate, complete, or confirm" a commercial transaction that the recipient has previously agreed to enter into with the sender or is to provide warranty or other safety-related information to the recipient, then the Email does not have to comply with the regulations set forth below. Additionally, Emails which provide notice of change of terms, notification of a change in the recipient's standing or periodic account update information, do not have to comply with the Act.
Specific Provisions of the Act.
Section 5 is the crux of the Act. It states generally that:
Transmission Information: Subsection (a)(1) prohibits sending Email with materially false information in the header including incorrect originating Email addresses, domains or internet protocols. Also, any knowing use of a computer to disguise the Email's origin constitutes materially false information for purposes of this subsection.
Subject Headings: Subsection (a)(2) prohibits the use of false or deceptive subject headings, as defined as those that the sender would have actual or implied knowledge that such would mislead the recipient.
Return Address: Subsection (a)(3) states that the Email must contain a functioning return address or other internet-based mechanism (e.g., double opt-in opt-out system), that is clearly and conspicuously displayed in the Email, to which a recipient can submit a reply requesting not to receive future Emails and such mechanism must remain capable of accepting submissions for at least thirty (30) days from the time of receipt of the recipient's opt-out email. The sender may elect to provide a menu from which recipient may choose specific types of Email to receive or not to receive, so long as the list contains an opt-out option for all future Emails. Technical problems which unexpectedly cause the return email system to function improperly do not fail to satisfy these provisions so long as it is corrected within a reasonable time.
Opt-out: Subsection (a)(4) states that if the opt-out mechanism is selected by a recipient, then sender may not send Emails to that recipient of the kind opted out of, after 10 days from receipt of the opt-out request. Sender may not transfer the email address to any third party for any purpose other than compliance with the Act. (These prohibitions do not apply if the Recipient consents under the earlier Sections of the Act to the receipt of certain or all of the Emails.)
Emails must contain: 1. Clear and conspicuous identification that Email is of commercial nature or solicitation (not applicable if recipient previously gave consent to receipt of Email); 2. Notice of opportunity under Section 5(a)(3) to opt-out; and 3. a valid physical postal address of sender.
(This article does not discuss the issue of sending sexually explicit emails which would come under the Act, nor does it address the issue of harvesting. "Harvesting" is the process of logging onto chat rooms, message boards and other internet- related areas and collecting, by automated means, the email addresses of individuals who are also in those areas.)
Section 6 of the Act deals with the knowing promotion of a business by use of Email with false or misleading transmission information. This Section prohibits a person from promoting a trade or business or sale of products through the use of Emails in violation of Section 5(a)(1), where that person knows or should know, through the ordinary course of the business, that the business was promoted through those means, received an economic benefit from the promotion and took no reasonable action to prevent the transmission or to detect it and report to it to the FTC.
Section 7 deals with enforcement of the Act. First, violation of the Act is considered an unfair or deceptive act as defined by the FTC. Thus, the FTC is the primary body charged with the enforcement of this Act. Depending on the sending party's business (e.g., insurance, banking, credit unions, broker or dealer, investment companies, investment advisers, air carrier, agriculture businesses, and generally, any person subject to the Act by the Federal Communication Commission), other agencies are charged with enforcement as well. Similarly, states are given power to enforce this Act as well under Section 7(f). Damages can be awarded if an individual or business is found to be in violation of the Act. The amount is determined primarily by multiplying the number of violations (each separate Email constitutes one violation) by $250.00 with a ceiling at $2,000,000.00, or, in aggravated circumstances, $6,000,000.00. Aggravated damages will usually attach if the defendant is found to be acting willfully.
An ISP may also bring an action to enjoin a defendant or recover damages. The Damages under this section can be awarded up to $1,000,000 or, if the defendant is found to have willfully violated the Act, up to $3,000,000.
Finally, Section 9 of the Act gives Congress the ability to establish a "Do-not-email" registry. There is no timetable on completion or implementation of this registry, other than that it shall not be prior to September 16, 2004.
THESE COMMENTS ARE MEANT TO PROVIDE GENERAL INFORMATION AND NOT LEGAL ADVICE. AS SUCH THE COMMENTS SHOULD NOT BE APPLIED TO ANY SPECIFIC SITUATION WITHOUT CONSULTING AN ATTORNEY. IF YOU HAVE ANY QUESTIONS ABOUT ANY ISSUES CONTAINED IN THIS EDITION OF THE BUSINESS ALERT OR ANY OTHER ISSUES, PLEASE EMAIL US OR CONTACT JOANNE F. HURLEY AT (708) 848-0800.