CAN-SPAM (Controlling the Assault of Non-Solicited Pornography And Marketing Act) is the US federal law passed in 2003 that establishes baseline requirements for all commercial email sent to recipients in the United States. Unlike Canada's CASL, CAN-SPAM operates on an opt-out model: you may legally send the first commercial email to a recipient without prior consent, provided the message complies with all the law's requirements and any unsubscribe request is honored immediately. The six CAN-SPAM requirements are: accurate header information (From, To, and Reply-To must identify the actual sender); non-deceptive subject lines; disclosure that the message is an advertisement when applicable; a physical mailing address of the sender; a clear and easy opt-out mechanism; and honoring opt-out requests within 10 business days. Each email that violates these rules carries a potential civil penalty of up to $51,744. The FTC and individual state attorneys general share enforcement authority.
Glossary entry
