CanSpam Laws & How easy it is to violate them
I truly love Spam! Fried in a skillet, on bread with mustard makes a tasty but unhealthy meal! But that’s not what I want to talk about. I’m talking about the other SPAM. Unwanted marketing emails we all get every day.
What makes this discussion so important is SPAM is excluded under both Coverage A (Bodily Injury & Property Damage) and Coverage B (Personal & Advertising Injury) of the Commercial General Liability Forms. I’m currently writing a book incorporating my experience and expertise into a work to serve as a textbook of sorts of how to design insurance and risk management programs for commercial enterprises.
I semi-retired from active underwriting a little over a year ago and started my own consulting and continuing education company. Part of my marketing plan consists of using electronic communications to reach potential customers about what I have to offer. Just like every other commercial enterprise, my general liability policy excludes coverage for violating SPAM laws. In order to avoid potential retirement ending law suit, I decided to research the whole issues surrounding the SPAM exclusion.
If one reads the exclusion, you will find out SPAM is not defined within the exclusion or any other part of the policy. The exclusion picks out statutes governing SPAM (and other forms of communication) and let the statutes do the excluding. What does this mean? It means what ever is illegal under the statutes is excluded under the general liability. Therefore, it stands to reason, in order to provide good advice to our clients we need to understand the statutes.
What Does CAN SPAM govern?
The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations. Popular thought thinks of SPAM as bulk emails. However, nothing could be further from the truth. The act addresses all commercial messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” including email that promotes content on commercial websites. The law makes no exception for business-to-business email. That means all email! It could even be a single email! Each separate email violation is subject to a penalty of up to $42,530 per communication. That means if a business sends even a single email in violation it could be very costly!
The CAN SPAM Act addresses emails with commercial content and differentiates them with email with transactional, relationship and other content, which is neither commercial nor transactional or relationship. Transactional and relationship content is content which facilitates an already agreed-upon transaction or updates a customer about an ongoing transaction. If the message contains only commercial content, its primary purpose is commercial, and it must comply with the requirements of CAN-SPAM.
The good news is complying with CAN SPAM requirements is relatively easy.
1. Don’t use false or misleading header information. Your commercial emails must identify clearly who and where they are coming from.
2. Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message. Using a subject line stating, “We have your return premium” to attract a prospects attention to offer a quote could be considered as misleading
3. Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement. Many states SPAM regulations require the subject line to include “ADV:” as the first 4 characters in the subject line.
4. Tell recipients where you’re located. You must include a valid physical postal address.
5. Tell recipients how to opt out of receiving future email from you. This can be through use of a toll-free phone number or email address with an understandable explanation of how the recipient can opt out of getting email from you in the future. Make sure your spam filter doesn’t block these opt-out requests or at least continuously check your junk mail folders.
6. Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a an opt-out request within 10 business days.
7. Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law.
As a side note, most state SPAM laws also except out emails to recipients who you have an existing business relationship with. For example, Arizona statute states “Established business relationship" means a prior or existing relationship formed by a voluntary communication between a person or entity and the recipient, with or without an exchange of consideration, on the basis of an inquiry, application, purchase or use by the recipient regarding products or services offered by the person or entity.”
Regardless, compliance with state laws does not exempt compliance from federal law.
What is a transactional or relationship message?
A transactional email is generally one that:
1. facilitates or confirms a commercial transaction that the recipient already has agreed to;
2. gives warranty, recall, safety, or security information about a product or service;
3. gives information about a change in terms or features or account balance information regarding a membership, subscription, account, loan or other ongoing commercial relationship;
4. provides information about an employment relationship or employee benefits; or
5. delivers goods or services as part of a transaction that the recipient already has agreed to.
So, here is why we need to understand this issue and address it with our clients. Insured’s can easily violate the law as it only takes one unsolicited email. Consider this. One of our clients gets a referral from an existing client saying you should contact my friend. They get back to their office and follow up on the referral and send the prospect an email. It doesn’t matter if they were referred. The act of sending that single email can be a violation of CAN SPAM. It will be an uncovered loss because it is excluded from coverage.
It probably would not rise to the level of an E&O claim, but it does not mean we shouldn’t be there and provide our clients with advice they need to run their business. Therefore, as good client advisors, we need to know about these regulations and help our client market responsibly in a legal fashion.
There are some very good websites which shed light on the issue. The first is a page from the Federal Trade Commission. The second is a private website which provides a compendium of federal and state laws.