The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 is a law that established the United States' first national standards for the sending of commercial email. CAN-SPAM sets the rules for commercial messages, provides email recipients rights to stop receiving email, and specifies the penalties for violating the law.
CAN-SPAM applies to more than just bulk email, however, despite its name. According to the law, it covers "any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service," including email that promotes content on commercial websites.
CAN-SPAM requires senders of commercial email messages to:
- Promote a clearly and conspicuously displayed functional, Internet-based opt-out mechanism
- Include a valid postal address
- Provide clear notice that the message is commercial
- Process unsubscribe requests within ten business days of an opt-out request
The Act prohibits senders of commercial email messages from using false header information (deception regarding the source of the email) and deceptive subject lines.
CAN-SPAM includes requirements regarding:
- Consent
- From name
- Subject line
- Commercial notice
- Suppression lists
- Unsubscribe mechanism
- Postal address
- Multiple advertisers
- Forward to a Friend (FTAF)
- Sexually-oriented material