In March, the California court made a new ruling about email sender identification that now has marketers across the U.S. scratching their heads, wondering how to modify their campaigns to stay out of the legal fire.
This new law is all about discouraging the sending of promotional emails that contain false or misrepresenting header information. It strictly demands that commercial email advertisements (in other words, email sent specifically to sell a product or advertise a service) must include a domain name which is registered to the sender in the "from" line of the email, or the name of the sender or marketer on whose behalf the email was sent.
How do I know if I have to worry about the spam law?
First and foremost, California's spam law applies to any U.S.-based company sending email to consumers within California.
The "Golden State" has one of the most important anti-spam statutes in America, simply because historically it's been an area where consumers and the government have been highly active in enforcing the law.
All U.S. businesses need to be concerned about this spam law because, under the United States Supreme Court Guidelines, if you are advertising to somebody in California, then you are subject to their jurisdiction.
As a result, if you are sending email even to a single person living in California (whether you know they're located there or not) you may already be at risk.
Key differences between the federal CAN-Spam law and California spam law
Everyday companies that are doing online marketing will really need to be careful about sending their email campaigns only if they're compliant with both state law and federal law.
It takes a lot more than complying with the CAN-Spam Act if you want to be in full adherence with the various state-wide spam laws that are out there. In fact, part of the reason why the federal CAN-Spam Act was passed was merely to serve as a general standard and point of reference that's enforceable on a country-wide scale, because of the variances in state laws.
Which law rules then, you may ask?
Here's how it works:
Whenever spam complaints make it to court, the burden is on the sender of the email to show that everything they did was correct, in this case demonstrating not only compliance with California law, but U.S. federal law as well.
Further considerations for sending email to and within California
California State has long been known to enact statutes that are more stringent, more limiting, and more particular than the CAN-Spam national standard.
For instance, one of the major general differences is that CAN-Spam requires there to be an opt-out mechanism in every email and that the advertisers comply with opt-out requests within 10 business days. But in California, there is no demand for an opt-out mechanism, nor is there any rule that the recipient must actually opt-out.
This means that if somebody receives a commercial email that they didn't sign up for, they don't have to request to be removed from the sender's list. In fact, the recipient is free to wait and collect loads of emails, and then later sue the sender for a tidy sum of $1,000 per email.
So if you're an active bulk email marketer, these penalties can add up very quickly indeed.
While most business people may think that as long as they have an opt-out they're safe, in California, that's not true. Even if the advertiser can prove that they have mechanisms and procedures in place to prevent sending unsolicited emails and that the recipient was inboxed unintentionally or mistakenly, the penalty is still at least $100 per message.
And that's just the beginning of it: California also has other laws which apply to the body of the email. For example, if you are sending an email that says "you opted in" on date X, "using IP address" Y, and that information is incorrect, you'd be running afoul of the Consumers' Legal Remedies Act.
Another problem that often occurs is when somebody signs up to a mailing list using an email address that doesn't belong to them personally. And then, when the advertiser sends an eflyer to that email address, the individual who really owns it will actually not have opted in, and by Californian definition, it will count as a legally punishable, unsolicited commercial email.
Of course, if you manage your list subscriptions via a double opt-in mechanism where new sign-ups are emailed first to confirm their interest after submitting their contact details (which is not demanded by Can-Spam or California law), you should be able to steer clear of this hazard.
What is "header information?"
Back to the statute at hand though, here is some of the nitty-gritty of the new ruling.
The spam law mainly refers to the headers of the email; which means you cannot use false, misleading, or deceptive headers, including "from," "to," "reply to," or even "subject lines."
At the core of the court's decision, emails have to directly identify some actual person they are sent by or on behalf of. However, one immediate issue is that the California statute does not go on to expressly define "header information" (for the time being), and so technically speaking, this can be argued to extend to all of the above fields and even the top portion of the email body.
The definition in the CAN-SPAM Act, on the other hand, more clearly talks about header information as the readable parts of the "from line," and does not deal with information in the actual body of an email itself.
It's this definition disparity that's creating a real compliance conundrum for the average business person.
How to make sure your marketing emails follow the law
There is a solution at hand:
For starters, to play it safe across the legislative board, make sure you're clearly identified in the "from line" of every send. You can do this by using a name or title for your website that recipients can look up on a public domain directory like whois.com.
One way to look at the law is:
So, addresses such as "info@," "no-reply@," and "marketing@" are all still fine, ideally, as long as they're attached to a domain name such as "[email protected]," which should also be registered in the name of the business owner, and not by a proxy or a private server.
To help you know who your recipients are, send out a mailer asking your subscribers what state they live in, and use that feedback to create a geo-location list segment that identifies California residents. Pay careful attention to how you identify yourself to this segment, and maybe even think about creative ways of including your domain name in your subject line to make extra sure that you're protected.
What if you're using a Freemail address?
Since a lot of marketers are using free email providers like Gmail, Hotmail, or Yahoo (a practice which is often loathed by email service providers), they'll need to take additional steps to ensure that their emails are legal, unless they're willing to shift to sending emails from their own web domain exclusively.
Fortunately though, since California's legal definitions are a little vague right now about what header information actually is, there is still some room to maneuver for "Freemailers."
No matter what, you'd still need to identify yourself by including a direct reference as your "from address" (such as "[email protected] .com"), but if you strongly prefer to keep using a Freemail address, that's obviously not possible.
What you need to do in this case is:
- Use your domain name as a sending name (i.e. [email protected]).
- Include a few words explicitly identifying yourself and your business as high up in the body content of each email sent as possible. For example, if you're trying to drive subscribers to visit your website "http://www.tomsflowers.com/," the best thing to do would be to place that web address in or on top of the email headline area, or as a part of your sub-heading.
What this law is really all about
Overall, the intention behind this significant new statute is to make commercial emails more traceable and transparent, and to help reduce some of the misrepresentation and scamming which has become commonplace in digital communications today.
Marketers and their affiliate networks can no longer send promotional email that contains both a generic "from line" and that references a proxy or privately registered domain name that doesn't identify them directly.
Shaun Swanepoel, systems administrator of GraphicMail, says: "Most ESP's are already complying with CAN-Spam by enforcing the inclusion of headers and footers that directly identify marketers with every email sent. With the new Californian law coming into play, we are also strongly considering taking steps to expand our own vetting process to include strict 'from address' and 'from name' examination, which will ensure that all our clients are operating from a publically registered domain, and in doing so, already be compliant with the new statute."
Play it safe. Be loud and proud about your identity.
On Twitter? Follow iMedia Connection at @iMediaTweet.
"Attractive artwork of communication concept" image via Shutterstock.