CAN-SPAM Myth #1: Applies Only to Spam

Three CAN-SPAM Myths: CAN-SPAM is the US Federal Anti-spam law. If you're sending commercial email in the US, or you're a savvy spam filterer, you probably already know a bit about the law. But, did you know these specific points? Here are three common myths that I have run into, where people misunderstand what CAN-SPAM does or doesn't do.

Keep in mind I'm not a lawyer, and this is not legal advice.

Today in my first of three posts in the series, I'll address CAN-SPAM Myth #1: That the law applies only to spam.

The truth of the matter is CAN-SPAM's requirements apply to any commercial or transactional messaging you send. Today, I'm going to focus specifically on commercial messaging. What is a commercial message? The law itself explains. "The term 'commercial electronic mail message' means any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose)."

Example Double Opt-In Process

If you're wondering why my blogging schedule has been light lately, it's because I've been working on a project; building a mailing list manager to handle discussion lists and broadcast lists from my own server.

As a part of that project, I'd like to share with you my test double opt-in script. Feel free to poke at it, test it, share it with folks whom you'd like to nudge to make the change to confirmed on in.

It's a test list that you can't actually receive mail from, so it's safe to sign up, to see how double opt-in works.

I'd love your feedback, feel free to email me or leave a comment letting me know your questions or concerns.

Recent Spam Litigation Activity in California Courts

Click here to read a nice little overview from Venkat Balasubramani, published on his Spam Notes blog.

Alleged Spammers Using Google Apps: Bad Idea

If you are alleged to have sent spam, alleged to have created thousands of webmail accounts in order to shovel spam selling Acai berry-related products, maybe storing details of your alleged crimes "in the cloud" isn't such a great idea.

Why does the name Pulse Marketing ring a bell? I can't recall for sure. But, I've certainly dealt with marketers that I consider to be similar in that they often have somewhat generic company names, unfinished or very information-free websites, never listing principals behind the company, use UPS Stores or other "dropbox" mailing addresses, etc. Probably all legal practices, but red flags when trying to assess likelihood of best practice compliance by way of looking at the transparency of their business practices and contact information.

(H/T: @PrivacyLaw)

The Pernicious Effect of Gordon vs. Virtumundo

This is an interesting one. John Levine writes: "Bennett Haselton, who runs the Peacefire anti-censorship site, is one of the more successful anti-spam litigants. He says he's filed about 140 suits, mostly in small claims court, and has won the majority of the suits that got far enough to be decided on the merits. But last month, in Federal court in Seattle, he lost a suit against Quicken Loans that he should have won, partly because of his own mistakes, but largely because of the pernicious effect of Gordon vs. Virtumundo."Read more...

Speaking of, who previously won their own anti-spam lawsuit, has yet again had to deal with spam allegations leveled against them.

The Contra Costa Times reports that " has agreed to pay a $650,000 settlement and halt deceptive practices in which millions of people unknowingly gave the site access to their entire e-mail contact list, the San Francisco District Attorney's Office said Monday."

SFGate Blogger Zennie62 writes, ", started in 2004, may claim a membership based of 80 million and be the third largest social network, but after this let's see how many people stick around. At a tech lunch event held in 2006 in Downtown San Francisco, one of the founders bragged to this blogger that was worth $700 million."

And let's not forget, Time Magazine called "The World's Most Annoying Website" last year.

CAN-SPAM Compliance Impacts Deliverability?

This morning I spent a few minutes going through my Gmail spam folder, looking for legitimate mails that might have been accidentally marked as spam by the Gmail system. It's rare, but it happens.

I found a message from, a company I purchased an antenna from, once upon a time. I really don't want to receive emails from them. I'm not likely to be a repeat customer, and I'm eager to get "edge case spam" - things that might be considered spam or not, maybe from companies that I signed up for, out of my mail stream, so that I can trust my spam folder to contain "true" spam, because I'm a bit of a data geek and want to be able to write a script that parses that information and logs it.

Beware: Free Gift Card Ads

Watch out for those ads offering you free gift cards, free iPads, MacBooks, whatever. Invariably the goal of the person behind the ad is to get as much personal information out of you as possible, so that they can sell that data to various marketers. Who will then sell that data to other marketers. Who then market to you repeatedly. And sell the data to even more marketers, who also market to you repeatedly. Lather, rinse, repeat.

Consumerist and MacWorld warn readers about these kind of ads, specifically ones found on Facebook. They call them scams. I'm not sure if that term is accurate or not. It might be. But what I do know for sure is that they are email avalanches in the making. You remember my Co-reg tracking project? The 11,000+ email marketing messages I've received in response to me signing up on just a handful of websites? Well, most of those websites are exactly the kind of ones that Consumerist and MacWorld are warning you about.

These "free gift" sites take the data from the one or two forms you fill out, and sell it all over hell and gone. That's why I've got individual addresses that have received 200+, 500+ or even 1000+ "fabulous offers."

This is the exactly the kind of co-registration or lead generation thing that gives email marketing a black eye. Email marketers, put yourself in the consumer's shoes. Do you really want to do that to your email account?

Do you track your opt-in data?

Hey, if you're running a marketing program, if you manage a marketing list, I have to ask: Are you tracking where and when and how each recipient signs up for your email list?

Surprisingly, I'm finding that many marketing managers aren't tracking this. This is sad, because sometimes this data is the last line of defense against you getting sanctioned over allegations of sending spam.

Harvard Business Review Is DEAD Wrong About Opt-Out

Blue Sky Factory's DJ Waldow has posted an excellent rebuttal to this awful Harvard Business Review article pining for opt-out email marketing. I think DJ's response is spot on; the HBR article was written by somebody seemingly out of touch, someone who is suggesting that practices need to change without providing any compelling reason or data as to why opt-out is supposedly better.

Your Help Needed: Sign me Up!

Hey, I created this Gmail account -- -- and I'd love to see what you can get it signed up for. Spam, non-spam, edge case stuff, what have you. Could you do me a favor and sign it up for various things? I'm not quite sure what I'll do with the mail that comes through; maybe check the sender scores on all the IPs that send the mail, look for some non-CAN-SPAM compliant senders, maybe build some summary reporting to share with the internets, who knows what. Regardless, I'm thinking it might be fun to see what comes through. So, would you be willing to help me out?

Again, that address is Thanks in advance!