CAN-SPAM Myth #3: Password Protecting the Unsub Page is OK
Three CAN-SPAM Myths: CAN-SPAM is the US Federal Anti-spam law. If you're sending commercial email in the US, or you're a savvy spam filterer, you probably already know a bit about the law. But, did you know these specific points? Here are three common myths that I have run into, where people misunderstand what CAN-SPAM does or doesn't do.
Keep in mind I'm not a lawyer, and this is not legal advice.
Today in my third of three posts in the series, I'll address CAN-SPAM Myth #3: That password protecting the unsubscribe page is acceptable.
Have you ever received an email advertisement, where you click on the unsub link, and then it says, please enter your username and password to continue? Did that upset you? Yeah? It appears that the FTC doesn't like it all that much either. They clarified this point specifically in May, 2008: Senders may NOT require that somebody login before they can unsubscribe.
The FTC explains: As proposed and adopted here, Rule 316.5 provides: "Neither a sender nor any person 239 acting on behalf of a sender may require that any recipient pay any fee, provide any information other than the recipient's electronic mail address and opt-out preferences, or take any other steps except sending a reply electronic message or visiting a single Internet web page, in order to: (a) use a return electronic mail address or other Internet-based mechanism, required by 15 U.S.C. 7704(a)(3), to submit a request not to receive future commercial electronic mail messages from a sender; or (b) have such a request honored as required by 15 U.S.C. 7704(a)(3)(B) and (a)(4)."
In the commentary associated with the May 2008 rule updates, they affirm that this rule now stands. In short, a sender cannot require that a recipient take any other step beyond sending a reply email message, or visiting a single web page. Period. End of story.
(Note that this applies specifically and only to commercial messaging.)
Here are quick links to all four posts in my past three part series (uh, what?) on CAN-SPAM Myths.
Three CAN-SPAM Myths: CAN-SPAM is the US Federal Anti-spam law. If you're sending commercial email in the US, or you're a savvy spam filterer, you probably already know a bit about the law. But, did you know these specific points? Here are three common myths that I have run into, where people misunderstand what CAN-SPAM does or doesn't do.
Keep in mind I'm not a lawyer, and this is not legal advice.
Today in my third of three posts in the series, I'll address CAN-SPAM Myth #3: That password protecting the unsubscribe page is acceptable.
Have you ever received an email advertisement, where you click on the unsub link, and then it says, please enter your username and password to continue? Did that upset you? Yeah? It appears that the FTC doesn't like it all that much either. They clarified this point specifically in May, 2008: Senders may NOT require that somebody login before they can unsubscribe.
The FTC explains: As proposed and adopted here, Rule 316.5 provides: "Neither a sender nor any person 239 acting on behalf of a sender may require that any recipient pay any fee, provide any information other than the recipient's electronic mail address and opt-out preferences, or take any other steps except sending a reply electronic message or visiting a single Internet web page, in order to: (a) use a return electronic mail address or other Internet-based mechanism, required by 15 U.S.C. 7704(a)(3), to submit a request not to receive future commercial electronic mail messages from a sender; or (b) have such a request honored as required by 15 U.S.C. 7704(a)(3)(B) and (a)(4)." In the commentary associated with the May 2008 rule updates, they affirm that this rule now stands. In short, a sender cannot require that a recipient take any other step beyond sending a reply email message, or visiting a single web page. Period. End of story.
(Note that this applies specifically and only to commercial messaging.)
- CAN-SPAM Myth #1: Applies Only to Spam
- CAN-SPAM Myth #2: This Law Makes it OK to Spam
- CAN-SPAM Myth #3: Password Protecting the Unsub Page is OK
- CAN-SPAM Myth #4: Doesn't Apply to Non-Profits
If you're looking for more guidance on CAN-SPAM, consider that CAN-SPAM non-compliance can have a negative impact on your deliverability. Looking for a helpful checklist to confirm CAN-SPAM compliance? Mickey Chandler has that for you. If you're an average joe user trying to deal with a sender who's not respecting the CAN-SPAM law, here are my tips on what to do about that. And finally, here's a link to my older CAN-SPAM information roundup.Comments
Post a Comment
Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.