Public Policy

Accountability and Oversight

Anti-Spam Law

Resources

FTC guidance for emailers

FTC guidance on unsubscribe requests

FTC final spam rule (PDF)...5/21/08

IS Comments on Proposed May 2005 Rule (PDF)...6/27/05

FTC Proposed Rule (PDF)...5/12/05

IS Position

CAN-SPAM Act Requirements

Good E-Mail Practices

Background

FTC Adopts Final Rule on Spam Advertisements

The Federal Trade Commission issued a rule (PDF) finalizing some unresolved issues surrounding implementation of the CAN-SPAM Act (PDF) on May 21, 2008. Although the CAN-SPAM Act's primary focus is the regulation of business entities selling goods and services via email, nonprofits sending commercial email messages are not exempt from the requirements of the law, which are detailed below. There were no major changes in the final rule, but there were several clarifications, which are listed below. The final rule will go into effect on July 7, 2008.

Application to Nonprofits
The May 2008 notice repeats FTC’s previous position that the CAN-SPAM Act applies to any commercial message regardless of who sends it -- “When nonprofit organizations send emails the primary purpose of which is the advertisement or promotion of a commercial product or service, recipients are entitled to the Act’s protections.” The FTC also notes that the CAN-SPAM Act did not change its jurisdiction; therefore the FTC still lacks authority to enforce the CAN-SPAM Act against any entity that is not “organized to carry on business or its own profit for that of its members.” The Act does, however, allow states, other federal agencies, and internet service providers to bring actions against nonprofits in this area.

Clarifications in the May 2008 Rule

  • Ten business days to honor opt-out – The final rule keeps the requirement that senders of commercial email honor opt-out requests within ten business days, and rejects a proposal that would have shortened the response time to three business days.
  • Valid physical postal address – The Act requires senders of commercial email to include “a valid physical postal address” with the message. The final rule clarifies that Post Office boxes and private mail boxes will meet this requirement. (IS supported allowing use a post office box for organizations that do not want to list a street address for security concerns. See IS Comments on 2005 proposed rule.)
  • Multiple senders – The definition of “sender” was modified in the final rule to allow multiple senders of one commercial email to designate one as the “designated sender” for purposes of honoring opt-out requests.

Requirements of the CAN-SPAM Act
Nonprofit organizations must follow the FTC rules for any email messages fitting the definition of commercial email, including opt-out provisions, to be in compliance with the CAN-SPAM Act. Therefore, all emails that are solely commercial (selling a product or service), contain a commercial message in the subject line, or have commercial content in the message that comes before other non-commercial content in the email are required to have:

  • Clear notice of and a method for opting out of receiving commercial messages from that sender. The sender must cease sending commercial emails to recipients who opt out within 10 business days of receiving an opt-out notice.
  • A valid return email address and header information accurately identifying the sender of the email,
  • A valid physical address of the sender, and
  • Clear and conspicuous notice that the message is an advertisement or solicitation.

Primary Purpose of Commercial Email
The FTC issued a rule (PDF) in January 2005 defining the term “commercial email” for purposes of the CAN-SPAM Act. The rule defines three categories of email: commercial email, transactional or relationship email, and dual-purpose email (either commercial and transactional/relationship, or commercial and neither commercial nor transactional/relationship.) Email that has no commercial or transactional /relationship content (newsletters, action alerts, fact sheets, meeting notices, etc.) is not covered by CAN-SPAM or by this rule. However, nonprofits should follow good email practices for all of their email communications.

  • Commercial email - Any electronic mail message that has the primary purpose of advertising or promoting a commercial product or service. This definition includes any email that contains a reference or link to an Internet website operated for a commercial purpose.

  • Transactional or Relationship email – Email messages concerning transactions between the email recipient and the email sender, such as the status, terms, features, or account balance information of a subscription or membership or a comparable ongoing purchase of products or services. An example of such a message might be an email about a member’s dues, or the amount owed for an annual meeting. The FTC anticipates that nonprofit emails covered by this rule will most likely fall into this non-commercial category.

  • Dual-Purpose Email
    1. Commercial and Transactional/Relationship – Email that contains both commercial content and “transactional or relationship” content (including membership information) will NOT be considered commercial in nature if both:

a) The “transactional or relationship” content is located at or near the beginning of the email, and
b) The recipient’s reasonable interpretation of the subject line would not likely lead to the conclusion that the email message advertises or promotes a commercial product or service.

2. Commercial and Non-Transactional/Relationship – If the email contains both commercial content and content that is neither commercial nor transactional/ relationship content, the email would NOT be deemed commercial if both:

a) The subject line does not lead the recipient to conclude that the email advertises or promotes a product or service, and
b) The recipient would not reasonably conclude from the text that the main purpose is to advertise or promote a product or service.

Background
 The CAN-SPAM Act (S. 877), enacted in December 2003, essentially requires senders of commercial email to allow recipients to opt out of receiving further commercial email messages.  It supersedes any state law regulating commercial email, except for fraud statutes.

In March 2004, the FTC requested comments on how to implement portions of the CAN-SPAM Act. Specifically, the FTC requested guidance on how to determine whether the primary purpose of a message is “commercial” and how to distinguish between commercial messages and messages that are sent from an organization to its members regarding membership status or information about an ongoing relationship (e.g. previous conference or workshop attendee, book buyer, etc.).  After consulting with members, Independent Sector submitted comments in April 2004 urging the FTC to exempt nonprofit email messages from the rule, including those that promote conferences, membership, and other services for which fees are charged.

In August 2004, the FTC published a notice in the Federal Register seeking comments on a proposed rule defining the term “commercial email.”  A nonprofit exemption, which had been proposed by Independent Sector, was considered and rejected in the proposed rule. The reason given for not exempting nonprofits was: "Consistent with the CAN-SPAM, the proposed 'primary purpose' criteria apply to all email messages with commercial content, regardless of whether sent by a nonprofit entity or a for-profit entity." The notice adds that it seems likely that “most” messages from nonprofits would not have a commercial primary purpose and therefore would not be covered by the Act. The FTC notice points out that while it does not have jurisdiction over nonprofits, the CAN-SPAM Act allows enforcement by the states, other federal agencies, and private right of action by internet service providers.

On May 12, 2005, the FTC issued a proposed rule to further implement the CAN-SPAM Act. The proposed rule modified portions of a January 2005 rule pertaining to commercial email. Of most significance to nonprofit organizations was the proposal to shorten the time period for honoring opt-out requests from ten business days to three business days. Compliance with this shorter time period would have been difficult for nonprofits, especially smaller ones, due to limitations of staff, technical infrastructure, and/or financial resources.

Independent Sector submitted comments urging the FTC to allow a more workable 30-day time period for processing opt-out requests, to classify “Tell a Friend” messages as routine conveyances rather than intentionally inducing communication, and to exempt from commercial email regulations messages to members for 12 months after membership lapses.

Independent Sector Position
Independent Sector believes communications from nonprofit organizations in furtherance of their tax-exempt mission should be exempt from restrictions intended for unwanted commercial email.  Nonprofit organizations have a responsibility to honor requests from any member of the public to remove his or her name and contact information on future solicitations and other communications.  However, provisions must be made to allow adequate time for processing such requests and penalties should provide room for unavoidable circumstances and inadvertent errors. 

Following Good E-Mail Practices
Regardless of what the law requires now or in the future, nonprofits should comply with the spirit of the law by establishing a standard operating procedure based on the following practices.

  • Always provide clear, accurate source and contact information for all e-mail sent by staff members or sent on behalf of the organization, including a valid e-mail and postal address to which replies can be sent, and a subject line that correctly reflects the message’s contents.
  • Provide e-mail recipients with a clear method for unsubscribing or opting out of future messages. Develop standard opt-out language for all e-mail messages, such as to paste unsubscribe in the subject line and hit “Reply,” or to click a link to a Web site that automatically unsubscribes the recipient.
  • Create clear systems and procedures to honor any stop e-mail request in a timely fashion, preferably within 10 business days. Train staff and volunteers on proper procedures for sending e-mail, and have a designated official regularly review outgoing messages to verify that they meet internal standards.
  • Clearly explain the organization’s e-mail policies to any corporate sponsors, partners, or vendors with whom it might be cooperating.
  • Ensure that outside vendors comply with industry standards such as those developed by the Direct Marketing Association or the Association for Interactive Media’s Council for Responsible E-mail. Any vendor or organization sending e-mail on your behalf should provide to you the e-mail address of anyone who has requested to be dropped from your e-mail communications list.

EphilanthropyFoundation.org, a nonprofit that promotes the ethical and efficient use of the Internet for philanthropic purposes, recommends adopting either an opt-in or opt-out mechanism to avoid sending unsolicited communications. It also advocates using only those rented or exchanged e-mail lists that are verified as having been obtained through donors or prospects opting in.

Adhering to ethical, responsible e-mail practices will not only help your institution comply with federal laws and regulations, it will also help prevent messages from getting caught in anti-spam filters operated by Internet service providers. Some ISPs are developing “white list” rules that allow e-mail senders who follow a code of best e-mailing practices to send e-mail without being subject to their filters.

Following good e-mail practices and helping the FTC to stop the flow of spam will help to ensure that electronic mail remains an efficient and effective communications tool for all.



 Last updated: May 28, 2008

 
Copyright © 2008 Independent Sector.
All Rights Reserved. Privacy Policy.