Compliance Blog

Happy Wednesday, Compliance Friends! Today, I’ll be discussing the Controlling the Assault of Non-Solicited Pornography and Marketing Act (the CAN-SPAM Act) and whether credit unions are required to provide an unsubscribe option in emails that contain transactional or relationship content.

The prohibition against deceptive headers (i.e., the “source, destination, and routing information”) applies to all emails. However, other CAN-SPAM prohibitions and requirements only apply to commercial emails. One such requirement is the requirement to include an opt-out (e.g., an unsubscribe link). CAN-SPAM provides that:

“(5) Inclusion of identifier, opt-out, and physical address in commercial electronic mail

  (A) It is unlawful for any person to initiate the transmission of any commercial electronic mail message to a protected computer unless the message provides—

(i) clear and conspicuous identification that the message is an advertisement or solicitation;

(ii) clear and conspicuous notice of the opportunity under paragraph (3) to decline to receive further commercial electronic mail messages from the sender; and

(iii) a valid physical postal address of the sender.” (Emphasis added).

Essentially, if a credit union is sending a commercial email, then it must provide the member with an opportunity to opt-out of receiving those messages.

So, what is a commercial email? CAN-SPAM defines a “commercial electronic mail message” as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose).” It goes on to state that “[t]he term ‘commercial electronic mail message’ does not include a transactional or relationship message.”

CAN-SPAM is implemented by the FTC at 16 CFR Part 316. Section 316.3(c) discusses when content under the CAN-SPAM Act is considered transactional or relationship content, and provides that it is content:

“(1) To facilitate, complete, or confirm a commercial transaction that the recipient has previously agreed to enter into with the sender;

(2) To provide warranty information, product recall information, or safety or security information with respect to a commercial product or service used or purchased by the recipient;

(3) With respect to a subscription, membership, account, loan, or comparable ongoing commercial relationship involving the ongoing purchase or use by the recipient of products or services offered by the sender, to provide -

(i) Notification concerning a change in the terms or features;

(ii) Notification of a change in the recipient's standing or status; or

(iii) At regular periodic intervals, account balance information or other type of account statement;

(4) To provide information directly related to an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or

(5) To deliver goods or services, including product updates or upgrades, that the recipient is entitled to receive under the terms of a transaction that the recipient has previously agreed to enter into with the sender.”

Additionally, if a credit union sends an email with mixed commercial content and transactional or relationship content, then the primary purpose of the message will determine what requirements apply. Section 316.3(a)(3) provides the following:

“(3) If an electronic mail message contains both the commercial advertisement or promotion of a commercial product or service as well as other content that is not transactional or relationship content as set forth in paragraph (c) of this section, then the “primary purpose” of the message shall be deemed to be commercial if:

(i) A recipient reasonably interpreting the subject line of the electronic mail message would likely conclude that the message contains the commercial advertisement or promotion of a commercial product or service; or

(ii) A recipient reasonably interpreting the body of the message would likely conclude that the primary purpose of the message is the commercial advertisement or promotion of a commercial product or service. Factors illustrative of those relevant to this interpretation include the placement of content that is the commercial advertisement or promotion of a commercial product or service, in whole or in substantial part, at the beginning of the body of the message; the proportion of the message dedicated to such content; and how color, graphics, type size, and style are used to highlight commercial content.” (Emphasis added).

Based on the above, if the primary purpose of an email being sent by a credit union is transactional or relationship, then it is exempt from most provisions of the CAN-SPAM Act (aside from the fact that it may not contain false or misleading header information – that applies to all emails). In conclusion, transactional or relationship emails are exempt from the requirement to provide an unsubscribe option. 

Additionally, the FTC’s Compliance Guide for Business is another useful resource credit unions can use to gain information about complying with CAN-SPAM.

--------------------------------------------------------------------------------------------------------------

Online Compliance Training Subscriptions: For just one price, your entire credit union receives access to over 40 hot-topic compliance webinars per year, so your team can master challenges like BSA, data security, risk management, loss prevention, and more. Learn more. 

FCU Powers & Limitations, NCUA, Share Insurance, Reg E, and more! 

NAFCU’s Regulatory Compliance School On-Demand covers all the major regulations that impact your CU. Plus, earn your NAFCU Certified Compliance Officer (NCCO) when you pass the optional exams. View the agenda to see the full lineup.