Compliance Blog

Mar 29, 2021
Categories: Advertising

Email Marketing: A CAN-SPAM Refresher

With less members coming into branches, credit unions are relying heavily on internet advertisements to increase business. But can a credit union send marketing emails to its members and non-members?

The answer is YES! Besides the NCUA, Truth in Savings Act, and Regulation Z advertising requirements, there are also some requirements set out by The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM) for the credit union to follow.

The CAN-SPAM Act is a law that sets the rules for commercial email, including requirements for what emails must contain and the providing recipients the right to opt-out of future emails. Section 7704(a)(3) of the CAN-SPAM Act allows consumers to opt-out of receiving commercial e-mails. In order to exercise this right, CAN-SPAM requires credit unions sending commercial e-mails to include an “unsubscribe” link to be included in any marketing-type emails sent to members:

“(3) Inclusion of return address or comparable mechanism in commercial electronic mail

(A) In general

It is unlawful for any person to initiate the transmission to a protected computer of a commercial electronic mail message that does not contain a functioning return electronic mail address or other Internet-based mechanism, clearly and conspicuously displayed, that—

(i) a recipient may use to submit, in a manner specified in the message, a reply electronic mail message or other form of Internet-based communication requesting not to receive future commercial electronic mail messages from that sender at the electronic mail address where the message was received; and

(ii) remains capable of receiving such messages or communications for no less than 30 days after the transmission of the original message.”

The statue allows credit unions to send marketing emails to members but requires the ability for the member to opt-out of emails. The statute has few implementing regulations to clearly set forth the opt-out requirements.

Besides the ability to opt-out, section 7704(a) sets the requirements credit unions must follow when sending “commercial electronic messages.” CAN-SPAM sets forth limitations on emails including a prohibition against false or misleading header; a prohibition against deceptive subject headings; mandatory identifying an advertisement; and mandatory inclusion of a functioning electronic return address.

Section 7704(a)(5)(B) states that if the member has “given prior affirmative consent to receipt of the message,” the email does not need to include the requirements of section 7704(a)(5)(A), which include “clear and conspicuous identification that the message is an advertisement or solicitation and a valid physical postal address of the sender.”

This was further clarified in a FTC blog post, Candid Answers to CAN-SPAM Questions, which states:

“I plan to send commercial email to a list of people who have given prior affirmative consent to get messages from my company.  So I don’t have to worry about complying with the CAN-SPAM Act’s commercial email requirements, right?

CHRISTOPHER: Wrong. If recipients have given their prior affirmative consent to get messages from you, you’re exempt from the requirement of identifying the message as an ad or solicitation – but that’s it. All other CAN-SPAM requirements still apply. Therefore, email to those people still has to include accurate header information and subject lines and a valid physical address. And you still must include information on how to opt out of receiving future email and honor opt-out requests promptly.”

If a member has opted-in to receiving emails, the CAN-SPAM requirements still apply for any commercial emails the credit union is sending, except the statute does not require the credit union to state that the email is an advertisement.

What about non-members?

This FTC blog post clarifies that “the CAN-SPAM Act doesn’t require initiators of commercial email to get recipients’ consent before sending them commercial email. In other words, there is no opt-in requirement. So, in general, as long as you follow the “initiator” requirements of the Act, you can send email until the recipient asks to opt out.” The statue allows credit unions to send marketing emails to potential members but requires the ability for the potential member to opt-out of emails. One thing to note is the possibility that addresses received belong to people who have already opted out of receiving email from the credit union.

CAN-SPAM has tough and potentially costly penalties for violations so the credit union may want to review these items and the FTC’s CAN-SPAM Act: A Compliance Guide For Business carefully.