The Federal Trade Commission (FTC) has issued four new CAN-SPAM rules (links to a PDF), which update the CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act). They go into effect at the end of June ‘08 and affect all senders of commercial e-mail or e-Newsletters.

Now I am not a lawyer (much more detailed analysis by actual lawyers), but as I read the new rules they include the following requirements:

1. The ability to opt-out of a mailing list must be accomplished by one single action—either replying to the e-mail, clicking on an unsubscribe button, or clicking through to a single web page that completes the process. Period. What many e-mails use is the third option where individuals are taken to a web page and then asked to enter personal information like an e-mail address and/or password. This is no longer acceptable.

2. The FTC has further defined the meaning of “person” for the purpose of whether CAN-SPAM applies. It now applies to everybody that could send an e-mail. A single person working out of their house, a company, or a non-company are now liable to the provisions in CAN-SPAM.

3. Now the use of a post office box (POB) or private mailbox (PMB) as the physical address included in the commercial mailings satisfies CAN-SPAM.

4. For any e-mail which contains third party ads, either the party who the e-mail is “from” must have also include an ad in the message (in which case they become responsible for processing opt-out requests) or all of the advertisers with ads in the mailing are responsible for the opt-out requests. The FTC calls this the “Designated Sender” rule.

For most professionals paying attention just a little to e-mail best practives I can’t see how these new rules with have much of an affect on their activities. But it is important you are aware of them.

Update: