We're making Active Intelligence even better with our acquisition of Feedback Intelligence. Read more.

← Back to Glossary

What are anti-spam laws?

Definition

Anti-spam laws

Anti-spam laws protect people from receiving unwanted commercial emails. They set rules for how businesses can send marketing messages, what those messages must include, and how recipients can opt out.

If you send marketing emails, these laws apply to you. Understanding them keeps your campaigns compliant and your sender reputation intact.

The major anti-spam laws you need to know

Different countries have their own regulations, but a few laws shape most email marketing practices worldwide.

CAN-SPAM Act (United States)
Passed in 2003, CAN-SPAM governs all commercial email sent to or from the United States. Despite its name, it doesn't ban unsolicited email outright. Instead, it requires senders to follow specific rules about content, identification, and opt-out mechanisms.

CASL (Canada)
Canada's Anti-Spam Legislation is stricter than CAN-SPAM. It requires express or implied consent before you send commercial messages to Canadian recipients. The penalties are steep, making compliance essential for anyone marketing to Canadians.

GDPR (European Union)
While primarily a data protection regulation, GDPR affects email marketing significantly. It requires explicit consent for processing personal data, including email addresses used for marketing purposes.

CAN-SPAM requirements at a glance

The FTC enforces CAN-SPAM and has outlined clear requirements for compliance:

  1. Use accurate header information (your "From," "To," and "Reply-To" fields must identify your business truthfully)
  2. Write honest subject lines that reflect the email's content
  3. Identify the message as an advertisement
  4. Include your valid physical postal address
  5. Provide a clear way to opt out of future emails
  6. Honor opt-out requests within 10 business days
  7. Monitor what third parties do on your behalf

Each violation can result in penalties exceeding $50,000 per email. When you're sending thousands of messages, non-compliance gets expensive fast.

What CAN-SPAM doesn't require

Here's what surprises many marketers: CAN-SPAM doesn't require opt-in consent. You can legally email someone who hasn't explicitly signed up, as long as you follow all other requirements.

That said, just because something is legal doesn't mean it's effective. Cold email without prior consent typically performs poorly and can damage your sender reputation. Most email service providers, including ActiveCampaign, require permission-based lists as part of their acceptable use policies.

How consent requirements differ by region

The biggest difference between anti-spam laws comes down to consent.

Opt-out model (CAN-SPAM): You can send until someone asks you to stop. The burden falls on the recipient to unsubscribe.

Opt-in model (CASL, GDPR): You need permission before sending. The burden falls on you to prove consent exists.

If you email internationally, the stricter standard applies. A U.S. company emailing Canadian subscribers must follow CASL. An Australian business emailing EU residents must comply with GDPR.

Required elements in every marketing email

Regardless of which law applies, compliant marketing emails share common elements:

  • Clear sender identification
  • Accurate subject line
  • Physical mailing address
  • Functional unsubscribe mechanism
  • Disclosure that the message is promotional (when required)

ActiveCampaign automatically includes an unsubscribe link in every campaign. You'll need to add your physical address to your account settings, and it will appear in your email footer.

What happens when you violate anti-spam laws

Penalties vary by jurisdiction and severity. CAN-SPAM violations can reach over $50,000 per email. CASL penalties go up to $10 million CAD for businesses. GDPR fines can hit 4% of global annual revenue.

Beyond legal penalties, spam complaints hurt your deliverability. Too many complaints and your emails start landing in spam folders, or your sending privileges get revoked entirely.

FAQs

Does CAN-SPAM apply to B2B emails?
Yes. CAN-SPAM covers all commercial messages, including those sent to business email addresses. There's no exemption for B2B marketing.

Do I need consent to send transactional emails?
Transactional emails, such as order confirmations, shipping updates, and password resets, are generally exempt from anti-spam consent requirements. However, they still can't contain false or misleading information.

What counts as a valid physical address?
A street address, registered P.O. Box, or private mailbox registered with a commercial mail receiving agency all qualify under CAN-SPAM.

How long do I have to process an unsubscribe request?
CAN-SPAM gives you 10 business days. CASL allows 10 business days as well. Best practice is to process them immediately, which most email platforms do automatically.

Ready to send compliant campaigns that actually reach the inbox? Start your free ActiveCampaign trial and see how built-in compliance features make email marketing easier.

Ready to take ActiveCampaign for a spin?

Try it free for 14 days.

Free 14-day trial with email sign-up
Join thousands of customers. No credit card needed. Instant setup.

Connect with all your favorite tools

Salesforce
Wix
WordPress
Webflow
Facebook
Instagram
Google Ads
Google Sheets
Calendly
Slack
Square
Typeform
Zapier
Make
Shopify
WooCommerce
Stripe
Mindbody
Clay