FTC Opens New CAN-SPAM Act Proceeding

Client Alert

The Federal Trade Commission ("FTC" or "Commission") has set a June 27, 2005 deadline for interested parties to comment on the interpretation of key provisions of the CAN-SPAM Act of 2003 ("CAN-SPAM Act" or "Act").  The results of this proceeding have the potential to affect a number of email marketing decisions and practices.

The subjects addressed in the FTC’s notice include:

  1. the identification of the sender of a commercial electronic mail message ("CEMM") when more than one potential sender is involved;
  2. clarification of the Act’s "transactional or relationship message" category;
  3. the definition of "valid physical postal address" under the Act;
  4. treatment of "forward-to-a-friend" scenarios under the Act;
  5. modification of the time within which "opt-out" requests must be honored;
  6. prohibition on charging a fee or imposing other requirements on opt-out requests; and
  7. identification of additional aggravated violations related to CEMMs.

The following summarizes the Commission’s treatment of each of these issues.

Identifying the Sender of a Message

The Act requires the sender of a CEMM to honor recipients’ opt-out requests and provide recipients with a valid physical postal address for the sender.  The Act defines a sender, in turn, as "a person who initiates [a CEMM] and whose product, service, or Internet web site is advertised or promoted by the message."

Under this definition, there is no trouble identifying the sender when a single company’s product or service is advertised.  In many cases, however, an email message advertises the products or services of more than vendor.  If all the vendors advertised in such a multi-vendor message are classified as senders under the Act, then each vendor must provide an opt‑out mechanism and postal address, maintain a separate suppression list of opted-out recipients, and share information concerning opted-out recipients with list owners and other advertisers.  As a number of parties have pointed out to the Commission, these cumbersome procedures would needlessly burden businesses, frustrate consumers and violate vendors’ privacy commitments.

In its recent notice, the FTC proposes a refinement to the "sender" definition that is intended to solve this problem.  Specifically, the FTC proposes that "when more than one person’s products or services are advertised or promoted in a single electronic mail message, each such person . . . will be deemed to be a ‘sender,’ except that if only one such person both is within the Act’s definition and meets one or more of the criteria set forth below, only that person will be deemed to be the ‘sender’ of that message:

(i)  the person that controls the content of such message;

(ii)  the person that determines the electronic mail addresses to which such message is sent; or

(iii)  the person identified in the ‘from’ line as the sender of the message."

In the Commission’s view, this proposed rule gives email marketers the means to control the number of senders that any of their messages will have.  Simply by structuring the message so that the same entity controls the content, selects the address list and places its address in the "from" line, the marketer can avoid any confusion about the identity of the sender.

Although helpful, the proposed rule fails to resolve some obvious questions.  Consider, for example, the apparently straightforward case of an advertiser-supported newsletter, distributed by email, that carries ads for the products of several companies.  Following the FTC’s rule, the publisher will try to ensure its status as the newsletter’s sole "sender" by creating all of the newsletter’s editorial content, putting together the newsletter’s mailing list and placing the publisher’s address in the "from" line.  The publisher’s attempt might fail, however, if the advertisements contained in the newsletter count as "content" under the rule.  If (as seems likely) the advertisers or their ad agencies write the ads, then each advertiser might be regarded as "controlling" the portion of the message consisting of its advertisement and might be classified as a "sender" of the newsletter on that basis.  The FTC does not appear to anticipate this or other ambiguities that will remain if the proposed rule is adopted.  Companies that publish newsletters or engage in joint email marketing with other businesses should examine the proposed rule closely and file comments with the Commission that point out its possible pitfalls.

Transactional or Relationship Messages

The Act creates a category of messages, known as transactional or relationship messages ("TORMs"), that are not CEMMs and need not be labeled as commercial messages or accompanied by an opt‑out mechanism.  Unfortunately for email marketers, the TORM category is quite narrow ‑‑ much narrower, for example, than the category of existing business relationships defined in federal telemarketing law.  The Act gives the FTC the authority to expand the TORM category, but only to the extent "necessary to accommodate changes in electronic mail technology or practices and accomplish the purposes of [the Act]."

Although many parties have urged the Commission to exercise its authority to expand the TORM category the recent notice finds that none of the suggested changes is justified under the standard set out in the Act.  The Commission does, however, provide useful guidance as to its interpretation of the TORM provisions and asks for further comment on some TORM-related questions.  Notably, the Commission asks for comment on the extension of TORM status to messages sent by the agent of a sender, the status of an email sent to effectuate or complete a negotiation, the TORM status of messages from an association to a lapsed member, and the status of messages sent from a company’s employee to an individual recipient.

Definition of "Valid Physical Postal Address"

The Act requires senders of CEMMs to include a "valid physical postal address," which many interested parties have interpreted as precluding use of a post office box or private mailbox.  The recent notice, however, confirms that U.S. Postal Service boxes and mailboxes established pursuant to U.S.P.S. regulations are "valid physical addresses" under the Act.

"Forward-To-A-Friend" Scenarios

The notice includes an extensive discussion of mechanisms and programs by which persons forward commercial emails to others.  According to the Commission, the original initiator of a CEMM is responsible for assuring compliance with CAN-SPAM Act formalities, when its message is forwarded by a recipient to a third party, if the initiator gave the recipient something of value in exchange for forwarding the message or "affirmatively act[ed] or [made] an explicit statement that [was] designed to urge another to forward the message."  Under this interpretation, merely making available the means to forward a message, such as using a Web-based "click-here-to-forward" mechanism, does not obligate the initiator to collect or honor opt‑outs from parties to whom the message is forwarded or otherwise comply with CAN-SPAM Act obligations.

Modification of Time for Compliance With "Opt-Out" Requests

Under the current rules, senders must begin honoring an opt-out request within ten days of the time the request is made.  The FTC proposes that this time be reduced to three days.

Fees and Other Requirements for Opt-Outs

The Commission proposes that a sender may not require a recipient to pay a fee provide information other than his or her email address and opt-out preferences, or take any steps other than sending a reply email message or visiting a single Internet Web page to submit a valid opt-out request.  The Commission also asks whether there should be a limit on the duration of opt-out requests.

Additional Aggravated Violations

The CAN-SPAM Act gives the Commission the authority to expand the Act’s list of so-called aggravated violations, but the FTC declines to do so at this time.

Email Disclaimer

Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

©1996-2019 Morrison & Foerster LLP. All rights reserved.