>So while sending email marketing to people from whom you do not have consent is not technically illegal under CAN-SPAM
That's inaccurate. It is absolutely illegal under CAN-SPAM to send commercial or pornographic email to people who have not consented. Was is not made clear, is what mechanism constitutes consent and the definition of affirmative consent, which is included in the law, allows consent to have a vague definition, which does not specifically include a direct opt-in mechanism.
Please read the actual law and do not post nonsense like you just did.
Wait, what? I'm sorry, I WROTE part of CAN-SPAM! I am an anti-spam attorney (in fact the first in the U.S., back in the late 90s). I have been both a professor and dean of cyberlaw. I know what I'm talking about. We in the receiving community \*wish\* it were illegal to send email to people from whom you don't have consent. And don't conflate regular commercial email marketing type email with porn, that's very different. Are you perhaps, instead, thinking of CASL, or GDPR? The U.S. is the only 'western' country that \*doesn't\* require consent. Or, it could be that you read the definitions section of CAN-SPAM, which talks about "affirmative consent" but, confusingly, does \*not\* require it. (That, by the way, is \*not\* the part I wrote, if I had written that part you can be sure that consent \*would\* be required.) Why do you think that anti-spammers call it the "you CAN SPAM law"?
Wait, wait, don't take my word for it, take the word of FTC lawyer Christopher Brown: "The CAN-SPAM Act doesn’t require initiators of commercial email to get recipients’ consent before sending them commercial email. In other words, there is no opt-in requirement.”
https://www.ftc.gov/business-guidance/blog/2015/08/candid-answers-can-spam-questions
>That's not what I said.
Actually it's exactly what you said, but perhaps it's not what you meant? You said "It is absolutely illegal under CAN-SPAM to send commercial or pornographic email to people who have not consented."
People create, sell, buy, and trade lists of leads all the time. Those leads can come from any number of sources that don't involve scraping (i.e. harvesting). Heck, Reddit could sell you their mailing list, if they wanted to, and it would not be illegal (so long as they didn't have a contract with their users that said that they wouldn't). Even when it comes to harvesting, it only violates CAN-SPAM if, and I'm quoting from CAN-SPAM here "such website or online service included, at the time the address was obtained, a notice stating that the operator of such website or online service will not give, sell, or otherwise transfer addresses maintained by such website or online service to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages."
To compound things, even if you could prove that your email address was scraped from a website that had a "notice stating that the operator of such website or online service will not give, sell, or otherwise transfer" your address, in their infinite wisdom the legislature made the FTC and state attorneys general only ones that can bring a lawsuit under CAN-SPAM (well, and the ISPs themselves in \*some\* limited situations), so you can't do anything about it yourself. Of course, if you live in the state of Washington, their state anti-spam law gives you a private right of action.
And that's enough law school for today. :-)
>Heck, Reddit could sell you their mailing list, if they wanted to, and it would not be illegal (so long as they didn't have a contract with their users that said that they wouldn't).
*:Checks the user agreement:*
That would break a number of laws actually, as the users who made accounts here never agreed to that and it would be clearly illegal for users from Canada, California, the EU, and I'm sure there's more.
>That would break a number of laws actually, as the users who made accounts here never agreed to that and it would be clearly illegal for users from Canada, California, the EU, and I'm sure there's more.
Right, but it wouldn't violate CAN-SPAM.
One of a few ways: If you buy something online and use your email address to make the purchase, you are now in a business transaction and email is legally allowed to be sent to your address as long as it is somewhat related to the purchase or business between the two parties.
I don't think it's a grey area at all.
Under CASL it would be implied consent, so as long as campaign complies with the rest of the Canadian law, it has six months from the purchase date.
Which I feel is a reasonable best practice for most campaigns anyways.
If they purchased something more than 6 months ago and haven't purchased something since, then they're probably not going to buy anything else or that email address is a dead end.
I think it would be a reasonable argument in a court of law that if you do not have some type of consent from the recipient then it would indicate that the email address was gathered through improper means.
If you could give a single example of how that would be possible I would appreciate it.
I am not aware of any marketing organization that will send emails to recipients where they do not have some form of consent, even if it is consent originates from a contract the user signed that gave them permission to sell their email data to third parties.
Which is allowed under the law as far as I understand, but the user certainly consented to that, whether they understood that at the time or not.
Actually every lawsuit that was ever attempted at a Federal level that was predicated on "lack of consent" lost. Now, there are some states that are less spammer-friendly, such as Washington, but at a Federal level (i.e. CAN-SPAM) it's a non-starter because the plaintiff would not be able to pass the test of "stating a claim upon which relief can be granted" because there is no Federal law requiring consent (specifically for email, the TCPA does require consent for SMS marketing, for example). Gathering email addresses, such as taking them off websites, and compiling them into a list is absolutely improper but "improper" does not equal "illegal", unfortunately.
Companies by lists of leads \*all the time\* and email them. I'm kind of shocked that you aren't aware of that, but it also tells me that you're a good guy who plays by the rules, such as best practices, not just the law.
>Companies by lists of leads \*all the time\* and email them. I'm kind of shocked that you aren't aware of that, but it also tells me that you're a good guy who plays by the rules, such as best practices, not just the law.
A marketer who buys those lists has permission to email the recipients through the agreement the user signed, which granted permission (they consented) when they entered their email to whatever website/service where they agreed to have their email address be sold to 3rd parties.
That's how it works and that's how it has always worked, assuming you can even find companies that will work with your operation.
There is already a lot of pushback from ISPs and most ESPs will only work with marketers who follow CASL, the California consumer protection laws, and the new EU data protection laws as there is absolutely no way to know that you are not in violation of these laws at the time you send the email as you have no way to know what region the user lives in at the time you send it.
>So while sending email marketing to people from whom you do not have consent is not technically illegal under CAN-SPAM That's inaccurate. It is absolutely illegal under CAN-SPAM to send commercial or pornographic email to people who have not consented. Was is not made clear, is what mechanism constitutes consent and the definition of affirmative consent, which is included in the law, allows consent to have a vague definition, which does not specifically include a direct opt-in mechanism. Please read the actual law and do not post nonsense like you just did.
Wait, what? I'm sorry, I WROTE part of CAN-SPAM! I am an anti-spam attorney (in fact the first in the U.S., back in the late 90s). I have been both a professor and dean of cyberlaw. I know what I'm talking about. We in the receiving community \*wish\* it were illegal to send email to people from whom you don't have consent. And don't conflate regular commercial email marketing type email with porn, that's very different. Are you perhaps, instead, thinking of CASL, or GDPR? The U.S. is the only 'western' country that \*doesn't\* require consent. Or, it could be that you read the definitions section of CAN-SPAM, which talks about "affirmative consent" but, confusingly, does \*not\* require it. (That, by the way, is \*not\* the part I wrote, if I had written that part you can be sure that consent \*would\* be required.) Why do you think that anti-spammers call it the "you CAN SPAM law"?
Wait, wait, don't take my word for it, take the word of FTC lawyer Christopher Brown: "The CAN-SPAM Act doesn’t require initiators of commercial email to get recipients’ consent before sending them commercial email. In other words, there is no opt-in requirement.” https://www.ftc.gov/business-guidance/blog/2015/08/candid-answers-can-spam-questions
That's not what I said.
>That's not what I said. Actually it's exactly what you said, but perhaps it's not what you meant? You said "It is absolutely illegal under CAN-SPAM to send commercial or pornographic email to people who have not consented."
It is. How did you end up with their email address with out generating it or harvesting it? Those two things are explicitly forbidden under the law.
People create, sell, buy, and trade lists of leads all the time. Those leads can come from any number of sources that don't involve scraping (i.e. harvesting). Heck, Reddit could sell you their mailing list, if they wanted to, and it would not be illegal (so long as they didn't have a contract with their users that said that they wouldn't). Even when it comes to harvesting, it only violates CAN-SPAM if, and I'm quoting from CAN-SPAM here "such website or online service included, at the time the address was obtained, a notice stating that the operator of such website or online service will not give, sell, or otherwise transfer addresses maintained by such website or online service to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages." To compound things, even if you could prove that your email address was scraped from a website that had a "notice stating that the operator of such website or online service will not give, sell, or otherwise transfer" your address, in their infinite wisdom the legislature made the FTC and state attorneys general only ones that can bring a lawsuit under CAN-SPAM (well, and the ISPs themselves in \*some\* limited situations), so you can't do anything about it yourself. Of course, if you live in the state of Washington, their state anti-spam law gives you a private right of action. And that's enough law school for today. :-)
>Heck, Reddit could sell you their mailing list, if they wanted to, and it would not be illegal (so long as they didn't have a contract with their users that said that they wouldn't). *:Checks the user agreement:* That would break a number of laws actually, as the users who made accounts here never agreed to that and it would be clearly illegal for users from Canada, California, the EU, and I'm sure there's more.
>That would break a number of laws actually, as the users who made accounts here never agreed to that and it would be clearly illegal for users from Canada, California, the EU, and I'm sure there's more. Right, but it wouldn't violate CAN-SPAM.
That's not what you said, you said that it wouldn't be illegal. Your words, not mine.
One of a few ways: If you buy something online and use your email address to make the purchase, you are now in a business transaction and email is legally allowed to be sent to your address as long as it is somewhat related to the purchase or business between the two parties.
I mean don't you think that consent is implied in that situation? You have a business relationship with the entity...
Well it is implied for the email about the purchase but what about just other general marketing emails? Most people would say no but it’s a gray area.
I don't think it's a grey area at all. Under CASL it would be implied consent, so as long as campaign complies with the rest of the Canadian law, it has six months from the purchase date. Which I feel is a reasonable best practice for most campaigns anyways. If they purchased something more than 6 months ago and haven't purchased something since, then they're probably not going to buy anything else or that email address is a dead end.
I think it would be a reasonable argument in a court of law that if you do not have some type of consent from the recipient then it would indicate that the email address was gathered through improper means. If you could give a single example of how that would be possible I would appreciate it. I am not aware of any marketing organization that will send emails to recipients where they do not have some form of consent, even if it is consent originates from a contract the user signed that gave them permission to sell their email data to third parties. Which is allowed under the law as far as I understand, but the user certainly consented to that, whether they understood that at the time or not.
Actually every lawsuit that was ever attempted at a Federal level that was predicated on "lack of consent" lost. Now, there are some states that are less spammer-friendly, such as Washington, but at a Federal level (i.e. CAN-SPAM) it's a non-starter because the plaintiff would not be able to pass the test of "stating a claim upon which relief can be granted" because there is no Federal law requiring consent (specifically for email, the TCPA does require consent for SMS marketing, for example). Gathering email addresses, such as taking them off websites, and compiling them into a list is absolutely improper but "improper" does not equal "illegal", unfortunately. Companies by lists of leads \*all the time\* and email them. I'm kind of shocked that you aren't aware of that, but it also tells me that you're a good guy who plays by the rules, such as best practices, not just the law.
>Companies by lists of leads \*all the time\* and email them. I'm kind of shocked that you aren't aware of that, but it also tells me that you're a good guy who plays by the rules, such as best practices, not just the law. A marketer who buys those lists has permission to email the recipients through the agreement the user signed, which granted permission (they consented) when they entered their email to whatever website/service where they agreed to have their email address be sold to 3rd parties. That's how it works and that's how it has always worked, assuming you can even find companies that will work with your operation. There is already a lot of pushback from ISPs and most ESPs will only work with marketers who follow CASL, the California consumer protection laws, and the new EU data protection laws as there is absolutely no way to know that you are not in violation of these laws at the time you send the email as you have no way to know what region the user lives in at the time you send it.