It’s easy to get a little complacent about CAN-SPAM.  After all, there aren’t hundreds of lawsuits like there are about robocalls and texting since, unlike the TCPA, there’s no private right of action under CAN- SPAM (except for ISPs). CAN-SPAM has been around for almost 20 years now, and mostly marketers have it down: if you’re emailing marketing messages, you scrub your recipient list against your do-not-email list (those who previously opted out) and you include an opt-out notice and mechanism; and if you’re sending transactional messages, you make sure you’re leading with, and including, primarily transactional content.  Since there haven’t been many enforcement actions specifically about CAN- SPAM violations (though sometimes a CAN-SPAM charge is thrown into the mix), we marketing lawyers don’t usually lose a lot of sleep over CAN SPAM so long as our clients are reasonably compliant.

Well, the FTC’s just-announced proposed settlement with Experian is a great big wake-up call. Yes, the FTC does still care about CAN-SPAM and, yes, companies pushing the envelope with their “transactional” messages may get themselves in trouble, especially if customers are complaining about them.  In this action, what we learn from the complaint is that Experian allegedly sent customers who created a Free Membership account commercial email “masquerading as messages that provide account updates,” and then violated CAN-SPAM by failing to provide in those messages (1) clear and conspicuous notice of consumers’ ability to request to opt out of receiving further marketing messages and (2) a mechanism for them to do so.  

Experian’s marketing emails were allegedly sent even to consumers who had specifically opted out of receiving marketing emails. And numerous consumers complained about these emails.  The proposed order requires Experian to pay $650,000 and prohibits it from sending marketing emails that don’t include an opt out mechanism.

As a refresher, remember that that the types of emails considered "transactional" are only those that:

- Facilitate, complete, or confirm a commercial transaction previously agreed to by the recipient;

- Provide warranty, product recall, safety, or security information for a product or service purchased by the recipient;

- Provide certain information regarding a membership, subscription, account, loan, or similar ongoing relationship between the recipient and sender (e.g., notification of a change in the terms or features of a membership or subscription, periodic account balance information);

- Provide information about an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or

- Deliver goods or services (such as product upgrades or updates) as part of a transaction to which the recipient previously agreed.

While it is possible to include some marketing content into a transactional message and maintain the transactional status of that message, marketers do need to exercise care: the subject line should be transactional; the transactional content should lead and should predominate (substantively and visually) and, of course, the transactional content must be real. In short, the “primary purpose” of the email must be transactional. 

Just because you’re writing to an existing customer doesn’t mean that you’re sending them a transactional email. The substance of the message itself must be transactional and fit into one of the categories described above.  And even if the content does fit into one of the categories, it’s important not to get cute: does someone really need 8 messages about an existing order? Maybe they do, like if it’s shipping late, or it’s backordered, or there’s some other issue.  Or, maybe it’s just a pretext to send the customer marketing messages about other products.  If it’s the latter, then just calling it “transactional” will not save it from a charge of spamming.  

CAN-SPAM: it still matters. Marketers, take note.