CAN-SPAM and GPDR Guidance

This document provides handy links on mass email laws.

Knowing the rules when it comes to sending mass emails can be confusing. The two laws you may have heard the most about are CAN-SPAM and GDPR.

The CAN-SPAM Act, also known as the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, applies to any commercial or promotional messages. They apply to messages whether they are bulk emails or not, and whether they are to consumers or B2B (business-to-business). Here are some FTC guidelines to use when creating emails, segments and campaigns:

GDPR, which stands for the General Data Protection Regulation, is an EU privacy and security law, but it applies to any organization anywhere, as long as it targets or collects data related to people in the EU. GDPR gives data subjects rights, such as the right to access, erase, or port data about themselves. GDRP.eu has many resources, including:

  • What is GDPR? outlines the history, scope and details surrounding GDPR. This is a great place to start exploring GDPR.
  • GDPR FAQs may answer some of your questions regarding the law.
  • GDPR text of the law is also available.

There are many additional helpful articles, guides and checklists available online, but the links above are directly from the governments enforcing the laws, so it is advisable to start with these.