Penn State Privacy Office

home | can-spam

CAN-SPAM

The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act) went into effect January 1, 2004. This law establishes requirements for those who send unsolicited commercial email, spells out penalties for spammers, and gives consumers the right to ask emailers to stop spamming them. CAN-SPAM covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site.

A "transactional or relationship message" – email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship–is exempt from most provisions of the CAN-SPAM Act. However, messages that contain both transactional and commercial content, must be “substantially” transactional to not be considered “commercial.”

CAN-SPAM includes the following:

Non-solicited commercial email may not contain false or misleading header information. An email’s "From," "To," and routing information – including the originating domain name and email address – must be accurate and identify the person who initiated the email.

Non-solicited commercial email must not have deceptive subject lines. The subject line cannot mislead the recipient about the contents or subject matter of the message.

Non-solicited commercial email must provide recipients an opt-out method. You must provide a return email address or another Internet-based response mechanism that allows a recipient to ask you not to send future email messages to that email address, and you must honor the requests. Opt-out methods must be available for 30 days and must be processed within 10 business days.

Non-solicited commercial email be identified as an advertisement.

Non-solicited commercial email must include a valid physical postal address.

If we send unsolicited commercial email, the rules of CAN-SPAM must be followed, in summary:

Do not use false or misleading header information.

Do not use deceptive subject lines.

Do include an opt-out method and maintain the opt-out list forever.

Do identify the email as an advertisement and include the sender's valid physical postal address

The Privacy Office is developing a Penn State policy to address CAN-SPAM and has been working with individual departments to help ensure compliance. There is much confusion over what is true “SPAM” and what isn’t. Contact the Privacy Office if you have question regarding “SPAM.”

More CAN-SPAM information is available on the FTC web ste: http://www.ftc.gov/bcp/conline/edcams/spam/business.htm


	home \| can-spam CAN-SPAM The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act) went into effect January 1, 2004. This law establishes requirements for those who send unsolicited commercial email, spells out penalties for spammers, and gives consumers the right to ask emailers to stop spamming them. CAN-SPAM covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site. A "transactional or relationship message" – email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship–is exempt from most provisions of the CAN-SPAM Act. However, messages that contain both transactional and commercial content, must be “substantially” transactional to not be considered “commercial.” CAN-SPAM includes the following: Non-solicited commercial email may not contain false or misleading header information. An email’s "From," "To," and routing information – including the originating domain name and email address – must be accurate and identify the person who initiated the email. Non-solicited commercial email must not have deceptive subject lines. The subject line cannot mislead the recipient about the contents or subject matter of the message. Non-solicited commercial email must provide recipients an opt-out method. You must provide a return email address or another Internet-based response mechanism that allows a recipient to ask you not to send future email messages to that email address, and you must honor the requests. Opt-out methods must be available for 30 days and must be processed within 10 business days. Non-solicited commercial email be identified as an advertisement. Non-solicited commercial email must include a valid physical postal address. If we send unsolicited commercial email, the rules of CAN-SPAM must be followed, in summary: Do not use false or misleading header information. Do not use deceptive subject lines. Do include an opt-out method and maintain the opt-out list forever. Do identify the email as an advertisement and include the sender's valid physical postal address The Privacy Office is developing a Penn State policy to address CAN-SPAM and has been working with individual departments to help ensure compliance. There is much confusion over what is true “SPAM” and what isn’t. Contact the Privacy Office if you have question regarding “SPAM.” More CAN-SPAM information is available on the FTC web ste: http://www.ftc.gov/bcp/conline/edcams/spam/business.htm