The CAN-SPAM act was designed to curb offensive, misleading and costly bulk e-mail. However, the legislation will likely create big problems for well-meaning companies whose business model includes wide distribution of e-mail.
Staying on the right side of the CAN-SPAM Act requires the implementation of data management techniques that collect and maintain opt-out lists. The act will also require IT staffs to be vigilant in their compliance efforts and alert to further CAN-SPAM developments.
CAN-SPAM, formally known as Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, took effect Jan. 1. The CAN-SPAM Act permits damages of up to $2 million against companies that violate the provisions of the law. A federal district court can triple damages, to $6 million, if it determines that a violation is willful or meets other conditions. (Click here for the complete text of the law.)
eWEEK Labs researched the law to determine its implications for IT departments. We interviewed anti-spam experts, technology lawyers and service providers—including the newly formed CAN-SPAM Compliance Co. LLC.—to develop recommendations for what IT managers should do to make sure that their e-mail meets the laws requirements.
Bear in mind, however, that we are technology analysts, not lawyers; our interpretations of the law are not offered as legal advice.