Focuses on data authenticity & lead generation.
Access millions of verified business & financial records.
The #1 data marketplace for high-intent leads data.
What Is CAN-SPAM Compliance?
TL;DR
CAN-SPAM is the US federal law governing commercial email — it requires accurate sender information, a clear way to opt out, and prompt honoring of opt-outs, without requiring prior opt-in consent the way some other regimes do. This page is general information, not legal advice.
What CAN-SPAM requires
Accurate "From," "To," and routing information with no misleading header data; subject lines that do not deceive about the message content; clear identification that a message is an advertisement where applicable; a valid physical postal address; a working, easy opt-out mechanism; and honoring opt-out requests within 10 business days.
What CAN-SPAM does not require
Unlike GDPR, CAN-SPAM does not require prior opt-in consent before the first email — commercial email to a new contact is generally permitted under CAN-SPAM as long as the required disclosures and opt-out mechanism are present. Businesses operating in the EU or emailing EU residents need to separately consider GDPR, which does require consent in many cases.
Penalties and enforcement
CAN-SPAM violations can carry per-email penalties, enforced by the FTC, and repeated or willful violations increase exposure. This page is general information, not legal advice, and businesses should consult qualified counsel for compliance decisions specific to their situation.