States – Federal
1 January 2004, the Can-Spam
Act, which stands for “Controlling the Assault of Non-Solicited
Pornography and Marketing Act” came into effect in the United States. This
law puts specific requirements on senders of commercial e-mail and places
enforcement in the hands of the Federal
Trade Commission and State Attorney's
While many U.S. states have also passed laws addressing spam, they are
pre-empted by CAN-SPAM except to the extent to which they address falsity or
deception in commercial email messages. CANSPAM applies to commercial electronic
messages, but not to messages relating to transactions and existing business
relationships. It requires all commercial electronic messages to include an
indication that the message is a solicitation, opt-out instructions and the
physical address of the sender. False or misleading information in commercial
email is forbidden, including in headers, subject lines and the message text.
ISPs are exempt from liability under the CAN-SPAM Act.
Further, the Act provides a private right of action for ISPs. Violators of the
Act can be fined up to US 250 per violation, to a cap of US 2 million, for
non-wilful noncompliance; and up to US 6 million for intentional violations,
plus unlimited punitive damages for fraud and abuse. In the most severe cases,
prison sentences of up to five years are available as penalties.