As a lawyer, one of my favorite party tricks is to correct people who misquote the law. I don’t get invited to many parties. In casual conversation around our busiest SendGrid office, I often hear misstatements of the law, particularly the relevant CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing enacted in 2003) and I’ll start the awkward conversation with “Well, actually…”

I suspect the reason our employees misquote the CAN-SPAM Act at SendGrid is because the law is too lenient (sometimes referred to as the YOU CAN-SPAM law). SendGrid, and our customers’ success, however, depends on not following the lowest common denominator.

For entertainment’s sake only, I’d like to spell out five myths and facts about CAN-SPAM, but most importantly, show how the spirit of the law should prevail with our best practices suggestions. If you read our blog often or are one of our great customers, you already know our stellar Abuse and Delivery teams constantly opine on the most productive email practices. They help us be the best email provider we can be.

Myth #1: CAN-SPAM applies to all types of email you send.

Fact: No, it actually doesn’t. Certain types of mail are exempt, as the law only applies to “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.” A couple examples of email that fall outside of this parameter would be password resets or order confirmations, i.e. transactional email.

In fact, Gmail uses the presence of an unsubscribe link to classify messages as promotional (and thus put them into their “promotions” tab, not the primary inbox). That sometimes causes true transactional mail to get misclassified, reducing engagement and effectiveness.

Best Practice: In the end, your recipients want to receive transactional emails. To be safe, don’t blur the line. If you want to send marketing email, at the very least evaluate CAN-SPAM and then ensure you get their explicit opt-in permission.

Myth #2: Each SPAM email you send has a penalty of $16,000/email.

Fact: Kind of true, but the actual text is “up to $16,000.” Some of the biggest cases and damages against bad senders out there have totaled into the millions, but some quick math would suggest that even at $2.9 million in damages (see the ValueClick case where they settled with the Federal Trade Commission), that would have only been about 175 emails sent. I doubt it.

Best Practice: Since it still could be up to $16,000/email, do you really want to press your luck? Maybe you could be the poster child that the FTC shows the world that they are serious and imposes maximum penalties for the first time. I think you’d rather not.

Myth #3: That irritated recipient that gets your unwanted mail screams “I’m going to sue you for sending me SPAM!!!” Better lawyer up.

Fact: At least currently, CAN-SPAM does not have a private right of action. Huh? He can’t sue you under CAN-SPAM, only the Federal Trade Commission, certain other Federal agencies, and state attorneys general have standing to bring suits under Section 7 of the Act. See 15 U.S.C. § 7706 if you have insomnia.

Best Practice: Who cares if they can’t sue you? Somebody can. Somebody a lot more powerful than that recipient. They don’t play nice to bad senders. Do you really want to risk it when they didn’t want your email anyway?

Myth #4: You must include an unsubscribe hyperlink in every email you send.

Fact: Actually no, you only need to be clear on how to opt out of receiving commercial emails from you and make sure opt-outs are timely honored.

Best Practice: Include an awesome unsubscribe link that works immediately and stops mail flow to that person. It’s not that hard. If they don’t want your commercial emails, don’t send any more of it.

Myth #5: You can’t send an email to a list of email addresses that you purchased.

Fact: Sure you can. But, you only get one shot, so make it count (and just make sure the receiver on that list hasn’t previously opted out!).

Best Practice: Two problems with purchased lists. 1- Your purchased recipient may have already opted out. 2- You literally have no idea how those emails were collected and what is the chance that they really want to hear from you? Also, SendGrid will kick you off of our system. Purchased lists are a terrible idea. You can hurt your email reputation in a hurry.

Regardless of the lenient law, just ignore all the facts above, and look at the best practices. SendGrid is growing because we enforce these types of practices on our users, we don’t just look at how we can just get by with following the law. Do the same with your sending practices, and your email reputation will continue to thrive.



Michael Tognetti

Michael Tognetti is SendGrid’s General Counsel and Senior Vice President. He has a degree in Electrical Engineering from Notre Dame and a law degree from Harvard Law School. Michael has always worked for high technology companies, starting with his clients at law firms Cooley Godward and Holme Roberts and Owen, to working as in house counsel at Vericept and Decisioneering, the original makers of Crystal Ball software. After Decisioneering was acquired by Hyperion, who was subsequently acquired by Oracle, Michael spent time working with the Crystal Ball global business unit created within Oracle. A Montana native, he enjoys golf, and anything less than 50 rounds a year is failure.