Anti-Spam Compliance and Requirements
As an ESP, we are required to enforce spam laws, not just because it's a legal obligation, and not just because it's the right thing to do. Spam negatively impacts deliverability rates, and we want to make sure your emails reach their recipients. We have some very strict rules that must be adhered to in all countries, but you may find that your country has additional requirements.
Requirements for All MailChimp Campaigns
- You must also tell us where you got your list. Yep, and you have to be honest. Because if you're not, we'll know.
- You absolutely, positively MUST include our unsubscribe link on your campaigns.
- You must include your contact information inside every promotional email that you send, including a physical mailing address where you can receive mail or a PO Box. (Not a website or email address.)
- You may not falsify your contact information or subject line.
- Even if you are outside the US, our servers live in the US. We have to make sure all US standards are observed.
- We require that your emails comply with the U.S. CAN-SPAM Act. As a responsible email marketer, we know you don't want to get accidentally noted as a spammer. So it will help to read and understand the CAN-SPAM rules. If you break the rules, you could be liable for hundreds of dollars for each recipient that you sent non-compliant messages to.
- In addition to CAN-SPAM rules, you must also comply with the anti-spam laws of the countries your recipients live in. So if you're sending to UK residents and US residents, you'd want to check over the UK spam laws to make sure you're also UK compliant.
International Requirements By Country
These are either links to anti-spam legislation in countries outside the US or the name of the country's anti-spam law.
Is now termed Canada’s Anti-Spam Legislation (CASL) which amends the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act. It is very similar to CAN-SPAM but has some minor differences and covers all electronic messages not just email.
AustraliaSpam Act 2003, Act No. 129 of 2003 as amended.
Article 13 of DIRECTIVE 2002/58/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
The EU body that addresses spam is The Contact Network of Spam Enforcement Authorities (CNSA).
The Directive is implemented by each member state independently so you will want to check with your particular country law for more details.
Commission de la protection de la vie privée, Le spam en Belgique Etat des lieux en juillet 2003, July 4, 2003
Section 06 of the Regulation of Electronic Communications and Postal Services Law of 2004 (Law 12 (I) / 2004 deals with unsolicited communications (spam)
Act No. 480/2004 Coll., on Certain Information Society Services
Falls under the Commission Nationale de l'Informatique et des Libertés (CNIL) [National Data Processing and Liberties Commission], Electronic Mailing and Data Protection (Oct. 14, 1999) (French) CNIL Guidelines on email marketing.
Art. 202a, 263, 303a, 303b of the German Criminal Code Art. 6 of the German Law regarding Information Society Services Art. 28 Par. 4 of the German Data Protection Act
Italy's anti-spam laws are very strict. You can even be imprisoned for sending spam. If you're sending to Italian recipients, you'd want to follow these guidelines as well.
The Code transposed EC Directive 95/46 on the protection of personal data and EC Directive 2002/58 on privacy in electronic communications; it consolidated all Italian pre-existing laws and regulations in this sector.
DL 196/2003 Personal Data Protection Code • DL 675/1996 on privacy protection states, inter alia, that a company must have authorization from each user whose personal data (such as e-mail) they want to use. • DL 171/1998 (deriving from the European Community directive 97/66/CE) on telecommunications privacy protection: this put outlaws all automatic systems to call a user and says that all the expenses of an advertising must be paid by the company and not the user (faxes and e-mails are instead paid also by the user).
DL 185/1999 (deriving from the European Community directive 97/7/CE) on customer protection with respect to long-distance contracts: this obliges companies to seek the permission of the user for virtual or telephone sales.
Article 11.7 of the Dutch Telecommunications Act and Dutch Data Protection Act.
Swedish Marketing Act (Swedish Code of Statutes, SFS 1995:450).
Personal Data Act (Swedish Code of Statutes, SFS 1998:204), in so far as spam activities involve processing of personal data.