CAN-SPAM: Opt-Out Requirements
Opt-Out Requirements [15 U.S.C. § 7704(a)(3)]
Rule: Every commercial email must include a clear opt-out mechanism, and you must honor opt-out requests within 10 business days.
Core Requirements
-
Provide opt-out mechanism [§ 7704(a)(3)(A)]
- Must be clear and conspicuous
- Must be functional for at least 30 days after sending
- Can be email-based (reply to unsubscribe) OR web-based (unsubscribe link)
-
Honor requests within 10 business days [§ 7704(a)(3)(A)]
- Cannot require more than a single action (e.g., reply or click)
- Cannot charge a fee
- Cannot require personal information beyond email address
-
No further emails after opt-out [§ 7704(a)(3)(B)]
- Sender may not send OR assist others in sending commercial emails to that address
- Opt-out applies only to the sender, not to other companies
Prohibited Practices
| Prohibited | Why |
|---|---|
| Charging fee to unsubscribe | § 7704(a)(4)(A)(i) |
| Requiring info beyond email | § 7704(a)(4)(A)(ii) |
| Multiple steps to unsubscribe | § 7704(a)(4)(A)(iii) |
| Selling opt-out list | § 7704(a)(4)(B) |
| Transferring email after opt-out | § 7704(a)(4)(B) |
Source Text
(3) Inclusion of return address or comparable mechanism in commercial electronic mail
(A) IN GENERAL.—It is unlawful for any person to initiate the transmission of any commercial electronic mail message to a protected computer unless the message provides—
(i) a clear and conspicuous identification that the message is an advertisement or solicitation;
(ii) clear and conspicuous notice of the opportunity under paragraph (3) to decline to receive further commercial electronic mail messages from the sender; and
(iii) a valid physical postal address of the sender.
Practical Guidance
- 10 business days = calendar days excluding weekends and federal holidays
- Best practice: honor opt-outs within 24-48 hours
- Must work even if recipient previously opened or clicked
- Suppression list must be maintained indefinitely