CAN-SPAM: Common Scenarios
Common Scenarios
Practical guidance for common email marketing situations under CAN-SPAM.
Scenario 1: Cold Email Outreach
Question: Can I send cold emails to prospects who haven’t opted in?
Answer: Yes, CAN-SPAM allows cold email (unlike GDPR). However, you must:
- Include accurate headers
- Have non-deceptive subject line
- Include physical postal address
- Provide clear opt-out mechanism
- Honor opt-outs within 10 business days
Confidence: High [§ 7704]
Scenario 2: B2B Email Marketing
Question: Does CAN-SPAM apply to B2B emails?
Answer: Yes, CAN-SPAM applies equally to B2B and B2C commercial emails. There is no B2B exemption.
Confidence: High [§ 7702(2)]
Scenario 3: Order Confirmation with Upsell
Question: Can I include marketing in transactional emails?
Answer: Yes, but be careful. If the primary purpose of the email is commercial (marketing exceeds transaction content), the entire email is treated as commercial and must comply with all CAN-SPAM requirements.
FTC guidance: Transactional content should appear first and be most prominent.
Confidence: Medium [FTC guidance]
Scenario 4: Newsletter with Paid Sponsor
Question: Is a newsletter with sponsored content “commercial”?
Answer: Likely yes. If you receive payment to include advertising, the email’s primary purpose may be considered commercial advertising. Include CAN-SPAM compliance elements.
Confidence: Medium [§ 7702(2)]
Scenario 5: Email via Third-Party Sender
Question: Who is liable if I hire an email marketing agency?
Answer: Both you AND the agency can be liable. The law covers both the “sender” (whose goods/services are advertised) and the “initiator” (who procures the sending). You cannot outsource your CAN-SPAM compliance.
Confidence: High [§ 7702(16), § 7704(a)]
Scenario 6: Purchased Email List
Question: Can I email a purchased list?
Answer: CAN-SPAM does not prohibit this, but:
- You must still comply with all CAN-SPAM requirements
- You are responsible for honoring any prior opt-outs
- List quality affects your deliverability and reputation
- Other laws (like TCPA for texts, or state laws) may apply
Confidence: High [§ 7704]
Scenario 7: Unsubscribe Link is Broken
Question: What if my unsubscribe link temporarily breaks?
Answer: Violation. The opt-out mechanism must be functional for at least 30 days after sending. System failures don’t excuse non-compliance. Use redundant systems.
Confidence: High [§ 7704(a)(3)]
Scenario 8: Re-engagement Campaign to Unsubscribed Users
Question: Can I email people who previously unsubscribed to ask them to re-subscribe?
Answer: No. Once someone opts out, you cannot send them commercial email. This includes “we miss you” or “are you sure?” messages.
Confidence: High [§ 7704(a)(3)(B)]
Quick Decision Matrix
| Situation | CAN-SPAM Applies? | Full Compliance Needed? |
|---|---|---|
| Marketing email | Yes | Yes |
| Cold outreach | Yes | Yes |
| B2B email | Yes | Yes |
| Order confirmation only | Header rules only | Partial |
| Shipping notification | Header rules only | Partial |
| Account security alert | Header rules only | Partial |
| Newsletter with sponsor | Yes | Yes |
| Email to opted-out user | Prohibited | N/A |