A new Jupiter Research report, "Complying with Can-Spam: Optimizing E-mail Practices to Mitigate Risks," found that one-third of marketing emails tracked were not compliant with Can-Spam regulations. In fact, one-quarter of marketers studied were considered at high risk because they did not remove opt-out email addresses on a frequent basis.
"These numbers don't surprise me at all," says Elaine O'Gorman, vice president of strategy at Silverpop, an email marketing firm. "Email is such an immature medium that there's not a lot of sophisticated knowledge out there."
The Can-Spam Act of 2003 went into effect in January of this year. The rules state that emails sent from businesses to consumers must include a legitimate physical address, and must enable recipients to unsubscribe from future company mailings. Also, advertisers must process unsubscribe or opt-out requests within ten business days.
To gauge the state of compliance with the new guidelines, Jupiter Research created dummy email accounts to track commercial email messages sent by 55 well-recognized corporate advertisers in the financial services, media, retail, and travel sectors. According to the study, which was conducted in January and February, 96 percent of the commercial email messages tracked did have working opt-out mechanisms. Although marketers didn't fail the test, they didn't exactly make the honor roll either. Of the 73 percent that included a postal address in the messages, 64 percent used a postal street address, and the remainder just used a post office box address.
"The law is very vague," explains Loren McDonald, vice president of marketing at EmailLabs, an email marketing software and application software provider technology firm. While he admits that including a street address is preferable to a P.O. box, McDonald emphasizes: "There are legitimate reasons for some people not wanting to use a mailing address." He alludes to a small business client who worked from his home: "He didn't want people to see 24 Elm Street; he wants to appear as a larger business." Of course, personal privacy and security are also factors in cases such as these.
Some marketers also continue to contact consumers after they've sent opt-out requests. Nearly one-quarter of those tracked by Jupiter Research sent email marketing offers to unsubscribers, and 16 percent sent email marketing messages after the ten-day grace period was up. Seven percent of opt-out systems failed to work within 30 days of tracking.
"We found that marketers that had greater compliance were working with an outsourced vendor," notes David Daniels, research director at Jupiter Research. Those that weren't as up to speed, he adds, most likely were using "on-premises applications."
EmailLabs' McDonald also blames lack of compliance on in-house system inadequacies. "Companies are still using homegrown, in-house systems that don't automatically remove unsubscribes," he contends, adding that more robust systems "move unsubscribes from an active account to an inactive account in real time."
Yet, just 9 percent of systems studied by Jupiter Research automatically suppressed opt-out addresses. Twenty-eight percent scrubbed the lists before each mailing, and 15 percent did so each month.
Jupiter Research's Daniels suggests that some systems may not be set up to remove addresses from marketing lists while keeping them on lists for urgent alerts relaying fraud-related information or other non-marketing communications. "Those things are still fine to do under the law as long as you have a relationship with that customer," assures Daniels. "It's important that suppression is routine and automatic, but it should also be flexible."
This shouldn't be a problem, says McDonald, "if you're managing your email program correctly."
Regardless of the state of Can-Spam compliance, Silverpop's O'Gorman argues that the law has unintended consequences that also need to be dealt with. For example, although not necessarily intended by lawmakers, one-to-one sales emails do technically fall within the parameters of regulated commercial marketing messages, and therefore should enable opt-out and suppression functionality.
Tracking down the real spam culprits "will be a long row to hoe," forecasts O'Gorman. "In reality," she states plainly, "the Can-Spam act is all about opt-out and not about opt-in."