The legal side of anti-spam law is your responsibility. Claiming willful ignorance is a gamble that will not pay off. So, what do you need to keep in mind to avoid falling foul of the law? Without further ado, let’s jump into the most frequent topics we get asked about when it comes to the unsubscription process.
Disclaimer: Although this article is designed as a guide to help make sure your email marketing activities comply with the law, you should check with current legislation, as laws change every day.
1. Is it mandatory to provide the possibility to unsubscribe to my commercial messages?
Yes, as a sender, you are obligated to give the recipients the possibility to opt out from your mailing lists at no cost, easily, and in every advertising email.
This is not only common for countries that have already adopted anti-spam laws, but also for countries that are still waiting for one (e.g., Russia or Brazil). If the unsubscription process is not handled appropriately, citizens of countries with no anti-spam laws can rely on laws addressing privacy policies and personal data protection.
2. Which unsubscription mechanism should I implement?
There are plenty of ways to let your users unsubscribe. No matter which one you go with, make sure that you don’t put any unnecessary obstacles in the way.
The easiest and most user-friendly way is to add an unsubscribe link to each email you send. This link is usually at the end of the email in its footer. You should make sure that, after clicking the unsubscribe link, the user is taken to a page confirming they have been successfully unsubscribed.
If unsubscribe links are not a viable option for you, you can provide other ways to unsubscribe. Your email then needs to instruct users on how to proceed. Typical scenarios could be:
- The subscriber is asked to reply to the same commercial email they got and request to opt out
- The subscriber is asked to send such a request to a provided email address
Here is an example of an email footer providing users with detailed instructions on what to do in order to unsubscribe and another example of what means of communication not to use.
What may surprise you is that in plenty of countries, you need to make sure that such automatic unsubscribe mechanisms need to be functional for at least 30 days after the email is delivered. Even though broken links and non-functional unsubscribe mechanisms are quite common, they can result in penalties.
The last thing you should keep in mind is that unsubscription requests coming via other channels or in a non-standard way need to be processed as well, even though you will have to do that manually—it can be through phone calls or messages sent to an email address other than the one provided in the footer of your emails.
3. After clicking the unsubscribe link, can I direct people to a preference center? What information can I ask for before they are unsubscribed?
Preference pages are in compliance with the law unless they require information other than an email address or opt-out preferences in order for the user to unsubscribe.
In fact, directing users to a preference center after they have clicked the unsubscribe button in the email can be very useful and can help you learn more about why users are unsubscribing.
The following examples can help you understand why a preference center can be so beneficial for your business and marketing team.
- A preference center will help you understand WHY your subscribers decided to opt out
- A preference center can be useful if you have plenty of products/services and you want the users to specify which mailing lists they want to opt out from. This way, you are letting the users decide what they want to hear about.
- A preference center will allow you to change the user’s opinion by offering them a different frequency for sending them commercial emails.
Giving users the possibility to change the frequency can help you increase the open and click rate of your emails because they decided to keep receiving your emails and how often.
4. What about the double opt-out confirmation process? Is it something that is allowed?
What all anti-spam laws have in common is the requirement for the unsubscription workflow to be as easy as possible without any unnecessary barriers along the way. Keeping this in mind, you are fine to design an unsubscription process that suits your business best.
There are two ways to look at the double opt-out:
- The user clicks the unsubscribe link in your email and is redirected to a page where they need to confirm their wish to opt-out. This is a type of unsubscription process that we are all used to, and it doesn’t hurt, since it only makes sure that the user did not hit the unsubscribe button in the email accidentally.
- Now, let’s look at another way to understand the double opt-out. After clicking the unsubscribe link, the user receives an email with a link that needs to be clicked for the user to be unsubscribed. Enabling this type of double opt-out will add an additional and painful step for the user.
If you decide to go for the second type of double opt-out, just ask yourself: “Am I really doing this because I want to protect users from accidentally opting out or is it because I hope people will not see the confirmation email in their inbox and stay subscribed?”
Even though no law currently prohibits you from implementing such a double opt-out process, it can get you into big trouble and harm your sender reputation. People may start reporting you as a spammer as they may think they have unsubscribed but keep receiving your messages.
5. Can I ask users to log in to unsubscribe?
Plenty of you know what I am talking about. You click the unsubscribe button in the email and expect to be unsubscribed. Instead, you are redirected to a page requiring you to log in… and what if you have forgotten your password? Arrrgh… So many steps for just one request!
Well, on one side, I get that. Marketers who have implemented this type of unsubscribe process want to make sure that the person who is attempting to unsubscribe is really the person receiving the commercial messages.
Now, requiring users to log in to unsubscribe is very controversial because nobody is really sure whether it complies with the law or not.
Let’s see what the American CAN-SPAM act has to say about this: “…subscribers cannot be required to provide information other than their email address and opt-out preferences, or take any steps other than sending a reply email message or visiting a single Internet web page to opt out of receiving future email from a sender.” It seems to me that, under the US CAN-SPAM act, it is not permitted to require a login to opt out.
On the other hand, there are still plenty of companies that claim there is nothing wrong with this, that they are only trying to protect their users. One of the most criticized companies that requires login details as a part of their unsubscription workflow is LinkedIn. Once you click the unsubscribe button under their email, they take you to a page that allows you to unsubscribe from the mailing list that the particular email came from.
But if you want to unsubscribe from all mailing lists (and you click on Manage other email preferences), you need to log in first.
Whether this approach is allowed or not, keep in mind that your task is to make it as easy as possible to opt out as it was to opt in.
6. Do I need to grant an unsubscription request immediately?
You can look at this question from two different angles—the first one would be from what the law requires you to do and the other one from what is best for the user.
Now, as for international laws, they slightly differ from each other in this matter. Some of them require that you honor the opt-out request within five days (New Zealand, Australia), some of them say that you need to do it no later than 10 days after your received the opt-out request (United States, Canada), and others do not specify any timeframe, even though they state that the request should be honored without any delay (Germany, Japan).
Now, let’s have a look at it from the user’s point of view. Imagine a person, let’s call him Paul, who just clicked the unsubscribe button. After he did that, Paul was not (to his surprise) unsubscribed immediately but taken to the page “Your unsubscription request will be honored as soon as possible.” Now he thinks: “What the heck does this mean? Are they going to do it in two hours? Tomorrow? In one week?” This uncertainty just drives people crazy.
Another thing to bear in mind is that if Paul receives new emails while you are working on his request, he will probably end up very angry and decide to reach out to your customer care team with a complaint. In the worst-case scenario, he may decide to report your emails as spam—this could significantly harm your reputation.
7. Is it necessary to confirm the unsubscribe request by sending another email?
No, it is not. No international law requires an email confirming the unsubscription to be sent to the email address of the user. It is redundant and can be considered harassment. It should be enough for you to take the user who just unsubscribed to a page confirming successful unsubscription, as this one does:
8. What else should I not forget?
Apart from a functioning unsubscription process, there are a couple of rules that you need to stick to regarding the information in your commercial messages. Let’s have a look at them.
- “From” and “Reply to” fields must clearly identify the person or business that initiated the message
- You cannot use deceptive subject lines—the subject line should reflect the contents of the email
- The subject line should not contain spam words, title capitalization, or special characters
- It needs to be clearly stated that the email the recipient is receiving is an advertisement
- Your message needs to identify the individual/company/product on whose behalf the message is sent
- A valid postal address where the sender can be reached by the recipient is required
- A post office box or private mailbox can satisfy this requirement in some countries (e.g., the United States) but not everywhere (Germany)
- You should also include a telephone number and/or email address via which the recipients can reach you
- Under Canada’s anti-spam legislation, to provide the required information, you can use a clear and prominent link to a web page containing this information
- The contact information should be valid for at least another 30 days (Australia, New Zealand) / 60 days (Canada)
Here is an example of where and how such contact information can be displayed:
9. Do I need to keep a record of those who subscribed to my newsletters?
For your own good, you definitely should. In case of complaints, you may be asked to present the following information in front of a court:
- The way the consent was given (single vs. double opt-in, a checked box)
- In the case of a double opt-in confirmation email, what the contents of such an email was
- The time of the declaration of consent
- The IP address of the user who provided the consent
As you can see, there are plenty of things to keep in mind when implementing an opt-out process and handling unsubscription requests. I would recommend that you go through your current unsubscription process and see for yourself how easy or difficult it is for your subscribers to opt out. This will be an eye-opening exercise for you. Are there any unnecessary steps that you can avoid? Have you seen any obstacles that your subscribers may not be able to overcome? Get rid of them! Make the unsubscription process as easy as possible for your subscribers. You never know, they may come back to you later on.
Disclaimer: The purpose of this article is to provide you with a general overview of anti-spam laws around the world. It should not be interpreted as legal advice. We recommend contacting your lawyers for legal guidance on specific cases.
This article was originally published on the Kentico Blog.