Skip to main content
Find a Lawyer
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

The CAN-SPAM Act: Trying to Protect Consumers From Unsolicited Commercial E-Mail

Spam: we all get it. Although there are also different names describing it (unsolicited commercial e-mail, junk mail), the fact remains that we often find ourselves spending too much time trying to sort out legitimate business and personal e-mails from bad. Spam e-mails are frustrating and can make your blood boil. What's a consumer to do?

Although it is five years-old, a federal law designed to punish spamming has resulted in only a handful of prosecutions. Unfortunately, the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, or the "CAN-SPAM Act," has not stopped the deluge of unsolicited junk mail.

Here's what you need to know about the law.

  • The CAN-SPAM Act does not give consumers the right to file their own private lawsuit for damages if they've received unsolicited junk e-mail. Instead, it lets the Federal Trade Commission (FTC) or state attorneys general sue spammers on their behalf to recover damages, impose civil penalties, and to stop the e-mails.

  • The federal law applies to any business that uses e-mail as part of its marketing activity.

  • Companies are prohibited from using legitimate domain names they might hide behind. If you receive an e-mail that appears to be from eBay asking you to update your e-mail account, but the real sender is not that company, CAN-SPAM could hold the sender liable.

  • Misleading and deceptive e-mail subject headers are also banned under the CAN-SPAM Act. A "brown paper wrapper" requirement also applies to sexually explicit e-mail, requiring the sender to warn the recipient in the e-mail header that the message contains "sexually explicit" material.

  • Every piece of unsolicited commercial e-mail must give you the choice to "opt-out," by telling the sender that you don't want their e-mail anymore.

    Once a consumer sends a business an "opt-out" request, a company has ten (10) business days to comply. If it doesn't, the business can be held liable under CAN-SPAM for $250 every time that it sends another e-mail to a person who already made an "opt-out" request. A court can increase the amount of damages up to three times if it can be proved that the spammer "willfully and knowingly" refused to stop the e-mails after the consumer's request.

  • Since spammers like to hide, CAN-SPAM requires businesses sending unsolicited commercial e-mails to have a "valid physical postal address" in their e-mail where consumers can write. The FTC clarified this requirement last year by enabling businesses to use a street address, a P.O. Box, or a private mailbox address as long as it complies with U.S. Postal Service registration requirements.

San Francisco technology lawyer Eric Sinrod notes that unfortunately, laws like the CAN-SPAM Act "generally work only as to legitimate businesses that inadvertently make mistakes and run afoul of the anti-spam laws when not having the intent to violate the law."

Some e-mail providers and ISPs have filed private lawsuits in state and federal courts against senders of spam e-mails, wanting to hurt spammers where they think it hurts most: in their bank accounts.

What can you do to protect yourself from spam e-mail?

First, make sure that you have up-to-date versions of anti-virus software that can detect malicious e-mail "worms" and "bots" from infecting your computer.

Second, use e-mail filter tools available in your e-mail software, or in web-based e-mail accounts like Yahoo!, Gmail, and Hotmail.

Third, think about whether e-mail you've received passes the sniff test. Is it full of misspellings? Is it from a company or person that you don't know? Does the e-mail ask you for money or to buy something when you've never had any contact with the company before?

Finally, if you believe that a company is still sending you unwanted e-mails after you've notified them in writing to stop, you can file a complaint with the FTC by going to, and contact the Attorney General's office in your state to learn about local anti-spam laws and your rights.

Related Resources:


FTC: Spam for Consumers

Spam, Spam, Spam, Spam, by Eric Sinrod (

Bingham: FTC Clarifies CAN-SPAM Rules (May 19, 2008)

Was this helpful?

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:

Next Steps

Contact a qualified consumer attorney to assist with the hazards and stress accompanying identity theft and online scams.

Begin typing to search, use arrow keys to navigate, use enter to select

Help Me Find a Do-It-Yourself Solution

Copied to clipboard

Find a Lawyer

More Options