Complying With Global Anti-Spam Laws

PropelGrowth Blog - Financial Services Marketing and Content Strategy

Complying with the global anti-spam laws is not an option for email marketers. Find out more.

Email marketers must be cautious to comply with anti-spam laws, but this is not always a simple process given that these laws vary by country.

Below we’ve compiled some general information concerning anti-spam laws by region. We’ve also included some links to resources where you can find more detailed information about the laws. Next week, we’ll go into more detail about the meaning of the term “implied consent.”


In Asia, the anti-spam laws differ by region.  For example, Singapore’s Spam Control Act of 2007 is based on an opt-out model where businesses are permitted to send consumers an email message without their permission. However, each email needs to give individuals the option to opt-out, or be able to stop receiving the communications if they desire. Australian marketers need to indicate in their subject lines if their messages are unsolicited. For further insight on Asia’s anti-spam laws, it’s best to look up the rules for each country where you plan to send email.


Australia’s Spam Act of 2003 prohibits marketers from sending unsolicited commercial email messages to their audience using an Australian link. To clarify, a “commercial” email is a promotional message where you are selling any goods or services or promoting your business or an organization. In Australia, emails can be sent based on either express or inferred consent. Express consent means that the recipient directly opted in to receiving an email from a specific business.  Inferred consent means that the recipient signed up to receive emails from one company, and therefore it’s inferred that he or she may be interested in that company’s partners or affiliates. So the affiliates are also permitted to send the recipient email. Find more information on Australia’s spam legislation here.


In July of 2014, Canada added three new requirements to its existing Canadian Anti-Spam Legislation (CASL). First, marketers need to have either express or implied consent to send a commercial email. There are very specific requirements needed to meet the conditions of “implied consent.” Second, businesses must clearly identify themselves in their email messages. Last, Canadian marketers must include an unsubscribe option in every communication they send. Canada now has some of the strictest anti-spam laws in the world. So it’s important to bone up on their regulations and make sure you’re in compliance. Here’s more information on complying with CASL.


In 2003, the EU issued a Privacy and Electronic Communications Directive intended to control spam activities across the whole region. However, be careful when marketing to the EU, as some aspects of its email marketing legislation have been left up to each individual country to decide. For example, some member countries have enacted strict opt-in requirements, while others have not. Also, many EU countries differ on how they individually interpret the wording of the directive. To avoid any confusion, be sure to research the email laws of each EU country you intend to market to. Here is a related fact sheet that may help. The EU can be tricky, because in some of these countries, individuals can bring suit against other individuals for violating the SPAM laws. So use caution.

New Zealand

New Zealand’s Unsolicited Electronic Messages Act came into effect in 2007, and defines spam as any unsolicited commercial email message. The law requires senders to include accurate information about the business that is sending the email. Similar to many other regions, New Zealand requires that all promotional emails clearly outline a way for recipients to opt-out, or refuse receipt of any further communications.  Get more information about New Zealand’s anti-spam legislation.


The UK has perhaps one of the strictest policies regarding email marketing, as it requires an opt-in approach. This means that no direct marketing email can legally be sent to a recipient without first obtaining that recipient’s express consent. This is however unless a pre-existing business or commercial relationship has already been established. Furthermore, an email’s opt-in option must be ‘clear and distinct’ so individuals can fully understand what they are opting into when they tick a box or provide their email address. Rules are somewhat relaxed if you are emailing a person’s work address for business purposes related to that person’s role in the company. This resource may give you further insight.


The CAN-SPAM Act of 2003 is more liberal than other countries and follows more of an opt-out approach. Under the law, businesses must identify themselves and use subject lines that accurately reflect the content of their emails. They must also provide a physical postal address of where operations are located. They must give clear direction on how recipients can opt out of future messages. Then they must honor these requests or face fines. Get more information here.

Best Practice

The best approach for a global email program is to follow the strictest rules, requiring all subscribers to “double opt-in.” This means that members of your list sign themselves up and then receive a confirmation email asking them to click a link in order to confirm their desire to opt into communications. Then, every email should contain a conspicuous method to opt out or unsubscribe. Marketers can add a subscriber to the list only with verbal or written consent – and even then, the email system should send out a confirmation email asking the recipient to click a link to subscribe.

Final Thoughts…

Lots of companies have instituted opt-in and opt-out email campaigns to scrub their list of non-compliant contacts.

I’ve seen a number of different opt-in and opt-out approaches, most of which are not particularly effective. Opt-in campaigns should be strategic, planned, targeted to specific recipient personas, and executed carefully. Review your list and segment it according to the contacts’ titles, roles, industries, departments, and how you obtained their email addresses. Then develop buyer personas that help you understand the interests of each segment. Think about the value of the content you’re planning to provide to each persona, and market that content. Help the recipient understand the value they’ll receive if they elect to opt in.

Remember, opt-outs are just as important. Proactively disqualify and remove leads that don’t represent your targets. So your opt-in campaign should also seek to help those leads self-identify and opt out.

It’s also important to manage your database carefully and scrub it frequently. Process opt-out and unsubscribe requests immediately when they’re received and make sure you remove them from all lists. Consider purging recipients without any opens or clicks in a 12-month period. By not emailing contacts who haven’t opened or clicked in the past year, you can reduce ISP complaints and gain higher reputation scores, which leads to better deliverability.

Read more on this topic in the next blog post, Email Marketing – Implied vs Explicit Consent.