So the answer to the question of whether or not cold email is illegal is a resounding no.
Before diving deep into this topic and laying down all answers let’s ask what exactly are cold emails.
Cold emails are unsolicited emails sent to prospective clients who have never interacted with the sender before.
Cold emails are completely legal and you are free to send them to anyone as long as you follow all applicable laws and regulations in the EU as well as those of the USA, the UK, and other nations.
However, if you violate a country’s rules, you will face fines and penalties.
Every salesperson is aware of how crucial cold emails are for generating leads. Don’t worry, the most effective cold outreach tool in the modern internet era cannot be turned off.
We are no lawyers by the way but we would like to explain it to you as simply as possible. Let’s debunk “is cold email illegal?”
Table of contents
1. What does the CAN-SPAM Act of the USA say?
1.1 How to comply with CAN-SPAM Act ?
1.1.1 Avoid using false or misleading header info
1.1.2 Don’t use deceptive subject lines
1.1.3 Label the message as an advertisement
1.1.4 Inform recipients of your location
1.1.5 Tell recipients how to opt out of receiving future email from you
1.1.6 Honor opt-out requests immediately
1.1.7 Keep track of what others are doing on your behalf
2. What does the PECD and GDPR of the EU say ?
2.1 How to comply with the GDPR and PECD ?
2.1.1 Emails need to be B2B only
2.1.2 Must have a valid reason to send
2.1.3 Accurate details are a must
2.1.4 Easy opt out or unsubscribe links
2.1.5 Data transparency
3. What does the UK’s DPA and UK-GDPR say?
3.1 How to comply with the DPA and GDPR of the UK?
3.1.1 Don’t use deceptive headlines or content
3.1.2 Easy opt out feature
3.1.3 Data protection and privacy
3.1.4 Strong reason to connect via cold outreach
3.1.5 B2B only and personal details should legitimate
4. What does Canada’s Antispam Legislation say?
4.1. How to comply with CASL?
4.1.1. Obtain Consent
4.1.2. Provide Identification Information
4.1.3. Include a Functional Unsubscribe Mechanism
4.1.4. Do Not Use False or Misleading Information
4.1.5. Keep Records
5. What does the Spam Act 2003 in Australia say?
5.1. How to comply with the Spam Act 2003 of Australia?
5.1.1. Provide a clear identity
5.1.2. Make it simple to unsubscribe Link
5.1.3. Obtain Consent for Business-to-Consumer Emails
5.1.4. Have a Legitimate Reason
5.1.5. Don’t Use Email Harvesting Software
5. Conclusion
6. FAQs
Is cold email illegal? What does the CAN-SPAM Act of the USA say?
In the United States, the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 regulates the risky or spammy aspects of cold emails.
You must take the CAN-SPAM Act seriously because failure to comply with it can result in fines of up to $46,517 for each individual email. But abiding by the law is simple. The act never claims that sending a cold email is illegal. The following is a list of CAN-SPAM’s main requirements:
How to comply with the CAN-SPAM Act?
Avoid using false or misleading header info
Your “From,” “To,” “Reply-To,” and routing information, including the email address and originating domain name, must be precise and show who or what sent the message.
Don’t use deceptive subject lines
This act urges salespeople and marketers to avoid using clickbait subject lines that don’t accurately describe the message they are sending.
Hence, the subject line must accurately reflect the content of the message.
Label the message as an advertisement
You must clearly and prominently state that your message is an advertisement.
When you are pitching the recipients in the email, don’t mislead them by saying something different.
Inform recipients of your location
Your message must contain a physical postal address.
This can be the street address you are currently using, a post office box you have registered with the USPS, or a private mailbox you have registered with a business mail receiving agency set up in accordance with Postal Service rules.
Tell recipients how to opt out of receiving future emails from you
Your message must include a clear explanation of how the recipient can opt out of receiving future emails from you.
So, create the notice in a way that will be simple for the average person to read, recognize, and comprehend.
Honor opt-out requests immediately
Any opt-out feature must be able to handle requests for at least 30 days after your message is sent. A recipient’s request to opt-out must be honored within 10 business days.
In order to honor an opt-out request, you cannot charge a fee, demand additional personal information from the recipient than their email address, or require them to take any other action than replying to your email or visiting a single page on your website.
Keep track of what others are doing on your behalf
You cannot contract away your legal obligation to abide by the law, even if you hire another company to handle your email marketing.
Legal action could be taken against both the business whose product is advertised in the message and the business that actually sent it.
What do the PECD and GDPR of the EU say?
The citizens of the European Union are protected by the Privacy and Electronic Communications Directive 2002 (PECD) and The General Data Protection Regulation (GDPR) 2018 for their data privacy and to punish those who breach the same.
There are fines similar if not harsher than the CAN-SPAM Act of the USA. So it is better to abide by the law and follow the compliance of GDPR and PECD.
How to comply with the GDPR and PECD?
Emails need to be B2B only
Cold emails should be B2B, always, which means businesses should contact only other businesses for their cold outreach or outbound sales and not consumers.
You must send the cold email to the person working for a company with which you can do business.
GDPR doesn’t allow B2C. Businesses cannot send cold emails to direct consumers.
Must have a valid reason to send
Send the cold emails to your targeted prospects only. Don’t send them to any random person.
You must have a good reason in the email that the business the recipient works for can benefit from what your company has to offer.
Additionally, there should be a logical connection between your business activity and that of your prospect. That will serve as a legal justification for sending someone an email without first getting their permission to process their data.
Accurate details are a must
Your name, email address, and the location of the company where you work must all be mentioned in the email clearly.
Additionally, your email must have relevant header information and subject lines rather than clickbait titles and lines.
Spammy and random emails are not acceptable. Instead, include the recipient’s name, email address, and the name of the business you want to do business with.
Easy opt-out or unsubscribe links
Outbound messages and email marketing messages should clearly state how the recipient can change or remove their information from your list.
The GDPR does not state that you should use the “unsubscribe” link because it does not specify how. It merely states that there should be a simple, understandable method.
We include an “unsubscribe” link in each of our marketing emails because it is a common practice in emails.
Data transparency
You must explain to recipients of your cold emails, what personal information you are processing, why, and how they can update or remove their information from your mailing list.
Don’t process the personal data of the recipients of your cold emails for any longer than is necessary. The GDPR makes no mention of a specific timeframe.
You should remove any prospects’ information if they don’t respond to you in a month.
What do the UK’s DPA and UK-GDPR say?
The UK as we know consists of the union of England, Wales, Scotland, and Northern Ireland and was considered part of the European Union. Then Brexit happened.
So, the UK has its own laws regarding data protection and regulation. Data Protection Act 2018 governs this issue and the citizens of the UK.
How to comply with the DPA and GDPR of the UK?
Don’t use deceptive headlines or content
According to the DPA, the information in the email must be concise. Avoid the usage of clickbait or misleading subject lines.
Don’t use the standard cliched titles like “limited time offer” and “Don’t miss out.”
Make sure the email’s content is designated as advertising as well.
Easy opt-out feature
Content shouldn’t be forced down the throats of the recipients.
Businesses should include clear-cut, easy-to-see, unfollow, or unsubscribe type of links, to remove themselves from further email marketing plans.
Data protection and privacy
Businesses should inform potential customers about the data and personal information they will store.
Any information that is stored without the recipient’s consent may have legal repercussions.
Additionally, the information of those who choose not to participate in email marketing campaigns should be removed as soon as possible. We suggest getting rid of it within a month.
Strong reason to connect via cold outreach
You must provide a compelling argument in the email for how the recipient’s employer can profit from what your business has to offer.
The activities of your company and those of your prospect should logically relate to one another.
Only your chosen prospects should receive the cold emails. Do not deliver them to a random recipient. Also, it’s beneficial for you to keep the email length short.
B2B only and personal details should legitimate
The recipient of the cold email must work for a company you can do business with.
Businesses should prohibit sending cold emails to direct customers.
The email must clearly state your name, email address, and the location of the business where you work.
Instead, include the name, email address, and name of the company you wish to do business with for the recipient.
What does Canada’s Antispam Legislation say?
Canada’s Anti-Spam Legislation (CASL) is a federal law that came into effect on July 1, 2014. CASL regulates the sending of commercial electronic messages (CEMs) in Canada, including email, text messages, and social media messages, with the goal of reducing unwanted spam and promoting online privacy.
Under CASL, it is illegal to send a CEM to an electronic address without the recipient’s express or implied consent. Express consent requires that the recipient explicitly agrees to receive CEMs from the sender, while implied consent can arise in certain circumstances, such as when there is an existing business relationship between the sender and the recipient.
How to comply with CASL?
Obtain consent
Ensure that you have obtained the recipient’s express or implied consent before sending a CEM. Express consent requires that the recipient explicitly agrees to receive CEMs from you, while implied consent can arise in certain circumstances, such as when there is an existing business relationship between you and the recipient.
Provide identification information
Include your contact information in every CEM you send, including your name, mailing address, and either a telephone number, email address, or web address.
Include a functional unsubscribe mechanism
Provide a clear and conspicuous unsubscribe mechanism that allows recipients to opt out of receiving further messages. The unsubscribe mechanism must be functional for at least 60 days after the message is sent.
Do not use false or misleading information
Ensure that your CEMs do not contain false or misleading information, including misleading subject lines, inaccurate sender information, or deceptive content.
Keep records
Maintain records of consents received, opt-out requests, and other relevant information to demonstrate your compliance with CASL.
What does the Spam Act 2003 in Australia say?
The Spam Act 2003 is the main law that regulates the sending of CEMs in Australia. Under this law, it is illegal to send unsolicited CEMs with a commercial purpose unless the recipient has given their consent to receive such messages. Consent can be express or inferred, and there are certain requirements that must be met for inferred consent to apply.
How to comply with the Spam Act 2003 of Australia?
Provide a clear identity
Include your contact information in every CEM you send. Add your name, mailing address, and either a telephone number, email address, or web address. It is important that the recipient knows who is sending the message.
Make it simple to unsubscribe link
Provide a clear and conspicuous unsubscribe mechanism that allows recipients to opt out of receiving further messages. The unsubscribe mechanism must be functional and processed within 5 business days after the request is made.
Obtain consent for business-to-consumer emails
Business-to-consumer (B2C) emails are prohibited without the recipient’s explicit opt-in consent. This means that the recipient must explicitly agree to receive marketing messages from your business before you can send them.
Have a legitimate reason
Ensure that you have a legitimate reason to reach out to a business or individual. This can include having an existing business relationship with the recipient or providing information about a product or service that the recipient has expressed interest in.
Don’t use email harvesting software
Do not use any software or automated tools to scrape websites for personal details. This is considered spam and is prohibited under the Spam Act.
Is cold email illegal? Conclusion
Is cold email illegal? Obviously not. You’re fine as long as you adhere to the compliance framework.
However, in order to avoid legal issues, businesses should abide by the rules and regulations set forth by the respective countries. If they don’t, they can face legal consequences and hefty fines.
If the company is involved in court over these matters, it could harm its reputation in the market. Therefore, we must abide by the adage that “ignorance of the law is no excuse.”
You can also check out our blog on best practices and tips for cold email which complies with most acts regarding spam and data protection.
How can SafeMailer help you?
You don’t need to worry about any legal aspects of any country while sending cold emails. SafeMailer’s free cold emailing software complies with every rule and regulation out there.
Your marketing emails will be sent out in waves using our cold email automation platform – SafeMailer. Instead of sending 1,000 emails all at once, it sends them over several days, 1-2 minutes apart, much like a real human would. Thus bypassing spam filters.
FAQs
Q: What is the success rate of cold emails?
A: Cold emails that are targeted specifically to their recipients can receive response rates ranging from 15% to 25%, on average.
Q: Can I send cold emails to anyone?
A: No, you cannot send cold emails to just anyone. You should only send emails to individuals or businesses who have given you permission to contact them, or whose contact information you have obtained in a legal and ethical manner.
Q: Can I send cold emails to individuals in other countries?
A: Yes, you can send cold emails to individuals in other countries, but you should be aware of the anti-spam laws and regulations in those countries. Some countries may have stricter requirements for commercial emails than others.
Q: Can I send cold emails to anyone?
A: No, you cannot send cold emails to just anyone. You should only send emails to individuals or businesses who have given you permission to contact them, or whose contact information you have obtained in a legal and ethical manner.
Q: Can I use purchased email lists for cold emailing?
A: It depends on the source of the email list and whether the individuals on the list have given consent to receive commercial emails. Using purchased email lists without proper consent can violate anti-spam laws and result in penalties.