Penalties for CAN-SPAM Act Violation

Where You Need a Lawyer:

(This may not be the same place you live)

At No Cost! 

 What Is the CAN-SPAM Act?

The CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography And Marketing Act) is a U.S. law enacted in 2003 that sets the standards for sending commercial emails. This law aims to protect personal property, mainly email accounts, from unwanted spam and to impose penalties on those who violate these anti-spam laws.

Under the Act, deceptive headers, misleading subject lines, and the absence of opt-out mechanisms are prohibited in all commercial emails.

What Are the Penalties for Violating the CAN-SPAM Act?

Violating the CAN-SPAM Act can result in severe consequences. The Act provides for both civil and criminal penalties. For instance, certain aggravated violations can lead to criminal penalties, especially if the spam email involves fraudulent activity. CAN-SPAM Act penalties can range from significant fines to imprisonment for more severe violations. Spam email liability can extend to both the company that sends the spam and the individual on whose behalf it is sent.

For civil penalties, the Federal Trade Commission can seek fines of up to $43,792 for each separate email that violates the Act. The FTC can also obtain injunctions and orders to freeze assets or appoint receivers. The FTC can sue both the sender and the initiator of the spam email and any other party that knowingly assisted or benefited from the violation.

For criminal penalties, the Act provides for imprisonment of up to five years for accessing someone else’s computer to send spam without permission, using false information to register for multiple email accounts or domain names, relaying or retransmitting multiple spam messages through a computer to mislead others about the origin of the message, or harvesting email addresses or generating them through a dictionary attack.

The Act also provides for imprisonment of up to three years for falsifying header information in multiple spam messages and initiating and transmitting such messages. The Act also enhances the penalties for other crimes, such as fraud, identity theft, or obscenity, if they are committed in connection with spam email.

For state enforcement, the Act authorizes state attorneys general to bring civil actions on behalf of their residents for violations of the Act. The state can seek damages for actual loss or statutory damages of up to $250 per violation, whichever is greater, with a maximum award of $2 million. The state can also seek injunctive relief and attorney’s fees.

For private actions, the Act allows Internet access service providers (ISPs) to sue spammers for violations of the Act or their contractual terms. The ISPs can seek damages for actual loss or statutory damages of up to $100 per violation, whichever is greater, with a maximum award of $1 million. The ISPs can also seek injunctive relief and attorney’s fees.

How Do I Report a Violation of the CAN-SPAM Act?

If you believe you’ve received a spam email violating the CAN-SPAM Act, you can report it to the Federal Trade Commission (FTC). The FTC has an online complaint assistant where you can provide details about the spam email. Additionally, forwarding the spam email to the FTC can aid their investigations.

First, go to the FTC’s online complaint assistant at You will see a page with different categories of complaints, such as identity theft, scams and rip-offs, unwanted calls and mail, etc. Click on the one that says “Unwanted Calls and Mail.”

Next, you will see a page with subcategories of unwanted calls and mail, such as robocalls, spam texts, spam emails, etc. Click on the one that says “Spam Emails.”

Then, you will see a page about spam emails and how to reduce them. Scroll down to the bottom and click on the button that says “Report Spam Emails Now.”

After that, you will see a page with a form where you can provide details about the spam email you received. You will need to enter your email address, the sender’s email address, the subject line of the email, the date and time you received it, and any other information you think is relevant. You can also upload a copy of the email as an attachment. You can also choose whether you want to receive a confirmation email from the FTC.

Finally, click on the ” Submit ” button to send your complaint to the FTC. You will see a confirmation page with a reference number for your complaint. You can use this number to check the status of your complaint later.

In addition to filling out the online form, you can forward the spam email to the FTC at This will help the FTC collect evidence and track down the spammers. However, forwarding the email is not a substitute for filing a complaint online. You should do both if possible.

Are There Any Defenses If I Am Charged With Violating CAN-SPAM?

Certain defenses might be available to you if you’re charged with violating the CAN-SPAM Act, depending on the circumstances. Claiming ignorance of the law generally isn’t a defense.

However, a criminal defense lawyer who handles cyberspace issues can help you navigate potential defenses, such as proving a lack of fraudulent intent or demonstrating compliance with certain aspects of the Act.

Lack of Fraudulent Intent

The CAN-SPAM Act targets emails with fraudulent or misleading headers and deceptive subject lines. It could serve as a strong defense if you can demonstrate that the email was sent in good faith without any intention to deceive or mislead the recipient.

For instance, a genuine mistake in the email’s content that was not meant to deceive could fall under this defense.

Compliance with Opt-Out Requests

One of the critical requirements of the CAN-SPAM Act is that commercial emails should have a clear and conspicuous mechanism to allow recipients to opt out of future emails.

It can be a valid defense if you can prove that your emails have a functioning opt-out mechanism and that you honored all opt-out requests within the stipulated ten-day window.

Accurate Header Information

The Act prohibits misleading header information. If you can demonstrate that your email’s header information (like the “From” and “Reply-to” addresses) accurately represented the email’s source and was not intended to deceive the recipient, it could serve as a defense.

Transparent Content

The CAN-SPAM Act requires that commercial emails be identified as advertisements, and the sender’s physical postal address should be included in the email. If your email content adhered to these rules, it could help your defense.

Third-Party Actions

If a third party sent the spam emails without your knowledge or against the terms of your agreement with them, you might be able to use this as a defense. However, businesses are still generally responsible for monitoring third-party compliance with the Act.

Factual Errors

Sometimes, accusations could be based on factual errors or misunderstandings. For instance, if an alleged recipient claims they never opted in for your emails, but you have records showing their explicit consent, this can be a potential defense.

Remember, each case is unique, and it’s best to consult with a criminal defense lawyer familiar with cyberspace issues to review your specific situation and provide guidance. They can thoroughly assess the allegations against you and help devise a strategy tailored to your situation.

Do I Need to Consult a Lawyer about My Cyberspace Issue?

Absolutely. If you’re facing allegations of violating the CAN-SPAM Act or have concerns about email marketing practices, seek legal counsel. A knowledgeable business lawyer can guide you through the complexities of the law, ensuring compliance and defending against any accusations.

Find the right lawyer to address your concerns through LegalMatch.


16 people have successfully posted their cases

Find a Lawyer