To make sure you continue to receive McCordWeb's monthly newsletter in your inbox, not sent to bulk or junk folders,
please add to your address book.

McCord Web Services Where the Focus is on Your Success

April 2009 Features » CAN SPAM Explained, Privacy Policies, New Website Launch

Nancy McCord, Owner of McCord Web Services LLC.Dear Friend,

This month I want to explain why you need to be careful with email lists. I have had several situations this last month with business owners being in the dark on the legal ramifications of using purchased email lists or sending to harvested lists.

Email can still be a great way to reach out to prospects and clients but make sure that what you do is legal before you start sending.

Best Regards,

Nancy McCord

CAN SPAM Act Explained | Best Practices For Privacy Policies |New Website Launched

The Federal CAN SPAM Act Explained

Busting up spam.With economic times being tough in many business sectors, business owners are looking to use email promotion as a way to inexpensively put their products and services in front of the eyes of more consumers. Spammers are actively marketing email lists to unsuspecting business owners hoping to make a fast buck off of decision makers who may not be apprised of the law as it pertains to email list creation. This article will explain in common sense terms what the Federal CAN SPAM Act means for email marketing.

First, this Act was created during the height of the spam problem back in 2003. Email inboxes were being flooded with spam, this was the age of stand alone spam filters, and Internet Service Providers did not have advanced spam filters in place. The CAN SPAM act is still in effect and although there have only been a few high profile arrests, this does not mean that you could not be prosecuted for your actions if you are found in violation of the law, both at the federal and state levels.

The law says in essence the following:

1. If someone wants to unsubscribe from your email list, you must process the action within 10 days of receiving the request.

2. Relevant subject lines must be used. Adult content must be labeled as such.

3. The businesses must list a physical address on the correspondence. A P.O. Box does not satisfy this requirement.

4. The message cannot be sent through an open relay. An open relay would be considered a compromised website server that is used by spammers through a security exploit.

5. The email addresses cannot be harvested - (this is where there is much confusion). This pertains to both Internet and off-line resources. You may create an email list from people who you have had business contact with and who have given consent, but you cannot harvest names from websites or print directories either by robots, software tools, or by hand. (Please review my article on best practices on your privacy policy below.)

6. The message cannot contain a false header. False headers are used to disguise the origination of an email.

The bottom line for businesses is that if you are going to start using email as an inexpensive method to reach more customers and you buy a email address list, you had better know confidently where it has come from. In fact, truthfully to consider buying a list is plain and simple, risky business today.

Fish for business in the right way not by spamming others.Better yet, is to develop your own list from your own business contacts after you have posted a privacy policy on your website. According to the law, you cannot take email addresses from websites (harvest them) to create your own list. One very savvy business owner felt that as his harvesting was done by hand and not by a robot, that it was not considered "harvested". However, the law still considers this list a violation. Additionally if you load an association directory list by manually entering in the email addresses, even if the list is in a printed directory and not harvested from the Web, this is considered harvesting as well and is a violation of the Act.

It is the creation or origination of an initial list from my interaction with astute business owners this past month that has caused me to write about this specific topic. In one case the business owner was approached by a previously unknown resource with an offer to sell 100,000 "double opted-in" names for $1,000. In another case the business owner was offered a list pertaining to his industry that was hand harvested from business websites.

In the first case could the owner really trust that the list was double opted in? It is important to know that when a list is sold from one party to another there is very specific criteria that the original list owner must do such as advising list members of the pending action and allowing them to opt out before a new business emails the list. If you buy a list from an unknown party can you say without a doubt that this action has been done?

What is important to know is that even if you decide you want to use these types of "gray market" lists, is that most list subscription firms such as Topica, iContact, and Vertical Response will not typically load or even send to emails that start with info, sales, or contact. They simply net them out on your initial list load as they question the validity of the address in regards to being CAN SPAM compliant. Additionally, when you add several thousand names to a subscription service you will immediately trigger red flags with the size of your large list (even as small as 2,000 names). Some services will refuse to send out your email until you legally sign and verify that your list is CAN SPAM compliant, moving the legal liability squarely onto your shoulders.

Stopping spam through legitimate uses of email.Another big red flag should be the cost of a list. $1,000 for a 100,000 subscriber list would be very low. List rentals from legitimate resources may run several thousand dollars for under a thousand names. Additionally another red flag would be the strategy used to send to the list recommended by the seller. The seller of the 100,000 name list recommended setting up different domain names for each list send - a true spamming technique - milk a domain then drop it and use another. This recommendation alone, should taint the legitimacy of the resource selling the list and make the list highly questionable to use.

Email can still be a great way to let customers know what you do, but unfortunately the emails that you really can use are those of people who have contacted you through your website or that you have had some business relationship with. You cannot just email people you do not know on a mass mailing basis. To do so, you risk violating the CAN SPAM act, besmirching your company's reputation, and run the risk of a legal penalty.

For more easy to understand information on the CAN SPAM Act, the Verio website has a nice primer that you may want to additionally review.

These are the legal penalties if you are found guilty of violating the CAN SPAM Act: imprisonment for up to five years, fines up to $3 million dollars (but can be higher), confiscation or forfeiture of properties used to commit the crime or earned from proceeds of the crime. The government has 1,700 law enforcement agents who investigate CAN SPAM Act violations in Canada and the US.

My recommendation for businesses who really want to expand their reach is to not use email marketing, but rather use Google AdWords or Yahoo Sponsored Search to reach these broad untapped markets. There is simply too much risk involved legally to mass email people who you do not know in an effort to generate sales.


Best Practices For Your Privacy Policy

Do you have a privacy policy page?If you don't have a Privacy Policy page on your website, now's the time to strongly consider adding one. If you are going to ever send an e-newsletter to clients or prospects, or if you are going to advertise using any pay per click services, a Privacy Policy page is a "must-have".

I recommend that you have several components in your privacy policy. They are:

  1. State that if someone contacts you through your website or email that you will be adding their email address to your e-newsletter list. Even if you don't have an e-newsletter list now, this allows you to start collecting emails from website contacts to build one to use later.
  2. State that you will never spam list members, sell their email address, and that you will only use this information for your own marketing purposes. Then, stand by that statement!
  3. Let people know that you make it easy for them to unsubscribe from your list at any time. If you are not using an automated subscriber list management service, you must process any unsubscribe requests in 10 days or less to be CAN SPAM compliant.
  4. Make sure if you are tracking traffic on your website that you state the technology used and if personally identifiable information is being tracked and recorded. If you are using Google Analytics or Urchin, the technology used is cookie tracking using clear GIF files and does not record personal information, just aggregate visitor information. If you are using other technology, you need to be specific about what you use, what you collect, and how you are using the information.
  5. You may want to include additional information in your privacy policy based on your needs.
    • My credit card processing company required information about refunds and delivery time frames on my page.
    • List the conditions of the use of your content, if you even allow it and when.
    • Detail your legal notification and policy change update policies.
    • State a disclaimer about not being able to control off-site web links.

You can view my own privacy policy page to get ideas about what you should include on your own page.


ChemTec Pest Control WebSite Launched

We've just launched a great new website for ChemTec Pest Control located in Saddle Brook, New Jersey. We've posted a before and after picture for you to view to see the difference that a new custom design can make.

The original ChemTec Pest Control website. The original ChemTec Pest Control website.
Before Revision After Revision

ChemTec Pest Control has been providing pest control services for over 78 years and has continued to be a family owned and operated business since their creation. With a large vehicle service fleet that is tracked by GPS and is dispatched over a seven county area (with all pest technicians connected to the office by cell phone), they are able to offer fast same day service.

The new website is built to grow! Offering more than just home residential pest control services, ChemTec Pest Control offers termite control, bed bug extermination, carpenter ant eradication, animal control programs, bird exclusion, full insect control services, rat and mouse control, many other pest control services for industry, business, and homeowners. They even offer a residential year round PestGuard® Protection Plan that provides free service calls between quarterly visits. ChemTec Pest Control also offers a range of natural pest control programs for the environmentally conscious consumer.

For the new website we enlarged the screen space to accommodate higher resolution monitors and carried forward the things that the client liked best about their old site (the happy family and clean look). We also used their trademark vehicle, that is easily recognized by consumers, reinforcing their "brand statement" on their website. Overall the look and feel is comfortably familiar but enhanced for better performance.

Not only did McCord Web Services design the new website, but our team created the content for the website as well. Utilizing strong search engine optimization techniques for organic search placement, this site is built from the ground up for organic performance. We invite you to visit this new website online. It has already started to place well on Google, Yahoo, and MSN.


Home | Web Design | Webmaster Services | Ghost Blogging | Internet Marketing | Contact Us
McCord Web Services LLC • 2254 Ravenna Court • Waldorf, Maryland 20603 • 301.705.7303
nav-map McCord Web Services Webmaster Services Blog Writing Internet Marketing Web Design