Amazon · AWS Acceptable Use Policy · View original document ↗

Email and Messaging Abuse Prohibition

Medium severity High confidence Explicitdocumentlanguage Unique · 0 of 343 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Amazon recorded 3 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Amazon Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

AWS prohibits using its services to send spam, harvest contact information without consent, or send emails that violate anti-spam laws such as CAN-SPAM.

This analysis describes what Amazon's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This clause establishes specific email and messaging conduct requirements and references legal compliance with CAN-SPAM and equivalent laws, meaning violations may expose customers to both AUP enforcement and independent legal liability.

Clause Stability Stable

0
Changes
3
Months Monitored
Apr 4, 2026
First Seen
May 22, 2026
Last Seen
This clause type exists across 362 other provisions on other platforms.

Consumer impact (what this means for users)

Customers using AWS services such as Amazon SES or EC2 for email campaigns must comply with CAN-SPAM and equivalent international anti-spam laws, or face service suspension under the AUP in addition to potential regulatory action.

How other platforms handle this

ElevenLabs Medium

Users may not use ElevenLabs' platform to generate voice content for the purpose of committing fraud, including financial fraud, identity theft, or unauthorized impersonation for financial gain.

NVIDIA NIM Medium

You may not use the Services to generate content that violates applicable laws or regulations, including content that is defamatory, obscene, fraudulent, or that infringes the intellectual property rights of any third party.

YouTube Medium

Content that's meant to praise, promote, or aid violent extremist or criminal organizations is not allowed on YouTube. We rely on many factors — like certain government and international organization designations — to determine what constitutes criminal or terrorist organizations.

See all platforms with this clause type →

Monitoring

Amazon has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
You may not use the Services to distribute, publish, send, or facilitate the sending of unsolicited mass email or other messages, promotions, advertising, or solicitations (spam); harvest or otherwise collect email addresses or other personal contact information from the Internet without the recipient's knowledge and consent; or send email messages in violation of the CAN-SPAM Act or any other applicable anti-spam law.

— Excerpt from Amazon's AWS Acceptable Use Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY LANDSCAPE: This provision explicitly references the CAN-SPAM Act (15 U.S.C. 7701 et seq.) and equivalent international anti-spam laws. Relevant enforcement authorities include the FTC (CAN-SPAM primary US enforcer), the UK Information Commissioner's Office (PECR), and EU national data protection authorities under the ePrivacy Directive. GDPR also applies to the collection and processing of personal contact information in EU contexts. (2) GOVERNANCE EXPOSURE: Medium. Organizations using AWS for bulk email, marketing automation, or contact data collection must maintain documented consent mechanisms and suppression list management to comply with both the AUP and applicable law. Non-compliance creates dual exposure: AUP enforcement by AWS and regulatory action by applicable authorities. (3) JURISDICTION FLAGS: EU customers must comply with GDPR and the ePrivacy Directive in addition to the AUP's anti-spam requirements. CASL applies in Canada. Australian customers are subject to the Spam Act 2003. The AUP's reference to 'any other applicable anti-spam law' means the effective compliance scope is jurisdiction-dependent. (4) CONTRACT AND VENDOR IMPLICATIONS: Organizations using AWS SES or other AWS messaging services for client campaigns should ensure client agreements include representations about list consent and legal compliance, as AUP liability runs to the AWS account holder. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should audit email list acquisition methods for documented consent, implement unsubscribe and suppression list management, and review sending practices against CAN-SPAM and applicable international requirements. AWS account holders should ensure downstream email service users (e.g., clients, sub-accounts) are contractually bound to equivalent standards.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC is the primary US enforcement authority for the CAN-SPAM Act, which is explicitly referenced in this provision
    File a complaint →

Applicable regulations

DMCA
United States Federal
DSA
European Union

Provision details

Document information
Document
AWS Acceptable Use Policy
Entity
Amazon
Document last updated
May 5, 2026
Tracking information
First tracked
April 27, 2026
Last verified
May 12, 2026
Record ID
CA-P-002111
Document ID
CA-D-00028
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
35a0e34b7136e83dd0dca01e14dd192b01d7012211f2617232fe3d1a27218091
Analysis generated
April 27, 2026 10:50 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Amazon
Document: AWS Acceptable Use Policy
Record ID: CA-P-002111
Captured: 2026-04-27 10:50:37 UTC
SHA-256: 35a0e34b7136e83d…
URL: https://conductatlas.com/platform/amazon/aws-acceptable-use-policy/email-and-messaging-abuse-prohibition/
Accessed: July 4, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Amazon's Email and Messaging Abuse Prohibition clause do?

This clause establishes specific email and messaging conduct requirements and references legal compliance with CAN-SPAM and equivalent laws, meaning violations may expose customers to both AUP enforcement and independent legal liability.

How does this clause affect you?

Customers using AWS services such as Amazon SES or EC2 for email campaigns must comply with CAN-SPAM and equivalent international anti-spam laws, or face service suspension under the AUP in addition to potential regulatory action.

Is ConductAtlas affiliated with Amazon?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Amazon.