The CAN-SPAM Act establishes the rules for commercial email communications in the United States. Despite its name suggesting anti-spam legislation, the law primarily regulates commercial messaging rather than banning unsolicited email outright.
The Act requires that commercial emails must not use deceptive subject lines, must identify the message as an advertisement, must include the sender's valid physical postal address, must tell recipients how to opt out of future messages, and must honor opt-out requests within 10 business days. The law prohibits selling or transferring email addresses of individuals who have opted out.
For platform governance, CAN-SPAM is relevant because platform terms of service frequently reference email communication practices, marketing consent, and user notification preferences. Many platforms' privacy policies disclose email data sharing and marketing practices that must comply with CAN-SPAM requirements.
ConductAtlas maps governance language to potentially relevant regulatory frameworks. Regulatory applicability and enforceability may vary by jurisdiction, enforcement context, and individual circumstances. This page is informational and does not constitute legal advice. Methodology
Showing 30 of 4475 provisions. View all →
Get alerted when platforms change their policies — including CAN-SPAM-relevant provisions.
Subscribe to Monitor — $19/moConductAtlas tracks CAN-SPAM-relevant provisions across 100 platforms. Each platform's specific provisions are classified by severity and mapped to CAN-SPAM requirements.
ConductAtlas captures policy documents daily, classifies provisions by regulatory framework, and flags changes that affect CAN-SPAM obligations. Every change is archived with cryptographic verification.