Email Compliance in 2023: Q/A with OPTIZMO COO Tom Wozniak

Roberto Popolizio Roberto Popolizio

2023 has been a scary year for markers so far. Businesses not following the latest compliance regulations have been hit with the biggest fines ever seen for non-compliance:

  • Meta was charged $1.3bn
  • Tik Tok $1.7m
  • TIM $7.6m

To make things worse, data protection laws are constantly evolving, and keeping up is not easy, especially when a series of third-party tools and external providers are involved in your marketing campaigns.

SafetyDetectives asked Tom Wozniak, COO of OPTIZMO Technologies, a leading provider of email and SMS compliance solutions, to give us an overview of the current email compliance regulations you must follow in 2023, and how OPTIZMO tackles one of the crucial issues of email compliance: suppression lists.

What is email compliance, and what are the consequences of non-compliance?

Email compliance involves adhering to a set of marketing and data privacy laws and anti-spam regulations that businesses must follow to ensure the data safety, privacy, and overall user experience of their email recipients. Failing to comply can open up businesses to legal actions, reputational damage, and hefty fines.

As digital marketing has evolved in recent decades, a variety of laws and regulations have been enacted in countries around the world to protect consumers by setting guidelines for marketers. These laws often focus on stopping forms of deceptive advertising and, more recently, on how consumers can control the ways that marketers capture, store, and use their personal information.

Compliance with these various laws is required for companies to build successful and sustainable businesses. At OPTIZMO, we support our clients’ compliance programs specifically related to email and SMS marketing. Each channel is impacted by a number of specific laws and regulations regarding how communications can be sent to consumers.

In the U.S. two of the most relevant laws impacting marketers are the CAN-SPAM Act for email marketing and The Telephone Consumer Protection Act (TCPA) for SMS marketing. One common aspect of both these laws is the requirement that marketers must provide consumers with a way to unsubscribe or opt out of future marketing communications. Collecting, processing, storing, and making these opt-out records available as suppression files for future marketing campaigns is a core service provided by OPTIZMO.

In the U.S. compliance with laws like CAN-SPAM is essential. Violations can lead to large fines, along with other legal actions. Additionally, each requirement of the CAN-SPAM is also a best practice for marketers to ensure a positive user experience, which is beneficial to the consumer, the marketer, and the industry as a whole.

What are the different compliance regulations to be aware of in email marketing?

In the U.S. the CAN-SPAM Act is the main federal law regulating email marketing. The law was enacted in 2003 and has been modified over the years to ensure it stays relevant with modern email marketing technology and practices. However, email marketers must also be aware of various other key regulations at both the federal and state levels that impact all digital marketing channels.

In recent years, a growing number of data privacy laws have been put into place in the U.S. at the state. Perhaps the most well-known of these are the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). These and similar state laws impact how companies can collect and use consumer data for a variety of purposes, including marketing. While these laws impact email marketers, they have broader implications for all marketers and businesses in general.

Outside the U.S. many countries have enacted their own laws that impact not only email marketing but any type of collection or use of consumers’ personal information. Perhaps the most well-known data privacy law outside the U.S. is the General Data Protection Regulation (GDPR), in the EU, which sets rules for how companies and marketers may collect and process consumer data.

Note: Dive into international compliance, as it gets very complex with essentially every country having its own data privacy and marketing laws.

The #1 email compliance problem: suppression list management

Since CAN-SPAM has been in place for 20 years, the rules for compliance are well understood and key aspects like opt-out collection are incorporated into many email marketing platforms. For companies using those platforms, this integrates compliance into their email campaigns and overall email marketing strategy.

However, compliance becomes more challenging when a company leverages third parties (marketing agencies, partners, affiliates, etc.) into their email marketing programs.

One of the biggest challenges in managing compliance among a set of email marketing partners is the requirement that all email partners honor opt-out requests received by other email partners.

Let’s make an example…

A company has 20 different partners engaged in email marketing on their behalf and a recipient unsubscribes from receiving the company’s offer through one partner, all other partners must honor that opt-out request. This necessitates the collection, processing, storage, and distribution of these opt-out requests from a central platform. OPTIZMO provides a powerful, yet easy-to-use SaaS solution that manages this entire process, whether a company has 2 partners or 200 partners.

OPTIZMO has been supporting clients’ email compliance and suppression list management programs for over 14 years, delivering the industry’s most trusted and robust platform. Along with industry-leading technology, we also have an experienced and dedicated team whose mission is to ensure that each client’s unique compliance needs are met and their expectations are exceeded on a daily basis.

This combination of leading-edge technology and unparalleled support has led hundreds of companies to trust OPTIZMO with their compliance needs.

How do you help your clients stay up-to-date with the latest compliance norms and best practices?

The OPTIZMO team regularly presents at industry conferences, sits on various industry compliance councils, and publishes content on the company blog as well as through a variety of business and industry publications. Much of this content and information is designed to help clients and other companies stay up to speed on developments in the email marketing industry around compliance, data management, and a variety of related topics.

OPTIZMO has also created several guides and infographics specifically designed to help readers gain a better understanding of email best practices, suppression list management strategies, general email compliance, and campaign management.

The official compliance checklist for email marketers (don’t miss any of these points!)

Fortunately, the Federal Trade Commission (FTC) provides a valuable compliance guide for businesses to comply with the CAN-SPAM Act. The guide provides a set of eight key requirements for every commercial email message to meet in order to achieve compliance:

  1. Don’t use false or misleading header information. People receiving your emails must know exactly the person and business sending that email
  2. Don’t use deceptive subject lines. Summarize what the email is about. No lies, no baits.
  3. Identify the message as an ad. The receiver must know you are sending a promotional email
  4. Tell recipients where you are located. Include your postal address or post office box
  5. Tell recipients how to opt out of receiving future marketing emails from you. Give them an easy and visible way to block ALL your marketing emails at once
  6. Remember that subscribers and members can opt out of marketing emails, too. The only exception is if the email has a transactional or relationship purpose (i.e. welcome emails, post-purchase info, notification of a policy change)
  7. Honor opt-out requests promptly (within 10 business days). The opt-out process must be free of charge and involve no more than one step (i.e. visit a web page, or reply to your email).
  8. Monitor what others are doing on your behalf. You are still legally responsible for the emails sent on your behalf by a third party.

How do you envision the future of email compliance, and how are you preparing to address the upcoming challenges?

The laws impacting digital and email marketing are always evolving. While CAN-SPAM has been the standard in the U.S. since 2003, it has been updated throughout the years to ensure it stays relevant to the current market and economic landscape. Outside of CAN-SPAM, new data privacy laws are being enacted at the state level every year.

At some point in the future, it is likely there will be a federal consumer data privacy law, which will impact marketing within email and every other channel. Globally, data privacy laws continue to evolve as well, making compliance with so many different laws around the world more challenging.

Additionally, Artificial intelligence (AI) is becoming an increasingly important part of email marketing, as it offers the ability to create more compelling content quickly and easily, along with the analysis of campaign performance metrics to drive campaign optimization. AI is so new that legislation is still trying to catch up to the rapidly emerging technology. However, it is likely that laws regarding the use of AI in marketing will emerge in the near future. These will impact email and virtually every marketing channel as many companies have already begun to implement AI technology into their marketing processes.

OPTIZMO belongs to various industry organizations and sits on industry boards on compliance that allow us to actively participate in conversations around industry best practices and upcoming legislation that would impact digital marketing. Our team also regularly attends industry conferences and events designed to keep attendees up to date on upcoming challenges and opportunities. All of this helps us prepare for evolving technology, regulation, and other factors that will offer new challenges and opportunities to marketers.

About the Author

About the Author

With over 13 years of experience in managing digital publications, Roberto has coordinated over 5000 interviews with the biggest names in cybersecurity, AI, cloud technology, and SaaS. Using his knack for communications and a growing network of cybersecurity leaders, he provides newbies and experts alike with beyond-the-fluff online privacy tips, and insider perspectives on the ever-evolving tech world.

Leave a Comment