CPAs who use e-mail to market and develop their accounting practices may find themselves labeled "spammers" under a new federal law. The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM), which took effect January 1, 2004, regulates business e-mail. Unwary CPAs could run afoul of the act even though it's designed to target the abuses, fraud and criminal activities of hard-core spammers. Fortunately, accounting firms still can use e-mail advertising if they follow the rules. Here's what practitioners need to know about the act and how to use it to improve the effectiveness of their e-mail programs and keep them in compliance with CAN-SPAM.
REQUIREMENTS AND PENALTIES
CAN-SPAM prohibits predatory and abusive commercial e-mail practices and specifies other requirements for protecting commercial e-mail users. (CPAs can find the text of the act at www.spamlaws.com/federal/108s877.html.) The act provides both criminal and civil penalties. Enforced by the Federal Trade Commission, the criminal penalties include fines, imprisonment and forfeiture of equipment, software and any property acquired from the proceeds of illegal spamming.
Civil penalties include injunctive relief and monetary damages that could total more than $6 million in cases with aggravating circumstances, such as using a program to search Web sites or other online locations to "harvest" e-mail addresses, randomly generating e-mail addresses and falsely registering Web sites. The act empowers the states' attorneys general to seek civil actions on behalf of their residents; it also provides Internet service providers (ISPs) with a "cause of action." CPAs should be aware the first civil action already has been filed under the act--a suit brought by an ISP naming a marketing company and its client as defendants. (More information is available at http://legal.hypertouch.com/bobvila/bobvila-complaint.html.)
Before examining the specific requirements, let's look at how the act defines commercial e-mail and distinguishes it from other communications CPAs may send to current and prospective clients. Under the act, commercial e-mail refers to messages that have as their primary purpose advertising or promotion or are not transactional or "relationship" in nature. The latter include messages that primarily relate to previous transactions between the parties--for example, subscriptions, loans, accounts, delivery of goods or services, warranty or recall information, or messages about employment and benefit plans. Practitioners should note that all such messages must have accurate header information, including originating e-mail addresses and domain names.
As senders, CPAs also must comply with other rules for commercial e-mails. They must clearly identify messages as advertisements or solicitations and indicate their content in the subject headings. Firms must provide a "clear and conspicuous" way for recipients to "opt cut"--refuse future e-mails--via a working return e-mail address or other mechanism that will function for 30 days after the firm sends the message. Once a firm receives an opt-out request, it cannot send any e-mail to that recipient beyond a 10-day grace period. For further identification and contact, a firm must include a valid physical postal address in its e-mails.
FOLLOW THE RULES
CPAs should look at their firms' e-mail solicitations and advertising carefully and take this self-assessment test:
* Am I sending e-mails with an appropriate originating address including the firm's domain name? For example, in "Tom.Doe@Doe_&_Co.xyz," the originating e-mail address is "Tom.Doe" and "Doe_&_Co.xyz" is the do-main name.
* Does the firm operate different divisions or lines of business, and is it identifying a particular segment as the sender? Under the act a firm's technology consulting division would be an entity apart from its tax services division if it is operated separately and so identified in e-mails. …