Email Marketing Compliance:
What you need to know in 2024
What is it, why it's needed, and what you can do to be compliant.
EchoFetch is dedicated to accessibility, inclusivity, and following email and marketing guidelines, regulations, and best practices to ensure your message gets delivered. Even so, it’s still worthwhile to have a basic understanding of the laws around email marketing to ensure your campaigns or your company aren’t breaking any. The following is just an overview, meant only to increase awareness and not to offer any legal advice.
ADA Email Compliance
What Is It and Why It's Important
The Americans with Disabilities Act (ADA) and the similar Access Canada Act (ACA) declared that companies must be ADA-compliant. The Web Content Accessibility Guidelines (WCAG) define how to make online content more accessible to people with disabilities.
Accessibility involves a wide range of disabilities, including visual, auditory, physical, speech, cognitive, language, learning, and neurological disabilities.
These accessibility requirements need to be included in your marketing emails, or you could be fined $75,000 for just your first compliance failure – the monetary risk of ignoring these laws is simply not worth it.
The Good News
Being ADA-Compliant in emails will be beneficial in two ways:
Helps disabled users read and interact with your emails.
A lot of ADA requirements fall in line with email best practices, which ultimately reduces spam and bounce rates, increasing delivery.
To find more details, see the Bureau of Internet Accessibility.
The following is an overview of ADA requirements.
Adding a Descriptive Subject Line
With a clear and descriptive subject line, so your email recipients know exactly what they’re clicking on. This generally improves user experience, but it’s especially helpful for people who use assistive technologies to understand an email’s relevance to them.
Use sentence case in the subject line and preheader, and add punctuation at the end of the preheader. Otherwise, it may read as a run-on sentence if it picks up more copy from the content in the email.
Proper Use of Headings
Adhering to the correct order of headings (<h1>, <h2>, <h3>) in your HTML email makes it easier for those who receive them to understand the structure and hierarchy of content appearing within the email.
This is helpful (and often necessary) for people who use screen readers or have certain disabilities that make reading more challenging. Headings are also helpful for all readers to understand information hierarchy.
Use Clear and Simple Language
Make your email content readable and understandable to aid individuals with cognitive disabilities and enhance readability for all recipes.
This means avoiding jargon, technical terms, and industry-specific abbreviations that might confuse readers. Opt for common terms and phrases that your audience will readily understand.
Write clearly, using proper grammar and punctuation.
Meaningful Link Text
Ensure all link text indicates to readers what the link is about. For example, “Learn more about how our services can help you” is a meaningful link text, whereas “click here” isn’t.
Generic link text also doesn't perform as well as a more thought-out one, which can hurt conversions.
Read more on Accessible Hyperlinks.
Add Sufficient Spacing
Add enough spacing around letters, numbers, words, and blocks of copy to reduce clutter and make the content readable. Squishing content together and making the reader strain to read your message will turn most people away before they even begin to read your email.
Your emails need to pass the "glance test." If reading your content using the glance test is hard, you might need to add more spacing.
Color Alone is Not Enough
Not everyone can see all colors, see a color as the same color as you, or easily differentiate one color from another. If you rely solely on color for buttons, links, important information, or conveying any information, your readers won't be able to read or interact with your email or graphics.
Bold important information and underline links to help readers navigate through your content.
Responsive Design
You can design an email that appears perfectly on a laptop or computer, but it's not going to look the same on mobile devices or be legible enough to read when fonts are shrunken to fit.
Create email templates that allow resizing for smaller screen sizes, resized fonts are big enough to read correctly, and layouts that keeps their intended order.
Ensure your email doesn't scroll left-to-right to avoid causing a poor user experience for everyone.
Use Accessible Fonts
By ensuring your content is easy to read, you not only assist readers with visual impairments but also enhance the overall user experience, a fundamental principle in Marketing 101.
Select legible fonts easily read when resized or presented with different styling or spacing. Consider a font's family, size, spacing, and color.
Sans-serif fonts with consistent widths, such as Arial or Verdana, are more easily read than a fancy serif or script font.
Read more on How to Select Accessible Fonts.
Alt-Text for Images
Add descriptive yet concise "alt-text" (or alternative text) on any images with text in them, or describe the image if the graphic is essential to your message so that people with vision impairments can understand your message when using screen readers.
Always start your alt-text with a capital letter and end it with proper ending punctuation.
Add a blank alt attribute (alt="") to images that assistive technologies don't need to read, such as dividers or other images used purely for layout purposes.
Use Emojis Instead of Emoticons
Emojis "🙂" are Unicode graphical images that display emotions, thoughts, and ideas.
Emoticons ":)" are textual punctuation marks, letters, and numbers. They look like emotions when placed near each other, but screen readers will read them as their literal text.
When including special fonts in your email, include their Unicode attributes to render emojis.
Always test to make sure your email-sending client and inboxes support emojis, or they can appear broken (☐) in your reader's inboxes.
More on Coding Emails for Screen Readers
Creating an HTML email template with the following attributes can save you a lot of time when making your next email:
Include the language (lang="en" or lang="es" etc.) attribute inside the <html> tag to tell screen readers what language to read your email in.
Add role="presentation" to all <table> elements used for content the subscriber needs to read and on images with an empty alt-text to avoid the name of the image being read.
Add the aria-hidden="true" attribute to images that should be hidden from screen readers.
Sufficient Color Contrast
To make your emails accessible for people with low vision or color blindness, it’s important to use sufficient color contrast between the font colors and their background colors.
The three compliance levels are A, AA, and AAA. Most emails should achieve level AA with a text contrast ratio of at least 4.5:1 with their background.
For a free online color contrast checker, check out WebAIM.
Read more on Choosing ADA-compliant Colors.
CAN-SPAM Compliance
What Is It and Why It's Important
The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations. The FTC enforces the CAN-SPAM Act and the accompanying CAN-SPAM Rule.
Each separate email in violation of the CAN-SPAM Act is subject to penalties of up to $51,744, so non-compliance can be costly.
The Good News
Following the CAN-SPAM Act increases your sender reputation and helps your emails get delivered.
To find out more in detail, see the CAN-SPAM Act for the US, Canada’s Anti-Spam Legislation (CASL) for Canada, and
Below is an overview of CAN-SPAM's main requirements.
Don’t Use False or Misleading Header Information
Your 'From,' 'To,' 'Reply-To,' and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message.
Don’t Use Deceptive Subject Lines
The subject line must be clear, concise, and honest, accurately reflecting the content of the message. Email clients, or mailbox providers, have caught on to "click-bait" advertising practices, trying to utilize this in your subject line will result in either going directly to spam or being outright blocked.
Identify the Message as an Ad
The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.
Tell Recipients Where You’re Located
Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations.
Clearly Provide an Opt-Out From Receiving Future Emails
Your emails must include a clear and conspicuous explanation of how the recipient can opt out of getting marketing emails from you. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you.
Subscribers and Members Can Opt-Out of Marketing Emails
Recipients of emails from a sender that runs a subscription service or membership program still have the right to opt out of marketing messages from you.
Honor Opt-Out Requests Promptly
Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days.
Pro Tip: Use an email-sending service that honors unsubscribes instantly, especially if you send emails more often than 10 business days.
Monitor What Others Are Doing On Your Behalf
The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.
GDPR Compliance
What Is It and Why It's Important
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for EU residents. This legal framework replaces the current EU Data Protection Directive (95/46/EC) with additional requirements that you need to be aware of. The new EU data protection regime extends the scope of the EU data protection law to all companies even outside the EU when they process data of EU residents.
The maximum penalty for organizations in non-compliance with GDPR can be up to €20 million or 4% of annual global turnover, whichever is greater. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach, or not conducting an impact assessment.
The Good News
If you are GDPR compliant, you are probably doing everything you need to do to be compliant with CCPA, CPRA, and all the other regulations that may impact your campaigns. GDPR compliance also looks very much like email marketing best practices.
For more details, see the Privacy and Electronic Communications Regulations (PECR) and General Data Protection Regulation (GDPR) for the UK.
Below is an overview of GDPR's main requirements:
Use Double Opt-In For Signups
Double opt-in is when individuals need to confirm their email address before being added to your email list and receive email communication from you. It is the double confirmation of their subscription to your newsletter or any services needing their email details.
Write a Clear and Concise Consent Message
Consent messages need to be easily understandable to individuals. Practices such as pre-ticked opt-in boxes and confusing or vague language (double negatives or inconsistent language), disruptive mechanisms are banned by the Regulation.
Record and Store Consent
You need to keep a record of how you obtained the express consent of the data subject. That includes the data subject who gave the consent, when the consent was obtained (data and time stamp, for example), and the specific purpose for which the consent was given.
Review Consent Data Regularly
You should review consent data regularly to check that the relationship, the processing, and the purposes have not changed, and consider using privacy dashboards to make it easy for individuals to update their consent preference. Any consent withdrawal requests should be processed as soon as possible and records kept.
Allow Users to Halt and Remove Profiling Data
Users have the right to:
Be forgotten; be informed; have data deleted; a copy of their personal data (within a month, free of charge);
Data portability – data electronically in a commonly used format;
Object; Halt; and
Decision-making and profiling.
Provide a Clear Method for Users to Unsubscribe
You should include the visible unsubscribe link in each marketing email where your subscriber can:
Unsubscribe to this marketing communication
Unsubscribe to all of your communications
Contact a return email address
Ask for Consent if You Send Data to Other Companies
You can only sell your marketing list if you have the specific consent of each individual to do so. This cannot be hidden in your privacy policy that is hard to find, difficult to understand, or rarely read.
Pro-Tip: The best way to get consent is to provide a separate opt-in box for each company you intend to share with to give the individual greater choice and to target your group’s marketing more effectively.
Be transparent about what you’re doing with people’s information
People have the “right to be informed” when you collect and use their personal information for direct marketing purposes.
You must do the following:
Explain why you want to use their information (eg to send postal marketing, to profile their buying habits).
Tell them if you intend to share their information with other organizations for direct marketing purposes.
Make them aware of their data protection rights (including the right to object to direct marketing).
Provide this privacy information to people at the time you collect their details.
If, at a later date, you want to use the information for other activities, you must give them further privacy information.
Data protection by design and default
You must implement appropriate technical and organizational measures to ensure that, by default, only the personal data necessary is processed, which includes:
The amount of personal data collected.
The extent of their processing.
The period of their storage and their accessibility.