Email is an important marketing tool for retailers, who should be aware of federal and state laws regulating its commercial use. Since its enactment in 2003, the Controlling the Assault of Non-Solicited Pornography and Marketing (“CAN-SPAM”) Act has attempted to curb the number of unwanted emails and impose some rules on a largely unregulated frontier. When followed, CAN-SPAM Act’s restrictions give email recipients some control over their inboxes and also maintain fairness in how emails present themselves. Failure to follow the CAN-SPAM Act can lead to penalties of up to $16,000 per violation.

In addition, thirty-seven states have laws regulating unsolicited email advertising. The majority of these state laws target commercial or fraudulent electronic mail.  Most state anti-spam laws prohibit using misleading information in the subject line of the message; misrepresenting or

Delaware’s New Privacy Policy Requirements

Effective January 1, 2016, Delaware became the second state in the U.S., joining California, to require operators of commercial websites that collect personally identifiable information to post online privacy policies. The Delaware Online Privacy and Protection Act (DOPPA) applies to anyone who operates a “commercial internet website, online or cloud computing service, online application, or mobile application.”

Before this Delaware law was passed, California was the only state to have enacted a law requiring operators to post a privacy policy.  See Cal. Bus. & Prof. Code §§ 22575-11579. As a result, most privacy policies were developed according to the California requirements. California’s law applies to an operator of a commercial website or online service. On October 30, 2012, the California Attorney General announced in a press release that it considers mobile apps to be a form of “online service,” thus making California’s privacy policy requirements applicable to mobile apps. Delaware’s law codifies the understanding that privacy policy laws apply to mobile apps. Given that 40% of top selling mobile apps still do not have a privacy policy, Delaware’s new law could provide the needed certainty to many companies. Companies should review their privacy policies to ensure they meet Delaware’s new requirements.

Top Three Differences between California and Delaware Privacy Policy Laws