Email is an important marketing tool for retailers, who should be aware of federal and state laws regulating its commercial use. Since its enactment in 2003, the Controlling the Assault of Non-Solicited Pornography and Marketing (“CAN-SPAM”) Act has attempted to curb the number of unwanted emails and impose some rules on a largely unregulated frontier. When followed, CAN-SPAM Act’s restrictions give email recipients some control over their inboxes and also maintain fairness in how emails present themselves. Failure to follow the CAN-SPAM Act can lead to penalties of up to

Delaware’s New Privacy Policy Requirements

Effective January 1, 2016, Delaware became the second state in the U.S., joining California, to require operators of commercial websites that collect personally identifiable information to post online privacy policies. The Delaware Online Privacy and Protection Act (DOPPA) applies to anyone who operates a “commercial internet website, online or cloud computing service, online application, or mobile application.”

Before this Delaware law was passed, California was the only state to have enacted a law requiring operators to post a privacy policy.  See Cal. Bus. & Prof. Code §§ 22575-11579. As a result, most privacy policies were developed according to the California requirements. California’s law applies to an operator of a commercial website or online service. On October 30, 2012, the California Attorney General announced in a press release that it considers mobile apps to be a form of “online service,” thus making California’s privacy