S3 E21: Don’t Forget About Email in Your Marketing Compliance Program

Audio version

Don’t Forget About Email in Your Marketing Compliance Program

Transcript

Jordan Eisner (00:00)

All right, everybody. Welcome back. Another episode of Compliance Pointers sponsored by none other than CompliancePoint, consulting firms specializing in a lot of areas. But one of those areas is marketing compliance, as we call it, or regulatory compliance with a variety of outbound calling and texting and emailing laws.

And so we’ve got Tony Jarnigan from our marketing compliance group. A 20-plus year vet in this industry, not only with compliance point, but also with other organizations working internally to help with compliance around and really risk management around this area.

So Tony, I was surprised when I saw the topic of this podcast today. We’re talking about email compliance. And I would say for our listeners, forget everything you thought you knew about CAN-SPAM superseding all state law. Apparently that’s not exactly right. And that’s something I had thought for a long time. So we’re going to be talking about the Old Navy. I guess recent, I don’t know if it was a settlement or if it’s still allegation or where it is, you’re going to, you’re going to enlighten us on that, but that’s really a topic of discussion today. So let’s start there. What, what happened with Old Navy? And then we’ll dive into some of the details and things our listeners should know around emailing, not just because of the federal law, but also a couple of state laws too.

Tony Jarnigan (01:25)

No, no, no. First of all, you’re absolutely right. And by the way, you talk about my longevity in the industry. I was in the industry when CAN-SPAM came out in 2003. I ⁓ have that perspective as well. ⁓

Jordan Eisner (01:41)

You’ve been consulting on email compliance before CAN-SPAM was even a thing.

Tony Jarnigan (01:46)

That’s right. ⁓ No, but anyway, but you know, you’re absolutely right. It’s like, you when we think about email, it’s usually just about can spam, right? and ⁓ businesses, organizations don’t think they necessarily, or they don’t even, they’re not even aware of any state laws, right? And I mean, I’ve even had some internal conversations with other folks with people and in our industry and they’re like, what, what a state law. What are you talking about? I thought CAN-SPAM preempted state law. And by the way, just for our listeners, right? Preemption is a legal principle. Just means that, you know, when you have a federal law, we have a federalist form of government, right? Where we have a federal government and also state laws, state governments. But the principle of preemption just means that, you know, when there’s a federal law that preempts, has a preemption clause that it preempts state laws, it just means that states cannot enact laws that conflict or add additional restrictions to what the federal law says.

And TCPA is a good example of one that does not have preemption, right? So that’s why we see a lot of state laws in the TCPA world or in the telemarketing world that are more restrictive than the TCPA. But CAN-SPAM does have the preemption clause, but there’s also what’s known as the savings clause. It’s like we preempt this and this and this and this except for this. And the except for is important to know because that’s the part that allows states to enact laws around misleading statements, right? And typically these laws, there’s about 20 state email laws that at one point or another, right? Oh yeah. Well, but here’s the thing. Those laws, many of those laws were in place before 2003, before it can span, right? But then when CAN-SPAM came along, it preempts those provisions. So there’s only a handful really that still have any teeth to them. I would say that even of those, in California and Washington, right? We’re going to talk about the Washington case because it’s the most… We’re going to talk about the Washington case because it’s the one that’s, you know, most recent, most prevalent.

Jordan Eisner (03:57)

It’s always those two.

Tony Jarnigan (04:04)

What triggered this whole thing. And then a reminder that, there are these state laws that you got to be worried about too. But the thing about it is though, is that, again, these state laws don’t impose additional restrictions or any kind of contradictory restrictions than the CAN-SPAM. If you’re complying with CAN-SPAM and the provisions of CAN-SPAM, you should be good with these state laws. It’s just that,

Jordan Eisner (04:30)

Okay.

Tony Jarnigan (04:33)

The state laws provide a different enforcement angle, right? Because CAN-SPAM is only enforced by FTC or the state attorney general. But these state laws have those pesky rights of action, private rights of action, right? So this is exactly what happened.

This is a good segue to actually answer your question.  The Old Navy case where these people, Old Navy sent out these emails that were saying final hours today only and it created a false sense of urgency because these people said, well, it didn’t really end today or the final hours, right? I mean, what’s final hours? mean, you know, it doesn’t have to be, does it mean less than 24? Does it mean today or what? apparently these, you know, businesses do this all the time, right? They try to create a sense of urgency, but it’s, if it’s a false sense of urgency, at least in this case, it’s a big deal. So these people brought an action and it ended up being a class action. And it was a divisive ruling. First of all, the state court agreed with the Old Navy. And their argument had been that we’re not misleading about the commercial nature of our email. That’s the one that most people think about, right? That’s what I was thinking.

You use a subject line that, you know, that makes it look like it’s transactional or informational, right? And then you click on it and come to find out the more you dig and deep, the deeper you dig, you find out that it’s a commercial email, right? They’re trying to sell me something. And so the state court agreed or the trial level court agreed that with Old Navy, that it wasn’t misleading about the commercial nature, right? I mean, you see final hours and you think, well, they’re trying to sell me something, but I got to act quick.

But the Supreme Court said no, the Washington Supreme Court said no, that if it misleads about any aspect, if it’s a misleading subject line, header, and in this case it was misleading because it created a false sense of urgency, then it’s actionable. And so old ladies, they got in trouble for it. And so it’s a lesson to, you know, don’t want to preempt a lot of, there’s a preemption, I don’t want to be preemptive here.

Yeah, that I’m going to talk about all the lessons, right? But it’s just it’s a good lesson to don’t get, you know, cute and loose and fancy free about your sub declines. Sure.

Jordan Eisner (07:11)

So, and I, in the 12 years here at Compliance Point, working around these laws have not seen a lot of enforcement around email. In fact, we consult on and advise clients around CAN-SPAM have for years, but I’ll be the first to tell them it’s pretty black and white. Read the law. We’ve got some great summaries. You could probably… manage a lot of this yourselves and a lot of companies do. Now every once in while they want us to assess current states, see if their policies are actually being followed, but ⁓ it’s never seemed like there’s really been a lot of enforcement in it. So this was a surprise for me to see. You said there’s a handful of states. Maybe you know them off the top of your head. Maybe not. You already mentioned California and Washington. So is this enough you feel that organizations should start to iterate what’s been their policy and processes and governance around CAN-SPAM and start to maybe even create little nuanced rules internally around emails going to consumers or residents of Washington, California. Is it to that degree or is it more so? Hey, this is just. Their validation that you need to be kicking the tires on CAN-SPAM because maybe the FTC is not gonna be as concerned, but if you’re not following CAN-SPAM in Washington or California, you could be more susceptible to some sort of lawsuit.

Tony Jarnigan (08:48)

Well, I think it’s maybe a hybrid of both of what you said, because I do think that if you’re complying with CAN-SPAM to the letter, you should be fine in these states as well, right? Again, because they’re not imposing additional restrictions or any contradictory restrictions. It’s not like, you know, in CAN-SPAM, right, you have to honor opt-outs within 10 days.

So if a state said we’re going to impose a law that says you have to honor opt-outs within five days. They wouldn’t be able to do that. CAN-SPAM says that you have to keep your opt-out link active for at least 30 days. We think best practice, you should keep it active 60 or 90 days. so a state wouldn’t come along and say that you have to keep your, say something along those lines. So if you’re complying with CAN-SPAM, you should be good in these state laws. It’s just that, again, that, you know, who are you going to get on? Whose radar are you going to get on? Right? So, you know, a lot of, to your point, think a lot of organizations would be like, well, you know, even if I get a little cutesy with my subject lines, you know, I’m never going to get on the radar of a FTC, right, or state attorney general. Think about all the things that would have to happen in order for that to happen, you know, for that to happen.

Yeah, but now you it’s so with Washington and ⁓ California, you’ve got these laws that have a private rights of action. Utah is another one that you asked about other states. Utah is another one that comes to mind. Maybe Virginia. But, you know, again, these are not without a little bit of controversy, right? Because it’s like, well, first of all, what is misleading? Right?

What about puffery? Right. And in fact, the Washington Supreme Court talked about puffery. Puffery is also another legal principle that says that, you know, if you make a statement that’s really, uh, not measurable, it’s not, you can’t prove it as being a fact or fiction, right? It’s subjective. It’s not measurable. Yeah. You know, we’ve got the best burgers in town, right? How do you measure that? Yeah. Um, you know, that sort of thing, but, you know,

Jordan Eisner (11:06)

That’s why you know Clorox and some of these other ones say that they eliminate 99.9 percent of germs because they don’t want to say 100.

Tony Jarnigan (11:15)

Right. You never know what other germs might be out there, right? But no, you’re absolutely right. But so yeah, puffery is probably still OK. But you know, the rule of thumb that I’ve been advising, but even in past roles and past companies that I’m always adhere to both in my review of collateral and also what I would tell my clients is make sure that your statements meet a two-pronged test. One is it has to be truthful.

And the second one is it cannot be misleading and it has to be both of those right because I can make a truthful statement to you. But it could be misleading if I omit important context right? I’m sorry.

Jordan Eisner (11:58)

Integrity emailing.

Tony Jarnigan (12:02)

That’s right. One of the examples that comes to mind is that I used to use in a lot of my training in the past was if somebody asks, how much does this cost? And you say, well, there’s a one-time purchase price of X amount of dollars. That may be a truthful statement, right? But it’s also misleading if I don’t tell you that there’s annual dues.

There’s this fee, there’s this, and you’re going to be paying really for this for a long time, as long as you’re a member or as long as you’re a subscriber. So a statement can be truthful, but still misleading if it omits important context. So make sure it’s truthful and not misleading. And then subject clients are good example. Another example I can give you is that in one of my past roles, a marketer had a great idea. says, we’re going to try to upsell our current customers. So we’re going to use a subject line that says, we’ve been trying to reach you.

Well, I get an email that says from a company you’re currently doing business with that says, we’ve been trying to reach you. You think, my God, what? There must be something wrong with my account or my membership, my subscription. Then you open up the email and then it’s like, well, we just really want to know if you’re interested in adding on or if you want to increase your level of subscription or your business with us or purchase something additional.

You know that sort of thing. So I would. I would submit to you that that’s a misleading subject line ⁓ because and by the way that goes to the commercial nature. To me, that’s trying to hide the commercial nature of the email, right? Only to open it up and find out that it’s really trying to sell you something. again, even if you’re making right, but even if you’re making these other statements like creating false sense of urgency or whatever,  that’s can span. Lesson number one is make sure your subject line captures the true essence and meaning and purpose of your email.

So again, if you’re complying with CAN-SPAM, you should be good in these state laws. It’s just that even though you’re not doing something that may get on the radar of the FTC or a state attorney general, these consumers know about these, particularly when you get a high profile case like this, all of a sudden it can be a snowball thing, right? And it’s like these other consumers say, hey, well, I think this is a misleading subject line and I’m gonna bring action under, if I’m in Washington, Washington law or California, respectively.

Jordan Eisner (14:35)

Well, let me ⁓ let me summarize this podcast then with a with a question or maybe a suggestion on what our listeners should do in terms of the email marketing. You can say yes, or you can add any color to it and that can put the bow on this podcast. But if you’re abiding by can spam, which is the law around email marketing, you should be mostly safe, but ensure that.

You’re not getting cutesy. I think you used that word earlier, or you’re not trying to get. Falsely creative about how you work around those laws and and OK, well, it’s the you know, technically it’s it’s legal what we’re doing. But it can be argued that it’s a little bit deceptive. It’s not really best practice and it’s not really integrity emailing, even though it might skirt the laws of CAN-SPAMbecause states like. Washington, California, perhaps Utah, Virginia, you could have consumers put together a prior right of action and you could be looking at allegations against.

Tony Jarnigan (15:44)

Exactly right. yeah, that’s the. I think it was the it’s the Washington law that has the you know it was a $500 per violation. In California it is $1000 and again you. Class action and it’s often races. Yeah, right? So no, that’s a great point. So yeah, there is just again. There’s nothing wrong with being creative, right? And if you’re a creative type, we know more power to you.

But just make sure that you’re meeting that two-pronged test. Make sure it’s truthful, not misleading. Make sure you capture the purpose of the email. Make sure your subject line is catchy, but it does all those things. Your header the same. Then of course, obviously, make sure you’re compliant with all the other elements of CAN-SPAM. You give a clear and conspicuous, easy way to opt out.

You are honoring opt-out best practices to honor opt out as soon as possible, but certainly within 10 days, keep your. What’s that? business. Yeah, technically, yeah.

Jordan Eisner (16:44)

Business days, right?

I remember they were talking about, they’re talking about making a change to that, I thought, or maybe I dreamed that.

Tony Jarnigan (16:56)

You might be talking about opt out and telemarketing and texting, right?

Jordan Eisner (17:01)

I it was with email. thought that I thought it may be I need to I need to circle the wagon on this, but I thought I heard something about it. It would make sense. The law was written in 2003. We’ve gotten a bit more sophisticated with systems and applications and should be able to honor opt outs quicker than 10 business days and keep those links going for longer than 30 days. And I thought maybe they were going to look to update the law accordingly, but maybe not.

Tony Jarnigan (17:28)

Yeah, I can’t remember off the top of my head. You might be right. yeah, there’s a few lessons, right, that I would say just make sure our listeners are keeping in mind, is just don’t treat email compliance as an afterthought because you do have these hand-walled states that have the private rights of action. Avoid defacto misstatements, right?

Review your campaigns. You mentioned earlier, right? Is it something that you should be more attention to because you’re in Washington and California? Maybe, but again, it’s a good idea to be compliant no matter where you are, right? Yeah. ⁓

Jordan Eisner (18:08)

Also because of brand reputation, consumer trust, that’s becoming more and more important as time goes on. I it’s always been important, but I guess what I mean is it’s becoming prioritized even more than it used to be.

Tony Jarnigan (18:23)

And the other thing is, is train, train, train, right? Communicate, communicate, communicate. Make sure you’re training your marketing teams on these things. And by the way, you should have, I’m really surprised at the number of clients we talked to during assessments or whatever. And we find out that, ⁓ you know, does your legal team or your compliance team review every single email? And like, no, they don’t know. But it’s a good idea, right? To have your legal team.

Jordan Eisner (18:52)

The templates. You don’t mean every single email that goes out, but you mean a draft campaign or style.

Tony Jarnigan (18:53)

Right, well yeah.

Well, mean, that’s a good point. I think if you said that subject lines are, and as we sort of teased out here, right, subject lines and headers are probably the higher visibly things that you could do wrong, right, in terms of put you in scope for these laws. I think that, I mean, in past roles, we have had processes in place where it’s not even so much that every single email needed to be reviewed from A to Z, right? But your subject lines had to be reviewed. So and certainly if you’re using something that you feel is sort of out of the box, you certainly should get buy in from your legal department or your compliance department on those. But yeah, I mean, there are some organizations that, you know, to make sure they’re buttoned up, they anytime that a new subject line is going to be used, they’ll run that past their legal department to make sure that it’s reviewed even first and foremost for the whole subject of the email or the content of the email.

Jordan Eisner (20:12)

Well, Tony, I think this has been a great summary for those that, like myself, I’ve had questions. Wait, wait, who, what somebody’s being sued for email. Okay. I don’t see that very often. Wait, there’s state laws or state requirements that can actually be leveraged even with canned spam and preempting state law. So this was a good breakdown of that. I think it’s going to be valuable for our audience.

 And, speaking of for our audience, if you like this sort of valuable content, you can get it regularly. from Compliance Pointers. Subscribe, comment, interact with us and many of the channels where this podcast is released and give us a visit online to compliancepoint.com. com,  inquire at connect at compliancepoint.com and reach out. There’s many different channels we’d be happy to help and talk through these different areas. Until then, next time, be well everybody. Thanks, Tony.

Tony Jarnigan (21:07)

Thank you, Jordan.