This is a transcript from episode 60 of the OMGrowth podcast

I’m Lanie Lamarre and right now, I have a problematic relationship with dill pickle sunflower seeds. I’m not sure how I’m going to kick this new habit but hopefully it’ll be as easy as being legally compliant to international law with the emails you’re sending. Today, we’re going actually break down what being compliant with your email marketing means for you and for the people on your email list, and I have all the confidence in the world that this episode will make you feel more confident about how you’re operating your own business.

Getting legally compliant with how you’re sending email sounds intimidating… until you start doing it. Then you realize that most of it is common sense and all of it is based on getting email marketers to act and interact like actual human beings who were raised to be polite and kind to one another. (Yes, even online!)

Which is something we can all get behind, n’est-ce pas?

Before we get into the specific laws that impact your email marketing practices, let’s start with the most important element of any email you send: acknowledge that you’re connecting with a real human being and they are the most important part of this entire interaction.

The laws you have to abide by aren’t the laws that you, the sender, are governed by. Instead, it is the laws that protect your recipient that you need to obey when you’re sending email to them. It makes sense if you think about it because these laws are put in place to protect the consumer. When it comes to email marketing, the recipient of your email is the consumer.

Does this mean that you are expected to adhere to the laws that govern every different nationality you have on your email list? Well, actually yes, that IS the expectation. However, you don’t have to enroll to law school or become an international privacy expert or anything to do that.

There’s a lot of overlap with what these laws cover and that makes sense. After all, the purpose and focus for all these laws is to protect the consumer, and no matter where the law is coming from, the ways to do that have much more in common than they are different.

If you live by the motto “don’t be a grossy-pants marketer”, you’re probably good. But just in case, let’s walk you through what that actually means and some of the ways “being a decent human being in the inbox” is legislated.

If you have any specific questions or concerns about this, I would encourage you to seek out counsel from either a lawyer or privacy expert who specializes in this area to provide you with individualized feedback.


Just like music festival posters start by putting their headlining acts up to in big bold letters, we’re going to take the same approach here and begin our conversation with the European Union’s General Data Protection Regulation, or what the cool kids like us refer to as GDPR

If you were in the digital marketing world back in the spring of 2018, you’ll remember the straight-up “chicken little, sky is falling” vibes that felt all over the world wide web at the announcement that GDPR was about to be enforced and everyone had better fall in line.

It was full-on panic mode as to how small-scale marketers like you and I would be able to segment our EU-based email subscribers from the rest of the world in order to comply. That is, until about 6 months into it all and we realized that what GDPR was asking us to do was actually easier to apply to all of our email opt-ins rather than trying to segment everyone’s opt-in options by region. Especially when most of what we were talking about was obtaining consent to collect someone’s email address, a practice that really should not have been the cause for such wide-spread concern.

But at the time, the belief and general consensus was that GDPR would represent “the end of email marketing”. Of course, this isn’t the case and email marketing remains the top converting traffic source for most online businesses. What GDPR did put an end to, for some, was the facility to spam people who did not want to receive your emails or who did not agree to receiving emails from you in the first place. For most people, this wasn’t actually a problem. While some worried that GDPR was “anti-business”, that wasn’t at all the case; the enforcement was actually “pro-consumer” that placed the consumer’s consent to communications as a priority. This wasn’t a zero-sum game the way some had frame it but rather, it created more transparency and compliance between business owners and their customers.

The major change that came from reinforcing GDPR was the act of collecting explicit consent from the person whose personal information you, the business owner, were collecting from EU residents.

Email marketers were expected to provide the purpose for which they were collecting this personal information and explain the intent behind how it would be used, and EU-residents had to be provided with the clear option to agree or disagree to the stated intent of use. There was also the added element of agency: by law, these same people would have agency as to how you would use this information. If they chose to no longer me on your email list, GDPR law states that they must be provided with an easy way of unsubscribing from receiving any further correspondence from you by way of a link or a button that was included in every communications you sent their way.

In short, the logical, ethical and dare-I-say reasonable enforcements made to email marketing by GDPR included:

  • Obtaining consent from email subscribers to receive further communication;
  • Requiring email marketers to identify and communicate how an individual’s contact information was obtained; and
  • Providing email subscribers with the option and agency to manage their subscription settings in every email that is sent.

Not exactly restrictive, right? At least, that’s how a lot of email marketers saw this. As a result, the practices enforced with GDPR made more sense for most marketers to take an “across the board” approach than it was worth the trouble of trying to segment EU traffic from the rest of world.

Canada’s Anti-Spam Legislation

While GDPR is the most popular kid in the class of email marketing legislation, it had its predecessors.

In 2014, Canada’s Anti-Spam Legislation (CASL) was passed. In the summer of 2018, just after GDPR was enforced, the Spam Reporting Center reported more than 137,000 spam complaints, the top reason for this stated as receiving email to which they did not consent. They also reported that text message spam was on the rise and I suspect that as marketing is more inclusive with the use of text messages, messenger and chatbots, we will see more specific privacy legislations covering those areas as well.

We will talk a lot more about spam next week and how you can avoid being labeled as a spammer (ew!) but if this is a subject you want to learn more about, there’s a lot of great info to be had at The reason I mention this now, though, is because those same themes of “obtaining consent” that define GDPR are also found at the forefront of Canada’s Anti-Spam Legislation. It also stipulates that the sender has to be forth-coming about who they are and as such, email marketers must include:

  • A “from” field that clearly indicates who the sender of this email is;
  • An honest street and/or mailing address where the sender can be reached; and
  • The use of subject lines that are not designed to be misleading, deceptive or dishonest.

I, for one, do not want to live in a world – not even a digital one! – where these aren’t accepted as baseline courtesies we all respect and adopt. I know the main issue here comes up with solopreneurs who say, “But Lanie! I don’t want to post my home address”. Fair enough and you can write off a PO Box or virtual mailbox as the cost of doing business.

You’re entitled to keep the “personal” aspect of your personal information, but you’re sending these emails as a business owner and there’s an expectation that you will act like it. Meanwhile, when the situation is reversed and you’re the consumer, you can be glad that the people you’re doing business have to be transparent about some basic concepts like who they are, where they’re located and what they’re contacting you about.


The Federal Trade Commission (FTC) was the first to enact a national standard for the sending of commercial email with the CAN-SPAM Act in 2003. Its official title is a little more of a mouthful, though, because CAN-SPAM stands for Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003.

While the Act does not reference obtaining explicit consent, it touches on most other items we’ve already discussed like providing a physical address, providing the option to opt-out of communication, and avoiding the use of deceptive or misleading subject lines.

It also stipulates that if a message is actually an advertisement, the sender is required to make it clear that this message is, in fact, an advertisement. This includes any other framing you may use for money or products you receive in exchange for sharing the message, such as affiliate commissions or brand sponsorships.

If you’re getting a little something-something in exchange for sending a message out, you are expected to disclose this fact.

There are also many other related laws covering many different nations. I encourage you to read up and research these topics further based on where your email subscribers are coming from, and to speak with a legal and/or privacy professional for any concerns you may have.

However, as I promised you, there are a lot of common themes and overlap with what these laws set out to cover, and an over-simplified but not-entirely-wrong approach is to ask yourself “am I treating this like an actual human interaction?”. The most significant differences between these laws are typically in what constitutes a breach according to which law and to what degree the penalty is enforced, but the foundations they’re grounded in are all share.

My hope is that you’re reading this and thinking, “OK, Lanie, but this is a whole lot of common sense and human kindness, right?” Because yes, you would be right to say this. As I mentioned earlier, these laws aren’t set out to be “anti-business” but rather, they’re positioned to be “pro-consumer”. Nobody’s trying to “ruin” your email marketing campaigns but there was always that one kid who CAN ruin it for the rest of the class, and these laws prevent that from happening by setting a baseline of acceptable ethics and behaviors with how we communicate online.

Because hey! not EVERYONE sees these requirements as the common courtesy we should all be entitled to and they’re the ones keeping these lawmakers in business. The truth is that you’d be hard-pressed to take a legal wrong turn if you looked at your email marketing campaigns and asked yourself “what would I like and what would I want to receive? how do I like to be spoken to and communicated with?”. 

And look, next week, I have a big announcement to make. Another big announcement? Yes, another big announcement – I’ve been full of them this quarter, right? Does it have to do with email marketing optimization? Of course it does, boss! You know I’m no good at surprises – so, next week, I’ll talk more about that as well as email marketing KPIs and engagement metrics because your open rates are officially vintage now. But like, not the good type of vintage; the kind of vintage that HGTV is like “we have to take this house down to its studs” and we’re doing THAT next week because you’re my favorite. Talk soon, baiiieeee!!