Is Cold Emailing Illegal? (Laws in the US, UK, EU, Australia, and Canada)

To send or not to send cold emails? If you find yourself pondering over this question and feeling a little closer to Hamlet, you’re not alone. “Is cold emailing illegal?” is a question many SDRs have as they write  an email to a complete stranger. 

Until there’s a better, more respectful way to reach a stranger, cold emails remain the kingpin of sales outreach strategies. And if it is the legality that you’re worried about, we have the answer.

We give you a rundown on whether cold emailing is illegal in different countries, what the differences between a cold email and spam are, and how you can write cold emails that won’t get flagged.

So, to answer your question: Yes, businesses like yours can send cold emails *if* you follow a certain set of guidelines, all of which we will break down here.

Is Cold Emailing Illegal?

The short answer is no, cold emailing is not illegal. 

The long answer has a “but” in it. And that “but” depends on where your cold outreach takes place. Much like other things in life, you need to follow certain rules and regulations which vary with location, government, and customs. 

Depending on where your prospects are in the world, you will have to align your cold email campaigns to ensure you don’t violate certain laws. Just like when you visit Venice and avoid feeding pigeons because it might attract a whopping €500 fine. 

Laws concerning cold emailing aren’t as bizarre, but they can nevertheless injure your cold outreach seriously. The most well-known regulations, such as the CAN-SPAM Act and GDPR, lay down rules for cold emailing in the US and Europe, respectively. We’ll be getting to that shortly. 

But before that, we’re going to address a question that continue to haunt salespeople even today: “How to avoid spam?”

What is a Spam Email?

Spam emails are unwanted, unsolicited email messages sent in bulk, according to Norton Security. B2C marketing emails, newsletters recipients never signed up for, phishing emails, and sales emails sent to an unreasonably large number of people can count as spam. 

This spray-and-pray outreach strategy is a fast track to getting caught by spam filters, losing sender reputation, and reducing your email deliverability rate. Besides being a complete 180 from what sales outreach really entails: Researching leads, their pain points, contacting leads that fit your ideal customer profile, and personalizing your outreach.

Why Do My Cold Emails Go to the Spam Folder?

Before we get to the why, let’s understand the how. There are 2 major ways your cold email might grace the spam folder:

1. If the email service provider’s (ESP) spam filters are triggered

Your cold emails don’t get a free pass to your prospect’s inbox. Your prospect’s ESP has spam filters in place that help sift unsolicited commercial messages out of the mix so as to not burden the inbox.

2. If the recipient marks you as spam

This can happen when the content of your email adds no value to the recipient, includes unnecessary urgency, conceals the sender’s identity, etc. This just annoys the prospect and drives their cursor right to the spam button. 

That said, here are some reasons why your cold email might be ending up in the spam folder. 

• Email’s  content, subject line, or both contain spam trigger words
• Sender information is inaccurate
• You don’t have permission from the recipient to send emails
• Email authentication is incomplete
• Unsubscribe link is missing 
• The recipient marked your email as spam

These are some of the most common reasons why your emails aren’t reaching their destination. And so, if you’re looking for a quick check, analyzing your cold emails with these points in mind isn’t a bad start. However, to get the full picture, understanding cold email laws is best.

What Is the Difference Between Cold Email and Spam?

Cold emails aren’t spam. This outreach technique has, over the years, gained a bad rap thanks to poorly executed sales outreach strategies that lack research, disrespect prospects’ time, and are too pushy or intrusive. So, here’s a quick rundown of how the two are different.

Cold Emailing Rules and Regulations in Different Countries

If you send a cold email that doesn’t comply with your recipient’s country’s laws, you can be subject to penalties running into 1000s  of dollars. Here are summaries of cold emailing laws in different regions across the world.

1. Cold Email Regulations in the United States

The CAN-SPAM Act 2003 was enacted to regulate commercial emails, offer recipients an option to stop receiving them, and impose penalties on businesses that violate the provisions. 

Under this law, each cold email sent in violation of the CAN-SPAM Act can attract penalties of up to $46,517.

How To Stay CAN-SPAM Compliant?

• Include accurate information

This comes as no surprise, but this US cold email law requires businesses to share accurate and updated information. Any misleading or false information in your “from” and “reply to” lines will be considered a direct violation of the law. 

• Share your location

The CAN-SPAM Act requires SDRs to include their business’s genuine physical address at the bottom of the email, right after the cold email signature.

• Make sure they can opt out

All emails in your cold email campaign must offer the recipient the option to stop receiving your email. Once you receive an opt-out request, you must process it within 10 days in order to prevent any legal proceedings.

2. Cold Email Regulations in Europe

Countries part of the European Union observe the General Data Protection Regulation (GDPR) to regulate data privacy and cold email in the region. 

Under EU GDPR, non-compliance penalties can go as high as €20 million or up to 4% of the total global turnover, whichever is higher.

How To Send GDPR-Compliant Emails?

• Make sure you have a good reason to reach out

Under the GDPR, it’s essential to have a valid reason for reaching out as you’ve processed the recipient’s data for emailing them. Due to this reason, it’s best if you only contact those most likely to need your service or product. This falls under the definition of ‘legitimate interest’ under GDPR.

• Be transparent about the data source

As the GDPR exists to protect data privacy, it’s vital that you disclose where you got the recipient’s email address and other data from when you send over a cold email. If your prospect is not keen on receiving emails, the law requires you to delete their data from your system. 

• Include an easy way to opt-out

When you send a cold email, you should also provide a quick and easy way to opt out of your emails. Ensure that you include a clear message within your email to clarify how the recipient can opt out. Subsequently, you must also delete their information from your database if they have raised an opt-out request.

3. Cold Email Regulations in the UK

The United Kingdom has 3 laws governing cold emailing in the country. These are, 

1. The UK GDPR 2020

Much like the European version, the UK GDPR also aims to streamline sales outreach activities. Non-compliance can attract a fine of up to £17.5 million or 4% of the company’s annual global turnover, whichever is higher.

2. The Privacy and Electronic Communications Regulations (PECR) 2003

PECR covers areas including marketing by electronic means, and privacy of customers using communication networks or services. Violation of its provisions can invite a maximum penalty of £500,000.

3. The Data Protection Act 2018

DPA 2018  controls how personal information is used by organizations, businesses or the government. As is the case with the UK GDPR, non-compliance can attract a fine of up to £17.5 million or 4% of the company’s annual global turnover, whichever is higher.

How To Be Compliant with The UK’s Cold Email Laws?

• Gain consent from the individual recipient

In the case of B2B cold emails, SDRs don’t need consent to shoot emails. However, if you’re contacting individuals, the law mandates that you must obtain consent and prove a legitimate interest to justify the cold email. 

• Provide company details within the email

It’s essential to mention your company information, such as contact details and a physical address, within the email.

• Add an appropriate subject line

Make sure that your cold email subject line is free from false promises and clickbait. It should be relevant and connected to the content of the email. Anything unrelated or in poor taste could result in heavy fines.

4. Cold Email Regulations in Australia

Australia follows the Spam Act (2003), which applies to all emails. Under this Australian cold email law, all electronic marketing material needs recipient’s consent before contact. 

An important point to note about the Spam Act 2003 is that it applies to all cold emails opened within the nation’s boundaries, irrespective of where they originated from. 

In case of non-compliance, organizations could face a maximum penalty of 10,000 penalty units, which is nearly $1.3 million. For an individual, the penalty is 2,000 penalty units or nearly $257,000. 

How To Stay Compliant with the Australian Spam Act?

• Gain consent from the recipient

Under the Australian spam law, consent can be expressed as well as implied.

Expressed consent: This includes instances where recipients have completed a form, shared consent over the phone, given consent in person, or even simply ticked a box on a website. It’s always a good idea to keep a meticulous record of recipient consent in case of any misunderstandings.

Inferred consent: If your prospect shares their contact details with you, the Spam Act 2003 recognizes it as implied consent. Hence, your emails will be considered legal. 

• Make your identity clear

Your name, company details, and contact information should be provided within your email. If someone else is sending the message on your behalf, your legal name should be mentioned. You can either provide your full name or your legal business name–this information must remain valid for at least 30 days after sending it.

• Add an unsubscribe link

Your cold email must allow the prospect to raise an opt-out request. This must be in the form of a clearly visible ‘unsubscribe’ option. Further, no charges must be levied on the prospect to exercise this option, and they must not be expected to login to an account to unsubscribe. Lastly, the prospect’s unsubscribe request must be honored in 5 days.

5. Cold Email Regulations in Canada

Canada’s Anti-Spam Law (CASL) took effect in 2014 and applies to all commercial electronic messages (CEMs), such as emails and texts. Its most discerning feature is that it requires all native and international businesses operating in Canada to gain consent from their recipients before sending cold emails. 

According to Deloitte, Canada’s anti-spam legislation is one of the toughest of its kind. This is because, in most cases, SDRs require explicit consent from the recipient before sending cold emails. Further, non-compliance fines can cost as high as $10 million. 

How To Stay Compliant With CASL?

• Gain explicit consent from the recipient

Under Canada’s anti-spam legislation, SDRs must have the prospect’s explicit consent to send cold emails. Earlier, implied consent was inferred from simply having a past business relationship. But now, it can only be inferred if the recipient publishes their electronic contact information or shares it voluntarily without denying CEMs. In all other cases, you must obtain express consent. 

• Identify yourself accurately

Cold emails must clearly mention sender details such as name, contact information, physical address, and an active and valid email address. 

• Offer clear unsubscribe options

All emails must include a quick and easy unsubscribe link and SDRs must honor such opt-out requests.

6 Best Practices to Write CAN-SPAM, GDPR-Compliant Cold Emails

Coming to the real question: How can you implement the above laws and make a cold email truly bulletproof? By ensuring these 6 best practices are checked off for each cold email that shoots out.

1. Avoid Clickbait Subject Lines

Clickbait subject lines might get the email opened, but it is shortsightedness at its finest. Once the prospect realizes you’ve exaggerated, misled, or lied to them, it’s a one-way ticket to the spam folder. And with that, your hopes and dreams of nurturing them down the sales funnel go out the window.

Your cold emails are meant to help you build a long-term relationship with your prospect. Starting off on the wrong foot can cost you not just that individual prospect, but your email deliverability rate and your sender’s reputation too. 

Here are some examples of deceptive subject lines:

• You’ll never believe this!
• Want to become the best?
• Free goodies inside!

Not to forget—once bitten twice shy. Your prospect won’t make the same mistake twice. If by some fluke your cold email does make it to their inbox, seeing a subject line like this will be proof enough for it to remain unopened or get transferred to the spam folder.

2. Be Open About Your Identity

Imagine receiving an email from ‘[email protected]’ with no profile photo, name, or email signature. Looks suspicious, right? That’s exactly what your prospect thinks, and off you go to the spam folder.

Receiving an email from an unknown sender, who then does not identify themselves clearly, can be unsettling for most. So, showcasing your details will not just help you build trust with your prospects, but will also help your cold emails stay compliant with these laws. iThese details would include your name, designation, company, and business address. 

3. Ensure Your Email Is Relevant to the Recipients

The whole idea of cold email laws such as General Data Protection Regulation(GDPR) and the CAN-SPAM Act is to curtail irrelevant unsolicited emails from crowding inboxes. 

But if you make it relevant and personalize your cold emails, not only do you comply with these laws, but you also increase your open rates and your chance at actually converting the prospect.

In fact, an in-house study at Klenty found that personalized subject lines get double the open rate when compared to non-personalized ones.

Your prospect should gain some value from your email. And the best way to do that is to research who they are, their company, pain points, motivations, and goals. Leveraging LinkedIn, ZoomInfo, or Clearbit is an excellent way to get a thorough understanding of your prospect and make it worth their time. 

Kyle Coleman, SVP, Marketing at Clari, puts it well:‘‘If you don’t take the time to understand a person or company before reaching out, why should they take the time to pay attention to you? You don’t have to be a complete student of their business, but you need to know enough to show them you understand their challenges and can offer some help.”

4. Provide an Easy Way to Opt-Out or Unsubscribe

The next thing on your cold email checklist must be an opt out or unsubscribe link. Offering an opt-out request is legally required by law, as we discussed previously. And so, the absence of one makes for a crimson red flag.

The best way to comply with this is to ensure your opt-out request is,   

• Easily visible
• Blends with the rest of the email and doesn’t stand out
• Includes an alternative to pause emails 

Here are some examples of how not to add these links: 

Unsubscribe: Too light to read and not uniform with the rest of the cold email font color.

Click here to stop receiving valuable content: Don’t be cheeky, your prospect might hit unsubscribe just by reading this. 

5. Revise Your Prospect List Regularly

Email validation should be your first step before you start curating the perfect cold electronic mail message for your prospects. This means ensuring you’re sending emails to active users. Stale prospect lists can lead to a high bounce rate, a bad sender’s reputation, and poor email deliverability. 

The end result? Your cold emails will now seem like bright spots to spam filters. So, what’s the game plan? Email validation tools. As an SDR, your time is precious and much better spent curating personalized sales journeys for your prospects rather than verifying email addresses. 

And so, a smart use of resources would mean implementing an email validation tool. These tools help in,

• Checking for syntax issues.
• Verifying the prospect’s domain through DNS records.
• Confirming the prospect’s email address exists and can receive emails.

Some of the leading email validation tools include Klenty, Hunter, and Debounce.

6. Boost Sender Score with Email Warm-up

Just like a fresh pair of jeans needing a little stretching to gain that perfect fit, your new cold email address also needs a little warming up before you start meeting your daily quotas. 

And the reason for this is to help convince email service providers (ESPs) that you’re not here to spam recipients. And in the process, improve your email deliverability.

You see, you need to build a sender reputation for ESPs to believe your emails aren’t spam and deserve a seat in the waiting room, i.e., your prospect’s inbox.

To do this means starting slow, sending a small number of emails to known addresses daily, ensuring they drive open rates, response rates, CTRs, and most importantly-don’t get marked as spam.

Building on this and increasing your daily emails gradually helps warm up your email to meet the daily quota set by ESPs. In Google’s case, it’s 2000. 

Hitting 2000 on your first day will only flag your email address for suspicious activity and stop you before you’ve actually begun. Email warmup can be a tedious process that spans 2-3 months, so implementing an email warm up tool like Lemwarm and Mailwarm might be the best way to stay consistent. 

Moral of the story: Warm up your email address to ensure your email makes it to the finish point. 

In a Nutshell

These are just general rules that were put up after people discovered emails and started bombarding others with them. The primary reasons for having these rules are to be respectful of people’s time and to protect them from getting spammed. Serious businesses like yours won’t have much to worry about as long as you make your intentions clear and are honest in the email copy.

Disclaimer: The information provided above is educational in nature. It should not be considered legal advice. For actionable legal guidance, please consult an attorney.

FAQs