Is email spam illegal?

There is no doubt that email marketing has become a vital weapon in the marketing arsenal of any type of modern day business. It’s a direct means of communication with existing and prospective customers, giving a business much-needed exposure.

However, the reputation of email as a credible marketing channel has been harmed by the poor practice of email spammers. These individuals distribute inappropriate emails to any email addresses they can get their hands on, with complete disregard for privacy rules. As recently as 2010, spam emails comprised 80% of the total number of messages sent.

Anti-spam laws exist to prevent the submission of unsolicited marketing emails to individual subscribers – including sole traders and those in business partnerships based in England and Wales. However, corporate subscribers can still receive unsolicited emails providing they are relevant to their work.

The Privacy and Electronic Communications Regulations 2003 covers the sending of email marketing. The protocols state that businesses must only distribute marketing emails to individuals who have opted in or agreed to receive them, unless there has been existing customer liaison.

But what do email spam laws look like across the world?

European Union

All member states of the European Union agreed to legislation that specifically targets spam.

Article 13 of the European Union Directive on Privacy and Communications states that all EU members must block unsolicited communications for direct marketing purposes without consent. Individual EU nations must choose how subscribers opt out of receiving unsolicited messages.

As we’ve already said, the UK states unsolicited emails cannot be distributed to individual subscribers unless prior permission has been given or an existing customer relationship exists.

United States

Across the Atlantic, most American states agreed to enact anti-spam laws as early as the 1990s. However, much of these laws have since been pre-empted by the CAN-SPAM Act 2003.

The CAN-SPAM Act 2003 actually permits the distribution of unsolicited emails providing they meet specific criteria:

  • A “truthful” email subject line
  • No bogus information within technical headers or sender address

In the event an unsolicited email fails to comply with the above, it is deemed illegal. Further penalties will apply to email spammers and hackers if it transpires they obtained email addresses using unscrupulous methods.


Down under, the Spam Act 2003 covers most types of email and telephone spam. It states: “Unsolicited commercial electronic messages must not be sent”. Whether or not an electronic message is deemed to be unsolicited depends on whether the sender has express or inferred consent.

What does express and inferred consent mean?

  • Express consent – when a subscriber/recipient directly agrees to being sent emails by opting-in, for example.
  • Inferred consent – if a business or commercial relationship already exists it is implied that the recipient will accept emails, or if the recipient publishes their email address publicly on a website, for example.

No self-respecting business wishes to be regarded as an email spammer. So the best thing is to ensure you are up-to-date with email spam laws to avoid hefty fines and allow your business to continue to use one of the most effective digital marketing channels out there.