Aug 1, 2005

New Child Protection Email Laws from Michigan & Utah

Michigan and Utah are passing laws this month that prohibit sending emails that contain stuff children shouldn’t see or buy (such as tobacco, alcohol, gambling, porn, etc). They are posting "do-not-contact" registries that you should purchase and use to scrub your own lists. The do-not-contact registries have children’s addresses, plus entire school domains that don’t want such email.

Useful Links:

Apparently, there’s some debate on how "legal" these new laws are, and whether or not the Federal CAN-SPAM law overrides these state laws. But seriously, who cares? Kids shouldn’t get that kinda stuff anyway, so it’s wise to just comply with the laws and scrub them off your lists.

Here’s a good summary from

Senders found
to be in violation of Utah’s law will face up to three years in jail
and up to $30,000 in fines, as well as potential civil penalties of
$1,000 per message. Violators of Michigan’s law face similar fines and
jail time, and may be liable to civil penalties of $5,000 per message
or $250,000 per day of violation.


Keeping Children Off Your Lists

If you want to do a little to prevent children from getting on your lists in the first place, you might surf around some websites like Anheuser-Busch’s (because you know they’ve got a crack team of high-paid robo-lawyers there) for ideas.

I went to their Budweiser site, and they made me enter my birthdate before I could even enter. When I clicked their email newsletter signup link, I got this:



Purely In the name of—ahem—research, I also checked out some other somewhat "racy" websites, such as FHM magazine, whose email newsletter, "THE FRIDAY EMAIL," contains "Girls, Games, and Giveaways." The e-newsletter registration form also required a birthdate (and interestingly had an anti-smoking banner ad):


Of course kids lie, and can still get on your lists by faking a birthdate. This doesn’t prevent anything, but it’s decent "CYA." At least you’ll have records that they lied when they opted-in. If you take these preventive measures, it doesn’t mean you’re exempt
from the Michigan and Utah laws. You’ve still got to cross-reference
your lists with their registries.


Even if your business or website is not for children, you might want to read through the FTC’s COPPA (Children’s Online Privacy Protection Act). It lists some rules and guidelines for websites that knowingly collect information from children, and what they can do to obtain parental consent. They list measures like requesting credit card information, digital signatures, PIN numbers, etc. COPPA also lists guidelines for privacy policies of such websites, which might be helpful for yours.