Is Cold Emailing Illegal? US, EU, UK, Australia Rules and Regulations 2022

To send or not to send cold emails. Is it even legal to send a lot of cold emails? Well, until there’s a better, more respectful way to reach a stranger, cold emails remain the kingpin of sales outreach strategies. So yes, you should be sending cold emails to grow your business, get funding, get a job, or make friends in nice places. If it is the legality that you’re worried about, we have the answer.

We give you a rundown on whether cold emailing is illegal in different countries, what the differences between a cold email and spam are, and how you can write a cold email that won’t get flagged.

So, to answer your question: Yes, businesses like yours can send cold emails *if* you follow a certain set of guidelines–which we break down in this article.

What is a cold email?

A cold email is an email sent to an individual who has no prior relationship with you or your company or possibly, not even heard of your company with the objective of capturing their interest and building a relationship with them. Cold emails are a great starting point to move a lead further into your sales funnel.

Here’s an example of an unsolicited or a cold email.

Example of an unsolicited or good cold email

All of this is well and good, but this begs the question:

Is cold emailing illegal? 

Cold emailing is legal if you follow the rules and regulations laid down by the different governments on cold emailing. The popularly known CAN-SPAM Act, and GDPR are the foundation of these rules in the US, and UK respectively. We’ll outline some general codes of conduct to follow when creating cold emails below in the blog.

So, sending a cold email to a business isn’t illegal, unless you are sending emails without brakes, which brings us to the questions that continue to haunt salespeople even today. “How to avoid spam?” “Why are my emails going to spam?”

What is a SPAM? 

“Spam emails, otherwise known as junk mail, are uninvited bulk-sent email messages delivered to an inbox,” according to Norton Security. B2C marketing emails, newsletters recipients never signed up for, phishing emails, sales emails sent to an unreasonably large number of people like 3,000, etc can count as spam. It’s called the spray and pray outreach. Unlike cold emails that businesses send to do sales outreach, they are not targeted at people who may benefit from your email.  

Example of an email that can be flagged as spam:

Example of spam email

Why do my cold emails go to the SPAM folder?

When you send a cold email, email servers work to find out if your cold email is spamming the recipient or not, and to do so, they have set many conditions. While these may differ from one mailbox provider to another, generally the conditions include the content of your email, how often you send emails, whether you send the emails in bulk, and your email ID’s reputation. 

That said, there are actually two ways your emails could end up in the spam folder.

  • If the recipient marks you spam: This happens if the content of your email is irrelevant to the recipient or looks like clickbait. Using an unrecognisable from line, concealing the identity of the sender, multiple action words or one too many exclamation points could irk the recipient to do the deed.
  • If the email service provider filters your email: This happens because email service providers look at data such as sender score, email account reputation, overall bounce rate, etc to determine if you are engaged in suspicious activity. So if you have a new email address that you haven’t warmed up, but you’ve started to send emails at scale, your emails might be getting flagged by the email server.

Key differences between cold email and spam

Image representing difference between emailing and spam

If you send a cold email that doesn’t comply with your recipient’s country’s laws, you can be subject to penalties running into thousands of dollars. Here are summaries of cold emailing laws in different regions across the world.

1. The US

According to the Federal Trade Commission, “The CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.” This is relevant for B2B emails as well.

Each cold email you send that does not comply with the CAN-SPAM Act is subject to penalties of up to $46,517.

Here’s how to stay CAN-SPAM compliant:

Don’t provide misleading from line information:

You must ensure that the routing information is correctly labeled in your from line and reply to line. For example, if a person with the name Tom sends an email with their from line labeled ‘Your ticket to success,’ that would land them in trouble.

Tell them your location:

A valid physical postal address is required. This could be placed at the bottom of your email after the signature. 

Make sure they can opt out:

Include an opt-out message and ensure that you make it very clear that anyone can understand. You could play around with different colors, fonts, and font sizes to emphasise the same.

2. Europe

In Europe, the General Data Protection Regulation (GDPR) was set in place for the data privacy protection of EU citizens in 2016. While the GDPR is not against cold emailing businesses, it outlines some rules to follow. Following these is best, as non-compliance could result in heavy fines.

Here’s how to send emails that are GDPR-compliant:

Make sure you have a good reason to reach out:

Under the GDPR, it’s essential to have a valid reason for reaching out as you’ve processed the recipient’s data for emailing them. It’s best if you only contact those most likely to need your service or product. That would be defined as having ‘legitimate interest.’

You should be able to explain where you got their data from:

As the GDPR exists to protect data privacy, it’s vital that you mention where you got the recipient’s email address and other data from when you send over a cold email. If your prospect is not keen on receiving emails, you must delete their data from your system. 

Give an easy way to opt out:

When you send over a cold email, you should also provide a quick and easy way to opt out of your emails. Ensure that you include a clear message within your email to clarify how the recipient can opt-out. You must delete their information from your database if they have confirmed to opt-out of your emails.

3. The UK

According to the Information Commissioner’s Office, the UK follows the UK GDPR set in place in 2018. 

While the UK doesn’t allow cold emailing to individuals, you can send them to corporations. You can also send cold emails to prospects who have given you consent through a reseller or a parent/sister company.

Provide company details within the email:

It’s essential to mention your company information, such as contact details and a physical address, within the email.

Add an appropriate subject line:

Make sure that the subject line is free from false promises and clickbait. It should be relevant and connected to the content of the email. Anything unrelated or in poor taste could result in heavy fines.

4. Australia

Australia follows the Spam Act (2003), which applies to all emails. Australian rules specify that you need the receiver’s consent before cold emailing them. Here’s how to stay compliant to Australian spam laws while sending cold emails:

Expressed consent: Individuals could have given permission via filling out a form in the website, ticking a box on a website, the phone, or face-to-face. Remember to keep a record of the permissions as it is up to you to prove consent under the act.

Inferred consent: You can infer that you have consent to reach out to individuals who have already given their address, is a subscriber, or even businesses you have relationships with and sending these emails will be directly part of that relationship.

Make your identity clear:

Your name, company details, and contact information should be provided within your email. If someone else is sending the message on your behalf, your legal name should be mentioned. You can provide either your full name or your legal business name–this information must remain valid for at least 30 days after sending it.

Not only do you need to add an unsubscribe link, it must be easy to access one. It should require a fee to unsubscribe. It shouldn’t ask you to create an account with them to unsubscribe. The recipient’s unsubscribe request must be honoured in 5 days.

6 Steps to write CAN-SPAM, GDPR-compliant cold emails

While sending B2B cold emails is reasonably straightforward, similar guidelines must be followed.

Be honest with your email copy

Definitely stay away from writing emails solely to get the prospect’s attention. While the intention is in the right place, if you’re promising goodies, massive discounts and such online gewgaws just to catch their attention, prospects will feel betrayed and chuck you into spam. 

  1. Your subject lines should not be clickbait

In recent years, salespeople and marketers alike have been using shocking or clickbait-like subject lines to capture the attention of the recipient. These could be in poor taste at times with some emails starting with phrases like, “we’re sorry to inform you that…” or “your salary has been credited.”


It’s not unlikely for people to have become tired of trick subject lines, and then have a negative conception of the sender. Here is a comprehensive list of these SPAM trigger words you should avoid.

  1. Don’t let your identity be a mystery

Receiving an email from an unknown sender, who then does not identify themselves clearly, can be unsettling for most. Showcasing your details is crucial to building trust with a prospect. These details would include your name, designation, company, and postal address. 

  1. Your email content should be relevant to the recipient

One of the best ways stay compliant is to reach out to those prospects who you believe have a problem you could solve. That way you can ensure the content of your email is relevant to the recipient. Check if the recipient is actually in need of a product or service or if they have a potential problem your product or service can help solve. A quick google search can show you the recipient’s company details. To get market insight or find more information on prospects like the team size, their ARR if it’s a public company, their growth rate, company news, you can also scour LinkedIn or data intelligence software like Zoominfo or Clearbit.

Image of cold email compliance checklist

Optimize your sender behavior

  1. Provide an easy way to opt out or unsubscribe

You should always provide a way for the prospect to opt out or unsubscribe when cold emailing as doing so is not only compliant with most countries’ emailing laws it’s also ethical to do so. You can include these in the body of the email or below the signature, to ensure that your prospect knows they can opt out of your emails at any time.

  1. Revise your prospect list regularly

Think of it as spring cleaning. You need to re-evaluate your list of prospects, especially if an old prospect who has not responded or opened your emails for a long time is still receiving emails from you. Ensure you only send cold emails to your ideal customer profile and to those who show a chance of becoming a customer.

  1. Warm up your email ID to improve your sender score

It’s always considered a best practice to warm up your email address if you’re newly starting cold email campaigns. Because sudden changes in sending behavior can look like suspicious email activity to email service providers. There are a lot of factors you can optimize to improve your email deliverability.

In a nutshell

These are just general rules that were put up after people discovered emails and started bombarding others with it. The primary reasons for having these rules are to be respectful of people’s times and to protect them from getting spammed. Serious businesses like yours won’t have much to worry about as long as you make your intentions clear and is honest in the email copy.

Disclaimer: The information provided above is educational in nature. It should not be considered legal advice. For actionable legal guidance, please consult an attorney.

Comments are closed.

Navigate