Cold email has legal boundaries. Here's what you need to know.

Key Regulations

CAN-SPAM (US): Requires physical address, honest headers, working unsubscribe, honor opt-outs within 10 days.

GDPR (EU): Requires lawful basis (legitimate interest works for B2B), data subject rights, documentation.

CASL (Canada): Stricter consent requirements, implied consent for published business emails.

B2B vs B2C

B2B is generally more permissive. Most regulations were designed for consumer marketing. But rules still apply.

Always include: Physical address. Working unsubscribe. Clear sender identification.

Never do: Buy sketchy lists. Ignore opt-outs. Mislead recipients. Harvest emails without permission.

Keep records of: How you got each email. Opt-out requests and compliance. Consent where applicable.

Sending to EU: GDPR applies regardless of where you're based.

Sending to Canada: CASL applies.

Know where your prospects are located.

Have legal review your email program. Document your processes. Update practices as laws change.

Err on the side of caution. The cost of violations exceeds the benefit of questionable practices.