Marketing Compliance (Automated Outreach)¶
What It Is¶
The legal obligations that apply to marketing regardless of automation — and that automation makes riskier, because errors scale faster and the human review buffer is thinner. The governing example: at 10,000 personalized sends, a single unscrubbed opt-out becomes 10,000 separate CAN-SPAM violations.
The Four Regimes (and their critical controls)¶
- CAN-SPAM (US email): every commercial email needs a valid physical address and a working opt-out honored within 10 business days; headers must be accurate. Control: opt-out scrub as a mandatory gate before every send (list → personalize → scrub → send); physical address as a static template field, never AI-generated.
- GDPR (EU data): documented lawful basis to process; consent scope limits inferred data; right to erasure must also purge vector stores/caches, not just the CRM; Article 22 limits solely-automated decisions about individuals. Control: erasure-verification in QA; DPIAs; signed DPAs with AI vendors. Fines reach 4% of global revenue.
- TCPA (US SMS): prior express written consent for automated SMS to mobiles — an email opt-in does not cover SMS; you're liable for an aggregator's sends. Control: per-channel consent flags, DNC + phone-verification scrubbing, human review of any new SMS template before first send. Frequently class-action.
- FTC (AI testimonials/reviews): AI-generated fake reviews/testimonials violate Section 5; disclosure of AI-assisted endorsements is trending mandatory. Control: never publish AI testimonials as real; human sign-off + disclosure policy.
How It Applies to Marketing Factory¶
Compliance is the highest-severity slice of agentic-failure-modes — a red line, not a quality preference. Every outbound agent workflow must embed the relevant control as a non-skippable gate: opt-out scrub before email sends, consent + DNC checks before SMS, erasure-purge tests in QA, and a human-review-gate before any AI-generated endorsement or new SMS template ships. Because violations scale with send volume, these gates are exactly where the factory must not optimize away the human. It sits alongside email-deliverability (the technical send-health counterpart) and constrains cold-email-sequence design.
Related Concepts¶
- agentic-failure-modes — compliance breaches are the highest-severity failure mode
- human-review-gate — the non-skippable control for endorsements and new templates
- email-deliverability — the technical send-health counterpart to legal compliance
- cold-email-sequence — outbound design constrained by CAN-SPAM/opt-out rules
Referenced from: ai-marketing-risks