Email remains a cornerstone of retail and e-commerce growth, but it has also become a growing litigation target. A recent surge of lawsuits, particularly in Washington and California, allege that common marketing practices around urgency and discount claims in email subject lines violate state anti-spam statutes. With the holiday season approaching, retailers should assess email campaign operations now. The combination of statutory damages and private rights of action has materially increased legal risk, and high-volume holiday sends can magnify exposure.
The Statutory Framework: Federal CAN-SPAM and State Anti-Spam Regimes
At the federal level, the CAN-SPAM Act (“CAN-SPAM” or the “Act”) sets baseline standards for commercial email. It requires accurate header and subject information, a functioning opt-out mechanism, and prompt honoring of unsubscribe requests. CAN-SPAM is primarily enforced by the Federal Trade Commission (“FTC”), state attorneys general, and Internet Service Providers (“ISPs”); there is no private right of action for consumers. The Act also includes an express preemption clause, preserving only state claims that target “falsity or deception.” Several states have enacted targeted statutes prohibiting deceptive subject lines or header information and, in some cases, providing private enforcement and per-email statutory damages. Among the most active are Washington’s Commercial Electronic Mail Act, RCW 19.190.010 (“CEMA”) and California’s Business & Professions Code § 17529.5 (“§ 17529.5”). Others exist in jurisdictions such as Maryland, South Dakota, Washington, D.C., Georgia, and Florida, but current filing trends are concentrated in Washington and California.
Washington
Washington’s CEMA prohibits sending commercial emails to or from Washington that use a third party’s domain without permission or contain false or misleading information in the subject line. In April 2025, the Washington Supreme Court held in Brown v. Old Navy that CEMA’s subject-line prohibition reaches any false or misleading information in the subject line, regardless of whether the email body clarifies or corrects the claim. The Court distinguished “mere puffery” (subjective, unverifiable slogans like “Best Deals of the Year”) from actionable factual claims (e.g., duration, availability, price, or terms) and underscored that each message sent to a Washington resident may trigger statutory damages.
Key Washington features now driving litigation risk include CEMA’s $500-per-email statutory damages (or actual damages, whichever is greater) without a need to prove individualized harm, and the statute’s treatment of violations as per se Consumer Protection Act infractions. Washington courts have emphasized that the subject line, standing alone, can be actionable even if qualifiers or disclaimers appear in the body. As a result, familiar urgency phrases (e.g., “Today Only,” “Ends Tonight,” “Extended,” and “Three Days Only”) are being scrutinized when promotions are extended, repeated, or otherwise inconsistent with the headline. Since Brown, plaintiffs have filed putative class actions against national retailers and airlines, often alleging “false urgency” or misleading discount scope. Defendants have raised CAN-SPAM preemption arguments in related cases, and how courts reconcile Washington’s interpretation with CAN-SPAM’s savings clause will be significant for nationwide retailers. The stakes are heightened during the holidays, when “doorbuster” and time-bound messaging proliferate, and calendars shift rapidly.
California
California’s Business and Professions Code § 17529.5 prohibits commercial emails with falsified, misrepresented, or forged header information, unauthorized use of third-party domains, and subject lines likely to mislead recipients about a material fact regarding the contents or subject matter of the message. Unlike CAN-SPAM, California’s statute provides a private right of action and statutory damages, and courts have generally upheld key provisions against CAN-SPAM preemption.
Plaintiffs in California often allege multiple categories of violations. First, they target deceptive subject lines or contents that misstate the nature, scope, price, or duration of promotions, or that promise benefits not available to most recipients. Second, they challenge misrepresented header information, such as “friendly from” names that obscure the true sender, reply-to or routing paths that do not match the purported sender, or header elements that impede traceability. Third, they assert unauthorized use of a domain name, arguing that an advertiser or its vendor used a third party’s domain without permission or masked the sending domain behind opaque or rotating subdomains and tracking links. Plaintiffs also commonly plead inadequate opt-in/opt-out mechanisms in affiliate or vendor-run campaigns. Notably, California plaintiffs frequently pursue strict-liability theories against advertisers, seeking per-email damages commonly pled at $1,000 per email, with arguments that robust compliance can reduce damages to $100 per email under the statute’s “due care” defense. Seasonal campaigns, with broad “X% off” subject lines, category exclusions, and repeated urgency claims, are a frequent focal point of demand letters and class complaints.
Why the Uptick in Email Marketing Lawsuits, and What Email Teams Can Do Now
The recent surge of email marketing lawsuits reflects multiple dynamics. First, Washington’s Brown decision broadened exposure, making urgency and discount claims in subject lines a ripe target and attaching high, per-message statutory damages. Second, California’s private right of action and a well-developed plaintiff bar create a forum in which strict-liability theories and per-email damages drive settlement pressure. Third, common marketing practices may supply factual hooks that are straightforward to plead. Separately, plaintiffs have tested other theories, with mixed results.
With retailers ramping up holiday sales, these pressures intensify as volume increases and timelines compress. The math can be unforgiving: per-email damages multiplied by large lists and frequent sends can quickly add up. CEMA and § 17529.5 claims are frequently brought as putative class actions; private enforcement and attorney fee exposure can drive costly defense and settlement dynamics. Compliance missteps in creative or campaign operations can translate into immediate statutory liability. The operational pace of holiday marketing, including frequent extensions, segmented offers, and rapid creative turns, can increase the risk of inconsistencies between subject lines and actual offer terms.
To reduce risk now, retailers should tighten their email marketing practices to avoid objectively false or misleading claims, especially around subject lines, time limits, and discount scope. Marketing teams should use durable phrasing when timelines may change, ensure calendars and system end-times match any urgency claims, substantiate discount representations, avoid broad subject lines that hide material exclusions, and keep headers accurate and traceable. Retailers should also strengthen vendor oversight and approval workflows for affiliates. As holiday campaigns scale, apply heightened review to Washington and California recipients and retain campaign artifacts tying subject lines to actual offer terms.
Bottom Line
Email marketing is increasingly presenting litigation risk. In Washington, Brown makes time-bound and discount claims riskier; in California, private enforcement, per-email statutory damages, and an aggressive plaintiff’s bar amplifies exposure. Retailers heading into holiday and seasonal marketing cycles should review their compliance programs and recalibrate practices as necessary to prevent suits and reduce damages if challenged. Before launching high-volume holiday sends, retailers should speak with counsel to assess risk, refine campaign controls, and tailor compliance to applicable jurisdictions.
