Cold Email Japan: Specified Email Act Compliance Guide 2026
By Puzzle Inbox Team · May 22, 2026 · 8 min read
Cold email Japan compliance under the Specified Email Act 2026: opt-in rules, sender ID, opt-out, record retention, and B2B carve-outs explained for outbound teams.
Cold email Japan in 2026: the Specified Email Act requires prior consent for most commercial mail, with narrow B2B carve-outs.
If you send cold email to Japan, the Act on Regulation of Transmission of Specified Electronic Mail ("Specified Email Act") governs you, even if your servers sit in San Francisco or Frankfurt. Japan's Ministry of Internal Affairs and Communications and the Consumer Affairs Agency jointly enforce the law, and they have escalated audits since 2024. The headline rule is opt-in: senders must obtain consent before transmitting commercial mail to a recipient in Japan, and they must keep records of that consent.
Cold email Japan strategies that worked in 2019 - buying lists, scraping LinkedIn, blasting "intro" sequences - are now treated as Specified Email Act violations. Penalties include corrective orders, public naming, and fines up to JPY 30 million for corporations. The good news: B2B outreach to publicly disclosed business addresses retains a narrow exemption, and there is a clear path to compliant sequences if you respect the rules below.
What counts as "specified electronic mail" under the Act
The Act defines specified electronic mail broadly: any email sent for the purpose of advertising or promoting a business, service, or solicitation. That includes cold outreach asking for a meeting, product demos, partnership pitches, and "just checking in" follow-ups that lead to a sale. Transactional mail (order confirmations, password resets) is excluded, and so is mail between existing business contacts where consent is implied by prior dealings.
Crucially, the Act applies extraterritorially. A US or EU sender pushing campaigns into .jp inboxes is on the hook. The cold email Japan compliance test is not where you send from - it is where the recipient is located.
The B2B carve-out: when prior consent is not required
Article 3 of the Act exempts mail sent to an email address that the recipient has voluntarily disclosed for business purposes - for example, an address printed on a corporate website's contact page, a business card exchanged at a conference, or a regulatory filing. This is the lane most legitimate outbound teams operate in.
To rely on the carve-out, you must (1) collect the address from a verifiable public business source, (2) log the source URL and date, and (3) honor opt-out immediately. Personal Gmail or Yahoo Japan addresses do not qualify, even if a salesperson uses one for work.
Required sender identification and opt-out mechanics
Every commercial email to Japan must include: the sender's name and the responsible company, a postal address in Japan or abroad, a working opt-out link or reply-to address, and a clear statement (in Japanese or English) that the recipient may unsubscribe at any time. The opt-out must be processed within a reasonable period - regulators interpret this as within a few business days - and you must suppress that address across all future campaigns and affiliates.
For cold email Japan sequences, place the opt-out in the footer of every step, not just the first. Many enforcement actions in 2025 cited follow-ups that stripped the unsubscribe line.
Consent records and the three-year retention rule
When you do obtain explicit opt-in (web form, double opt-in, signed contract), retain proof for at least one month after the last email - and most counsel recommend three years to match the statute of limitations on related consumer protection claims. Keep IP address, timestamp, the exact wording the recipient agreed to, and the form version. Without this audit trail, regulators treat your sends as unconsented.
Practical cold email Japan checklist for 2026
Run this before any campaign hits .jp: source addresses from verifiable corporate pages; write subject lines that do not deceive (no fake "Re:" or "Fwd:"); include Japanese-language sender identification; suppress complainers within 24 hours; and use a proper warm-up on dedicated IPs so Japanese mailbox providers like Docomo and KDDI do not blacklist you. If you use a sending platform, confirm it supports per-region suppression lists and Japanese character encoding in headers.
Pair the legal layer with deliverability hygiene: SPF, DKIM, and DMARC aligned, and a clean reply workflow inside Puzzle Inbox so opt-out replies route to suppression instead of dying in a shared mailbox.
Penalties and recent enforcement
2025 saw three high-profile corrective orders against foreign SaaS vendors, each fined between JPY 8M and JPY 24M for sending without consent and ignoring opt-outs. The MIC publishes violators on its website, which Japanese procurement teams check before signing. Reputational damage usually exceeds the fine.
.jp as a regulated lane, not a growth hack.