It's shitty UX regardless of whether it's a violation of law, IMO.
Original: It's a violation of CAN-SPAM law to put unsubscribe behind a login process. Asking for a password violates the requirement that no additional PII except for the email be required to process the opt-out.
From the FTC:
Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request.
Explained at http://business.ftc.gov/documents/bus61-can-spam-act-complia... and excerpt below:
A. What matters is the “primary purpose” of the message. To determine the primary purpose, remember that an email can contain three different types of information:
1. Commercial content – which advertises or promotes a commercial product or service, including content on a website operated for a commercial purpose;
2. Transactional or relationship content – which facilitates an already agreed-upon transaction or updates a customer about an ongoing transaction; and
3. Other content – which is neither commercial nor transactional or relationship.
If the message contains only commercial content, its primary purpose is commercial and it must comply with the requirements of CAM-SPAM. If it contains only transactional or relationship content, its primary purpose is transactional or relationship. In that case, it may not contain false or misleading routing information, but is otherwise exempt from most provisions of the CAN-SPAM Act.
More on that here: http://www.the-dma.org/press/PrimaryPurposeFactSheet.pdf
Many "transactional" emails probably fail the above test. It's shitty UX to make you login to opt-out, even if it's not against the law.
That depends -- have you ever signed up with the sender? If so, you are asking to be spammed. When a company requires a signup, they are breaking the law, therefore you must not sign up. By signing up, you make the spam legitimate.
If they send you an unsolicited e-mail, they are criminals. If they require a signup to opt out, they are criminals. But if you sign up, they aren't. That's why they want you to sign up.
Even ignoring the first amendment, there is no enabling clause that grants the general power to regulate communication.
You may have the right to speak but you don't have a right to force the populous to listen.
Communication is two way, spam is one-way.
You have the right to expose people to communications with no Congressional control whatever. Congress shall make no law. You may shout on a street corner, you may set up a PA system until your neighbors are driven to madness, you may place pornography on a billboard, etc. Congress can do nothing to stop it.
Are you trolling. You consider the constitutional right to free speech to encompass things like setting up a PA in public that is so loud it physically harms people?
It's not a right to amplified speech, nor "free shouting".
Freedom of speech does NOT involve the freedom to send individually addressed messages to anyone. There is no freedom to spam.
CAN-SPAM doesn't apply to political or non-profit organizations.