Canadian Anti-Spam Law, CASL


On July 1st, 2014, a new Canadian anti-spam law (CASL) will come into effect that prevents organizations from sending commercial electronic messages without the recipient’s consent. Our understanding is this just affects recipients in Canada. In order to comply with CASL, we must ensure that we have either express or implied consent in order to continue emailing Canadians on our mailing lists.

In order to determine the best way to proceed, we read the full text in detail and attended two public sessions with lawyers who helped interpret the law.

About CASL

  • Canadian Anti-Spam Law, effective July 1.
  • Full text: http://laws-lois.justice.gc.ca/eng/acts/E-1.6/index.html
  • Affects anyone sending or receiving commercial electronic messages (CEMs).
    • CEM: Any email/text message/social media message/voicemail that encourages the recipient to participate in commercial activity
  • There are three new requirements you must follow in order to comply:
    • Consent: You must have express or implied consent to send a commercial electronic message
    • Identification: You must clearly identify yourself and the business or organization sending the commercial electronic message
    • An unsubscribe mechanism: You must include an Unsubscribe mechanism on every commercial electronic message sent
  • CASL Goal: To catch blatant offenders. Legitimate senders who are making every effort to comply are not the target of the law. (Source: Preparing for CASL webinar, Return Path).
  • Lisa Chamzuk, a lawyer who hosted one of the two sessions that we attended, mentioned that the lawyers in her circle consider CASL one of the worst pieces of legislation written because of how many “grey areas” it contains.

Penalties and Liability

  • The Canadian Radio-television and Telecommunications Commission (CRTC) will regulate CASL. The Competition Bureau of Canada and the Office of the Privacy Commissioner of Canada will also enforce the law.
  • Unclear how the regulator will enforce CASL against foreign entities.
  • The maximum penalty, per violation for a business is $10 million.
  • Directors, officers, agents and mandataries of a corporation can be liable if they directed, authorized, assented to, acquiesced in, or participated in the commission of the violation.

​About Consent

  • Must advise recipient of purpose of consent, name of sender, contact info, statement that consent can be withdrawn.
  • Cannot bundle or subsume consent.
  • Cannot pre-check consent boxes on forms.
  • Express consent: Obtained through a double opt-in form, verbally or via email.
    • Senders must keep records of how and when they obtained express consent.
    • Express consent is valid until the recipient withdraws consent.
  • Implied consent:
    • Recipients who have existing business relationships with the sender prior to CASL: valid for three years after last purchase. After July 1, 2017, implied consent is valid for two years after last purchase.
    • Recipients who have a new business relationship with the sender after CASL: valid for 24 months.
    • Recipients who inquire about a business offering: valid for six months.
    • Under CASL, the ideal scenario is to have express - not implied - consent.

Consent Exceptions

  • Even if exempt from consent requirement, senders must still adhere to form requirement (contact info, purpose, unsubscribe).
  • If the sender believes the CEM will be accessed in a foreign state and the message conforms to the anti-spam law of that state. (Source: Lisa Chamzuk, lawyer and Return Path CASL checklist)
  • Provides warranty/product recall or safety information about a purchased product.
  • The recipient has conspicuously published their electronic address without indicating a wish not to receive unsolicited messages AND the CEM is related to the professional or official capacity of the recipient.
  • The recipient has disclosed their address to the sender without indicating a wish not to receive unsolicited messages AND the message is related to the professional or official capacity of the recipient.
  • CEM provides quote for goods/services if requested by recipient.
  • CEM facilitates previously agreed to commercial transaction.
  • CEM provides factual information about subscription, membership, account.
  • CEM is sent to an employee, representative, consultant or franchisee of another organization if the organizations have a relationship and the message concerns the activities of the recipient organization.
  • If someone in a business relationship or personal/family relationship makes a referral, the contact following the referral is exempt, provided the source of the referral is identified in the CEM.
  • Third-party emails: sender is responsible, not the one creating the content.

​Other Messages

  • Abandoned cart messages: considered a CEM and not exempt from CASL.

Compliance

  • Due diligence: If you can show that you are making the best attempt at complying, you may not be in breach. (Source: Lisa Chamzuk, lawyer)

From cbc.ca:

While Fraser says he’s heard rumblings that enforcement will be fierce, the CRTC says it simply doesn’t have the manpower to aggressively respond to every complaint.

Manon Bombardier, the CRTC’s chief compliance and enforcement officer, says she expects there will be hundreds of complaints pouring in each and every day.

“We don’t have the capacity to look at them all, it would not be efficient to look at them all, so we need to be strategic, “ she says.

Bombardier says the CRTC will focus on the most severe types of violations, and responses to complaints will range from written warnings up to financial penalties or court actions.

“Our objective is to secure compliance in the most efficient way possible and prevent recidivism,” she says.

“If a warning letter can achieve that, that’s what will be selected.  If it’s deemed insufficient to achieve that objective, then we may need to go with a more stringent tool."

Advice

  • Decide whether you want to be globally CASL compliant or just apply the rules to Canadian recipients.
    • For now, it is recommended that you should abide by the existing law in Canada.
    • If you’re compliant with CASL, you’re compliant with all country’s anti-spam laws.
  • Audit your list then develop a strategy for managing the list and keep a record of that strategy.
  • Remain informed on how the law is being enforced and interpreted by the courts.

​Responsibilities

  • Silver Barrel Solutions is not responsible for your compliance with CASL. We will abide by all Canadian laws as necessary but it is your responsibility to ensure that your electronic communications with your clients meets all CASL requirements.
  • Should you have any questions or concerns regarding the new CASL legislation it is our recommendation that you seek legal counsel based on your specific business situation.

Share this post

About Us

Silver Barrel Solutions designs and develops any size of website, from entry-level brochure sites to more advanced, dynamic sites that implement online applications such as content management systems and e-commerce solutions.

Whatever the scope of work, we make it easy for our clients by offering in-house design, development, content writing, hosting and management.