In an effort to reduce the amount of unwanted digital messages that are sent to Canadians, a new law went into effect on July 1 that will impact how businesses execute their marketing campaigns that involve “commercial electronic messages” (CEMs). The law is referred to as the Canadian Anti-Spam Law (CASL) and according to a government website:
“CASL applies to emails, text messages, instant messages and any similar messages sent to electronic addresses. However, it does not apply to promotional information you post online in places like blogs or social media.”
It also does not always apply to charitable organizations (more on that in a bit). Anyone who makes use of CEMs, is involved with the alteration of transmission data, or produces or installs computer programs needs to be aware of this law. The foundation of the new law is based on the following three concepts:
- Consent from the recipient
- Identification by the sender
- Unsubscribe capacity
The issue of consent is a little tough to nail down if you ask me. The law requires either expressed or implied consent. While expressed consent is easy to understand, the law allows for verbal consent, so it may make it easier for companies to argue that consent was given verbally, so long as there are not too many complaints against a company where that is their defense.
As for implied consent, if you conspicuously advertise that if giving your email address to a company you are consenting to communication, you have met the criteria as required by CASL. If the recipient puts their email address on business cards or stationary where it is available to the public to see, that also satisfies CASL.
The last two types of implied consent deal with existing relationships between a company and a person. If the person already has a business/commercial relationship with the sender, that creates implied consent. So does an existing non-business relationship, such as volunteer work or donating a gift to a non-profit organization. There is a waiver in the law that exempts non-profit organizations so long as they are strictly asking for a donation. If they ask people to purchase something in the message, then CASL applies to that correspondence.
To me, that does not mean that I’ve given consent, but it meets the law’s requirements. As is typical with laws of this nature, the responsibility is on the sender to make sure that they are in compliance. Anyone with any questions about it should visit this site.
As for identification from the sender, this would most likely be something that a company would do anyway, but now it’s a requirement. At the very least, it’s a “best practice” concept. The ability to unsubscribe is the final requirement. If you want some more best practices for email, follow this link.
While reviewing the law for work, I found only one real surprise. Many companies pre-check boxes and ask people to uncheck them if they do not wish to get emails from a company. The CASL prohibits this practice – all boxes must be empty to start, requiring the recipient to actively choose to receive a company’s CEMs.
Violation of the law comes with some pretty steep consequences. While the law reportedly comes with a 36 month transitional provision, once that is past, companies that violate the law could be required to pay fines of up to C$10 million. Individuals face fines of up to C$1 million.
Overall, this law is pretty similar to those that I have seen elsewhere, including the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 here in the U.S.A. My experience with how the Federal Trade Commission now tries to cope with unwanted CEMs is to try to educate the public on how to avoid opening CEMs that may have viruses, malware, etc.
It appears to me as though the FTC has essentially stopped trying to enforce the laws, especially since many of the offenders are based outside their jurisdiction. Can you say “Nigerian Lottery?” I expect that will be the case in Canada, too. I wish them better luck in handling the issue.