This is Part 1 of a two-part blog series on the new Canadian Anti-Spam Law. This post overviews the contents of the law, while part two provides tips on how to adapt your marketing and communications strategy.

On July 1st, 2014, the Canadian Anti-Spam Law (CASL) will be coming into effect. The new regulations, which will be the toughest in the world, prevent the sending of unsolicited commercial electronic messages (CEMs) and the unauthorized installation of computer software on an individual’s computer. This means that businesses will need to adapt their communications strategy to ensure that they are CASL compliant. Here’s a basic overview of the law, as it pertains to CEMS, to help you get started:

Who

The Canadian government will enforce the CASL in conjunction with:

  1. The Canadian Radio-Television and Telecommunications Commission (CRTC)
  2. The Competition Bureau
  3. The Office of the Privacy Commissioner

These agencies can share information with foreign governments if the information is relevant to an investigation. Individuals and organizations are also given power under CASL; they can bring a private right of action in court against those who violate the law. This means that applicants can seek actual and statutory damages against individuals or organizations that do not follow the new CASL regulations. Both individuals and businesses must follow the new protocols of CASL. The penalties for being non-compliant are not small; there will be a $1,000,000 fine for individuals and a $10,000,000 fine for businesses. Some people and organizations are exempt from the CASL law. These include registered charities, political parties, and cases in which there is a personal relationship between the sender and receiver, or when the CEM is being used to communicate the concerns of an organization that the receiver is a part of.

Where

CASL applies to all computer systems located in Canada that are used to send or access any Commercial Electronic Messages (CEMs). If you’re a Canadian business or a business that frequently reaches out to Canadian consumers, you need to be CASL compliant.

When

The majority of CASL, including the section related to CEMs, takes effect on July 1st, 2014. The exceptions are the sections dealing with the installation of computer programs and the private right of action, which come into effect on January 15th, 2015 and July 1st, 2017 respectively. The best practice here to is to start gathering CASL compliance as soon as possible. You have three years starting from July 1st 2014 to get compliance from people you already have a business relationship with and who have given you implied consent (see below). However, in order to get this grace period you must show that you’ve been making the effort to gain CASL compliance.

What

Before getting into the actual regulations, here is some of the key terminology: Commercial Electronic Messages (CEMs): CEMs are messages that in some way encourage the recipient to participate in commercial activity. Basically, if your message is in any way promoting goods or services, it is probably a CEM. Factors that are included in CEM consideration are: content, hyperlinks, and contact information. While it may be clear to you that a marketing campaign is a CEM, it is important to remember that even emails that are less direct, but still contain hyperlinks to your website, are likely CEMs as well.

It’s also worth noting that the CASL law will affect some aspects of social media, primarily the direct message function. While you can continue to tweet, post, and pin away as usual, you now need consent before you can send people direct messages over social media. Implied Consent: With implied consent, you can continue sending CEMs to a contact with whom there is an existing business relationship for a period of three years, starting July 1st, 2014. However, if they opt-out at any time that consent is no longer valid. After three years, you will have to prove that you have their express consent (see below) if you would like to continue sending them CEMs.
Canadian Anti-Spam Law Example CRTC

Source: CRTC

Express Consent: Express consent is an explicit opt-in request in which the individual takes action to add him or herself to your mailing list. It must be an opt-in, which means that you cannot have, for example, an automatically checked opt-in box that the individual must uncheck. When obtaining express consent, you will need some sort of record that contains the type of electronic address that you are sending to (eg. email account, telephone account, IM account, etc.), the name/owner of that electronic address, the IP address, the date and time of consent, and the means used to obtain consent (eg. filled out a form, clicked a link, etc.). The onus is on you to prove that you received their consent, so it’s worth having a functioning collection system in place.
Canadian Anti-Spam Law Example CRTC

Source: CRTC

So what does the law actually say? Here are the 3 key points about sending CEMs:

  1. Permission: you must have permission to send someone a CEM, whether it be via email, SMS, or social media. Existing business relationships give you a 3-year grace period of implied consent, but otherwise you need express consent from all contacts.
  2. Identity: you must be truthful and clear about who you are in any CEM you send. That means providing clear contact information in all of your messages. Clear contact information includes:
    1. The name of your organization or the organization on whose behalf the CEM is being sent;
    2. The purpose of the message, including a clear subject line;
    3. The identities of yourself and any other individual on whose behalf the CEM is sent. If it is too cumbersome to list everyone, you can include a hyperlink to a webpage that explains who everyone is and clearly shows his or her connection to your organization.
    4. Full contact information for your organization, including a valid mailing address that you can be reached at.
  3. Opt-out: it must be easy to unsubscribe from any or all of your CEMs at no cost to the receiver. 

Why

Though it may seem otherwise, CASL was not created to make your marketing strategy that much more difficult. It is important to remember that this law is intended to prevent spam and other electronic threats, such as the installation of malware. Keeping this in mind, the CASL law can be a great opportunity to clean up your mailing lists. By figuring out who genuinely wants to hear from you, you can put your energy into nurturing leads that actually have the potential to become clients or customers. This also means that you can develop a more focused communications strategy that centres on the needs of your engaged followers.

Take Action

What can your business do right now? The most important thing is to get a system in place for obtaining CASL compliance. You want to make sure that your message is clear and accessible to all of your followers. One great way to do this is to provide your consent form in multiple languages so that everyone can understand what you’re asking. Show your followers you really want to engage them by reaching out in their own language. While this is particularly important if you already have a multilingual communication strategy, it is also an excellent way to stand out from the numerous CASL-compliance-seeking messages that will be circulating for the next while.