What is CASL?
“Canadian Anti-Spam Legislation” (CASL) is a new Canadian law that comes into effect on July 1, 2014.
What is a CEM?
Among other things, CASL will apply to any commercial electronic message (CEM), which is an electronic message that encourages participation in a commercial activity, regardless of whether there is an expectation of profit, if the CEM is sent or accessed from a Canadian computer system. CEMs include emails, messages to social networking accounts and text messages. Subject to limited exceptions (described below), CASL prohibits the sending of a CEM unless all three of these requirements are met:
- the recipient has consented to receive the CEM;
- the CEM is in the prescribed form and contains the prescribed content; and
- the CEM is not misleading.
After July 1, 2014, you may not send CEMs to email addresses purchased or obtained as a result of software-automated harvesting unless the recipient has consented or an exception applies.
If at all possible, we recommend that you email your consent requests before July 1, 2014 to as many of your email contacts as possible.
Why should I care about CASL?
You should care about CASL if your company, organization or business sends emails, messages to social networking accounts or text messages for marketing purposes because CASL would apply to these CEMs.
As of July 1, 2014, the government will be able to levy administrative fines (as high as $1 million for individuals and $10 million for businesses) for CASL offences (including sending a CEM without consent). As of July 1, 2017, a private right of action will come into effect for CASL offences—meaning you could be sued by recipients who have not consented to receive a CEM.
How do I stay out of trouble?
A. Obtain Consent
Get intended recipients to consent. There are different types of consent.
You can obtain express consent from recipients when you explicitly ask them for permission to send them CEMs, and they agree. Your request should be worded clearly, include your business name and contact information, and inform the recipient that they can unsubscribe at any time. Note that an email requesting consent will be considered to be a CEM as of July 1, 2014, so you can only send these consent requests to recipients whose consent can be implied (discussed below).
CASL outlines specific circumstances in which you can rely on implied consent—and express consent is therefore not required. Some examples where consent will be implied include a CEM to a recipient who has:
- Made a purchase from your business in the last two years
- Contracted with your business in the last two years
- Made an inquiry of your business in the last six months
- Conspicuously published and/or given you her/his email addresses (i.e., on their business/organization website or business card) without a statement that s/he does not wish to receive unsolicited emails, and the CEM is relevant to her/his business, role, functions or duties in a business or official capacity
- Been referred to you by an individual who has an existing business relationship with both the recipient and you (you will also have to identify the referring individual in your initial CEM to such a recipient)
You should keep detailed records listing recipients and their consent date, type, and manner in case you are ever asked to prove that consent has been received.
B. Follow FORM and CONTENT Requirements
You must include a simple and quick unsubscribe mechanism in each CEM that allows the recipient to unsubscribe from receiving additional messages at no cost to the recipient. For example, a CEM sent via SMS may state that an end-user can unsubscribe by texting the word “STOP.” Another possibility is a hyperlink that is included clearly and prominently in an email that allows recipient to unsubscribe by clicking it. The hyperlink may also be to a webpage that is readily accessible without delay and is at no cost to the recipient.
Each CEM must identify the business sending (or directing) the CEM as well as the sender, if the CEM is being sent on someone else’s behalf, and provide contact information for both the business and the sender. This information must be accurate and valid for a minimum of 60 days after the CEM has been sent.
C. Don’t be Misleading
Ensure that no part of the CEM is false or misleading, including the sender’s identity, subject line, any web links, or any other material part of the message’s text or data.
There isn’t enough time to comply before July 1, 2014! What do I do?
Lucky for you, there will be a three-year transitional period after CASL comes into force on July 1, 2014, where consent will be deemed implied between parties with an existing business relationship, unless and until the recipient indicates that they do not wish to receive unsolicited communications from the sender. You would be deemed to have an existing business relationship with a recipient who has, as of July 1, 2014:
- made a purchase from your business in the last two years
- contracted with your business in the last two years
- made an inquiry of your business in the last six months
This means that (despite the time limits indicated above) there will be a three year time limit on all existing business relationships that exist as of July 1, 2014. You should take advantage of the transition period to seek express consent from recipients if you haven’t already done so.
When sending out emails after July 1, 2014, you should ensure you have received consent or can prove you have implied consent (through an existing business relationship or otherwise) from all of your CEM recipients.
How can I target new customers?
In terms of communications, CASL only applies to CEMs, so you are free to telephone and snail mail recipients to your heart’s content.
If your business has other businesses as customers (rather than individuals) you may conduct internet searches to find “conspicuously published” recipients.
Get creative with marketing freebies (trial software versions, white papers, info sheets) that you can send to recipients who provide you with their email address. You can then ask these recipients for their express consent.
What else will CASL affect?
CASL will also apply to the installation of computer programs on someone else’s computer system and the alteration of transmission data. Click here for more information on these topics and CASL generally.
For specific information or advice on how CASL will affect your business and how to stay compliant, please email us at [email protected] or give us a call anytime at 604-681-4112.