July 1, 2014. This date has been on many business owners’ minds over the last months. Not because it marks a day off to celebrate Canada Day with friends and family, but because it is the day Canada’s Anti-Spam Legislation (“CASL”) comes into force, marking significant changes in the way electronic messages are sent.
Over the last months, David Mills has been providing you with an overview of the legislation (the links to these posts can be found below).
As a quick reminder, as of July 1, 2014, the sending of electronic messages which include content encouraging participation in commercial activity must comply with CASL’s section 6 requirements. “Content” not only includes the body of the message, but also the contact information and hyperlinks included in the message.
For example, if, after CASL comes into force, I was to send this blog to all of the email contacts in my address book, or was to send it via private message to each and every one of my LinkedIn contacts, and was to include the statement that the recipients should contact me for more information and/or for assistance in becoming compliant with the legislation, these messages would very likely fall into the category of “commercial electronic messages” (“CEM”).
If you are sending a CEM after CASL comes into force (July 1, 2014), you must, in accordance with section 6 of CASL, ensure that:
- the person to whom the message is sent has consented to the receipt of the message (this consent may be express or implied) (the “Consent Requirement”);
- you have included the necessary identifying information (as prescribed by the Regulations); and
- you have provided an unsubscribe mechanism.
The requirements which must be followed are not the same for each CEM. Some CEMs are exempted from all of the section 6 requirements, while others are only exempt from the Consent Requirement. CEMs must be analyzed on a case-by-case basis to determine whether an exemption applies.
The legislation also explains what constitutes express consent and implied consent. As a reminder, unlike implied consent, express consent does not expire. Consent may be withdrawn at any time.
Therefore, returning to the example above, if I have received the express consent or have the implied consent of everyone in my address book to send this type of commercial electronic message, I would need to ensure that the necessary identifying information and unsubscribe mechanism were included in order to be compliant. If I was sending this message to my immediate family, then the message would still be a CEM, but it would be exempt from the requirements of section 6 pursuant to the exemption found at section 6(5)(a) of CASL.
Due to the nature of the CASL regime, proper record-keeping with respect to consent will become increasingly important. It would be prudent for businesses to have a CASL policy in place and to educate their employees with respect to their CASL policy. (Such a policy would become relevant if the business inadvertently committed a CASL violation.)
Also worth noting is that CASL deems a request for consent to be a CEM and sets out the information that must be included when sending the request message, including the Consent Requirement. Therefore, in circumstances where you do not have the express or implied consent of the person to whom you are sending such a message and where no exemption applies, you may be forced to revert to other methods of obtaining the consent (such as regular letter mail).
CASL is a significant piece of legislation which has not been tested by the courts. A number of resources (including information bulletins, a Regulatory Impact Analysis Statement, FAQs, infographics and videos) have been released by the CRTC and Industry Canada. These resources provide guidance with respect to the legislation and the regulations; however, it is important to recognize that these resources are not binding. Therefore, these resources may be, but are not required to be, considered and followed when a CASL violation arises. For this reason, you cannot rely on these resources alone.
For more information, please see the following additional resources:
- Canada’s Anti-Spam Legislation
- Electronic Commerce Protection Regulations (CRTC) (SOR/2012-36);
- Electronic Commerce Protection Regulations (SOR/2013-221);
- Canada’s Anti-Spam Law – An Overview
- Canada’s Anti-Spam Law – The Scope of Prohibited Activities
- Canada’s Anti-Spam Law – Exemptions
- Canada’s Anti-Spam Law – Implied Consent
- Canada’s Anti-Spam Law – Opt-in Consent Best Practices
- Canada’s Anti-Spam Law – Exceptions to Consent Requirement
- Canada’s Anti-Spam Law – Unsubscribe