Canadian Anti Spam Legislation (CASL) In Effect July 1

Over the past couple of weeks I have been seeing some messages from companies who have me as part of their email distribution list.  The gist of these messages is an explicit request for me to subscribe once more to their list.  

Canadas Anti Spam Legislation CASL

The reason this is happening is the impending regulations for the Canadian Anti Spam Legislation, CASL for short, which come into effect on Canada Day, July 1.  Those companies who have started this process are taking one of the necessary steps to bring themselves into compliance with the legislation.

Key elements of the law:

When the new law is in force, it will generally prohibit the:

  • sending of commercial electronic messages without the recipient's consent (permission), including messages to email addresses and social networking accounts, and text messages sent to a cell phone;

  • alteration of transmission data in an electronic message which results in the message being delivered to a different destination without express consent;

  • installation of computer programs without the express consent of the owner of the computer system or its agent, such as an authorized employee;

  • use of false or misleading representations online in the promotion of products or services;

  • collection of personal information through accessing a computer system in violation of federal law (e.g. the Criminal Code of Canada); and

  • collection of electronic addresses by the use of computer programs or the use of such addresses, without permission (address harvesting).

  • Source: Fightspam - Government of Canada - Fast Facts

What do these provisions mean for businesses using email in the course of their communication and promotion?

The basic issue is you must have consent to use an email address to communicate to someone.  You also must record when you got that consent and it must be explicit.  This means that contacting someone indirectly and then emailing without them having checked a box (not supposed to be the default) to indicate that they want your email, is not allowed.

For example:

Suppose you decided you would like to be on the email list for this blog.  In the upper right hand corner of this page there is a space to fill in your email to request being put on the list for the blog.  When you do this, your email address is added to a special list which tracks your request and shows it as having been done on the date you fill in the address.  At the bottom of every email sent out to readers of the blog is an unsubscribe option so you can easily remove yourself from the list.  These two actions make the list created for the blog notices CASL compliant.  Also, you should note that the blog email list is only used for the blog and therefore it adds another level of compliance.

The notices which are being sent out by most companies who are updating their list to be compliant specifically ask people to subscribe or opt in to email information from the company requesting.  Some actually identify that they are doing this updating to be sure that they are compliant with the CASL legislation.

Grey areas:

You are at a trade show and present someone in a booth with your business card which includes your email address.  Does this give explicit indication that you wish to be on their email list?  At this point this is not totally clear but I am sure that there will be many interpretations and more info to come over the months ahead.  The easy way to get around this would be to ask people to sign a form or fill in a web link giving you their permission to send email.

You are doing business with a company and have the email of a key contact within the company that you wish to communicate to.  Would using it be compliant?  Again this is not explicitly defined at this point but since the work is ongoing and you have a relationship with them it most likely is ok.  If in doubt ask them to reply to confirm that you are ok to use their email.

Keep the records:

One of the key features of CASL is the need for companies to keep the records of when they got permission to use email, SMS or social messaging accounts.  Establishing a way to do this within your data base will be an important tool to making sure you are compliant.  If you use third party software to handle this functionality (a common tool for email distribution) you should check to be sure the mechanisms are in the software to keep the sign up permission date for each individual record.  This will go a long way to ensure compliance.

At this point, since the legislation is just getting into the forefront of awareness, there will be many questions and potential changes in procedure companies and individuals will need to consider.  The first step is to be aware that this is legislation which should not be simply ignored.  The penalties for  non compliance are substantial both for individuals and for businesses.  If in doubt check it out to be sure you don't inadvertently make mistakes.

CASL is a fact as of July 1.  It is time to start taking steps to make sure you comply.

 

Managing Mobile & BYOD Policies and Related Security

(function(){
var s='hubspotutk',r,c=((r=new RegExp('(^|; )'+s+'=([^;]*)').exec(document.cookie))?r[2]:''),w=window;w[s]=w[s]||c,
hsjs=document.createElement("script"),el=document.getElementById("hs-cta-01ccbba9-627d-4489-8120-233c30167000");
hsjs.type = "text/javascript";hsjs.async = true;
hsjs.src = "//cta-service-cms2.hubspot.com/cs/loader.js?pg=01ccbba9-627d-4489-8120-233c30167000&pid=245212&hsutk=" + encodeURIComponent(c);
(document.getElementsByTagName("head")[0]||document.getElementsByTagName("body")[0]).appendChild(hsjs);
try{el.style.visibility="hidden";}catch(err){}
setTimeout(function() {try{el.style.visibility="visible";}catch(err){}}, 2500);
})();



Subscribe to our blog

(function(){
var s='hubspotutk',r,c=((r=new RegExp('(^|; )'+s+'=([^;]*)').exec(document.cookie))?r[2]:''),w=window;w[s]=w[s]||c,
hsjs=document.createElement("script"),el=document.getElementById("hs-cta-019f5aa4-5fe5-4173-8e27-4325cb71610d");
hsjs.type = "text/javascript";hsjs.async = true;
hsjs.src = "//cta-service-cms2.hubspot.com/cs/loader.js?pg=019f5aa4-5fe5-4173-8e27-4325cb71610d&pid=245212&hsutk=" + encodeURIComponent(c);
(document.getElementsByTagName("head")[0]||document.getElementsByTagName("body")[0]).appendChild(hsjs);
try{el.style.visibility="hidden";}catch(err){}
setTimeout(function() {try{el.style.visibility="visible";}catch(err){}}, 2500);
})();

Photo Credit: Government of Canada Website


Leave a comment!

You must be logged in to post a comment.

ClickCease