Canada Anti-spam Law – What you need to know

You need to gain opt in NOW.

Once the law comes into force, your request to opt-in will also be classified as a Commercial Electronic Message(CEM) and you will be at risk for violating Canada Anti-Spam Laws(CASL). If you don’t have consent and planning on getting confirmation, you will need to do it before July 1st, 2014.

The wide sweeping mandate for the new Canadian anti-spam legislation(CASL) affects all businesses and organizations starting July 1st, 2014 and by July 1st, 2017 implied consent will no longer be applicable as well. Anyone can report your organization to regulators by simply filing a complaint online at www.fightspam.gc.ca . Potential monetary fines for violating CASL go from $1 million per violation for individuals up to $10 million per violation for corporations.

Here are the things you need to know:

What is a Commercial Electronic Message?

Commercial electronic messages (CEM) are any messages sent by electronic means, and where the primary purpose is to encourage participation in commercial activity.

An easy way to determine whether your message would classify as a CEM is if there is any form of a call to action within it that leads to business. Are you asking the recipient to sign up for a web demo, newsletter, or to download marketing material? If so, then it’s considered a CEM, and will be subject to this new law coming into force.

This means if your organization has purchased an email list, you won’t be able to send campaigns out unless you already have the recipients’ expressed or implied consent to do so. Your sales people will also not be allowed to make promotional pitches via email unless they have consent or permission as well.

Additionally, this new law also affects you if you have computer programs that you install on your clients’ network, if you collect email addresses without consent, and if you communicate via social media networks and even SMS texting

What are the requirements for CEMs?

In order to send out a CEM you need the following:

1. The recipient must have already consented to the receipt of the CEM prior to you sending it.

2. The CEM  must contain the following prescribed information:

   • The purpose for which consent is being sought (“Clearly and simply”)

   • Contact information where the recipient can reach you

   • An option to unsubscribe/withdraw their consent

     • Must be effective for 60 days

     • Must be given effect within 10 days of request to unsubscribe/withdraw their consent

     • Must be at no cost to the requester

3. When the information above is not practical to include in the CEM, this information must be posted on a website with a link directly that clearly and prominently set out the message in a readily-accessible format

The onus of proving consent rest with your organization as the sender. You can either obtain it orally, or in writing.

What is Implied Consent?

There is currently a grace transitional period for implied consent, which will end on July 1st, 2017. Here are the following situations where consent may be implied:

• If the recipient has conspicuously published his/her electronic address

  • For example on a website

• Has not indicated that they do not wish to receive unsolicited CEMs

• Your message is relevant to the recipients business role, duties or functions

• In the two years prior to sending the CEM

  • Purchased/ leased/ bartered a product/ good/ service/ land from the sender

  • Accepted a business/ investment/ gaming opportunity offered by the sender

  • A written contract is created between the recipient and the sender

    • Or six months before the message is sent, the sender received from the recipient an inquiry or application about one of the items above

CEM Exemptions

If you are a business and have an existing and ongoing relationship with your client then your CEM’s will be exempt. However, here are all of the exemptions to the new Anti-spam legislation :

• Internal CEMs

• Solicited CEMS which are sent in response to a request, inquiry or complaint

• CEMs between organizations/business that “have a relationship” and the CEM concerns the activities of the recipient business/organization

• CEMs sent to enforce a legal right

• CEMs that consist solely of an inquiry or application

• CEMs sent within electronic platform where “unsubscribe” and identifying information is conspicuously published and readily available

  • i.e. within a social network

• CEM’s sent within a limited-access secure account by the person who provides the account

  • i.e. banking portals

• CEM’s sent to a foreign jurisdiction

  • must comply with foreign Anti-spam laws

• Two-way voice communications

  • faxes and voicemail messages sent to telephone accounts

• Personal or family relationships

• Registered charities exemption

• Registered charities where the message has as its primary purpose is the raising of funds for the charity.

Exemptions that must prescribed contact info and “unsubscribe” option

In limited circumstances, you don’t need to obtain consent but will have to include the prescribed contact information and a unsubscribe option:

1. Third-party referral – Your first CEM sent will not require consent before sending, but you will need to have your identifying information and a unsubscribe option

2. Providing quotes or estimates in response to requests

3. Warranty, recall or product safety information

4. CEMs that delivers a product or service, including updates and upgrades

5. CEMs that facilitates or confirm transactions

6. CEMs that provides factual information about:

   • Ongoing subscriptions, membership, accounts, loans

   • Ongoing use of services or purchases

   • Employment relations or benefit plans for employees

Here are some additional resources:

• What non-profits need to know about the Canadian Anti-spam Legislation

If you have any questions feel free to contact me at Stevie.vu@happierit.com