Legal Blog
Anti-Spam
Canada’s new Anti-Spam Legislation (“CASL”), comes into force on July 1, 2014. The legislation generally prohibits the sending of commercial electronic messages (“CEMs”) without the recipient’s consent. Presumably, the legislation was enacted to rid us of the scourge of unwanted and unsolicited emails. How effective it will be is another matter. No doubt, it will reduce unsolicited emails from reputable Canadian businesses. However, will offshore entities really care about Canadian legislation – probably not. Will the purveyors of malware, viruses, and phishing care about Canadian legislation – definitely not.
However, since you are all reputable Canadian businesses, here are some tidbits of information you should know about CASL:
1) CEMs are broadly defined
A CEM is defined as any message sent by telecommunication to encourage participation in a commercial activity. This includes emails, text messages, and messages through social networking sites such as Facebook. CASL will govern not only direct solicitation, but also a broad range of advertising and marketing activity.
2) CEMs cannot be sent without the recipient’s consent
Consent from the recipient of the CEM must be express and cannot be implied. This means that the sender must actively request and be granted the receiver’s consent before sending a CEM. A request for consent must identify the requestor and indicate the purpose for which the request for consent is being made.
3) CEMs must contain prescribed information
A CEM must identify the sender, contain the sender’s contact information, and contain an “opt-out” mechanism, which allows the receiver to unsubscribe from receiving further messages.
4) Some CEMs are exempt from CASL
Certain CEMs are exempt from CASL and certain electronic messages are not considered to be CEMs; for example, those messages
- sent internally within a business and which relate to that business
- between friends or family
- sent by political parties soliciting contributions
- sent by registered charities for the purposes of fundraising
- between businesses with an ongoing business relationship
- from a business for the purpose of responding to an inquiry or complaint
- sent to satisfy a legal obligation.
5) Severe penalties for non-compliance
Violating the prohibitions under CASL can result in penalties of up to $1,000,000 for individuals and up to $10,000,000 for corporations, per violation. In addition, businesses will be vicariously liable for violations committed by employees acting within the scope of their employment and officers and directors of corporations will be liable for a prohibited act if they direct, authorise, assent to, or participate in it.
6) Transitional provisions
In certain situations, CASL provides for a period of implied consent for up to three years after it comes into force. The transitional provisions apply to specified existing business and non-business relationships. However, consent will no longer be implied if the persons receiving the electronic messages notify a sender that they no longer consent to receiving these messages.
7) Ensure compliance
Complying with CASL requirements will be both difficult and costly. Regardless, if you have not already done so, you must immediately implement policies and procedures for dealing with the new legislation. In particular, you should
- determine whether CASL applies to any of the electronic messages you currently send
- create a list of any CEM recipients who do not fall under one of the exemptions
- obtain the express consent of all recipients to whom you intend to send CEMs in future
- maintain records of all CEM recipients to ensure that you have the continuing consent of all those to whom you are sending messages
- ensure that all CEMs meet the content requirements of CASL.
* article by Christopher Sansom