The Canada's anti-spam legislation (CASL) comes into force on 1 July 2014. Here is an outline.
HOWEVER, YOU ASSUME THE RESPONSIBILITY TO TAKE NOTICE BY YOURSELF OF THE REQUIREMENTS OF THE CASL, PARTICULARLY TO IDENTIFY SITUATIONS OF IMPLIED CONSENT AND REQUIRED DEADLINES, WITH THE UNDERSTANDING THAT CYBER GENERATION ASSUMES NO LIABILITY OR DAMAGE RELATING TO THE ACCURACY OR COMPLETENESS OF THE ONLINE INFORMATIONAL CONTENT WITH RESPECT TO THE REQUIREMENTS OF LCAP.
The law designates spamming or sending unsolicited commercial electronic messages as an offense. It forbids sending a commercial electronic message unless the person to whom the message is sent has provided an express or implied consent to receive it.
The message must also comply with the regulation prescribed form; therefore it must include the information identifying the person who sent it or on behalf of whom it was sent, and the information to communicate easily with either of these people. The recipient must be able to easily unsubscribe from the communication and the sender must respond within ten working days.
Consent
Express consent requires explicit and informed adhesion – there can be no business communication with a person or corporation unless consent has been provided.
In case of implied consent, consent is assumed unless there is explicit refusal - there can be commercial communication with a person or a corporation in circumstances where it can be assumed that they might be interested, but interested parties should be able to refuse the communication.
In the case of CASL, implied consent can be assumed in some cases, particularly when there is an "ongoing business relationship" or a private relationship. You must refer to CASL to inquire about other exceptions specified, such as family relationship, personal relationship and others. Moreover, except for the exceptions provided in the CASL, express consent must be requested if you wish to send to a person one or several unsollicited commercial electronic messages.
Those who can assume implied consent because of an ongoing business relationship must meet one of the following criteria:
they conducted the sale, lease or barter of a product, a good, a service, land or a right or interest in land in favor of the message recipient within two years prior to sending the message;
they have offered a business opportunity, investment or gaming opportunity which has been accepted by the recipient in the preceding two years;
they have spent, with the recipient, for one reason or another, another type of written agreement which is still in effect or which has expired within the preceding two years;
-
they received any request for information from the recipient within the previous six months.
Those who can assume implied consent because of a private relationship must meet the following criteria:
- The recipient has made a donation or gift to the sender or his organization during the two years preceding the date of the message and the sender or organization is a registered charity, political party, organization or candidate;
- the recipient has done work as a volunteer for the sender or his organization or attended a meeting organized by him or his organization during the previous two years and the sender or his organization is a registered charity, a political party, organization or candidate;
- The recipient has been a subscriber to the organization during the two years preceding the date of the message and it is a club, association or voluntary organization, as defined in the regulations.
Another interesting case, if the recipient has conspicuously published its email address, for example on a commercial Website, without specifying that it should not be used to receive unsolicited commercial electronic messages, the address may be used to send messages relevant to the person’s business, role, functions or duties in a business or official capacity. This exception also applies where the recipient has provided their email address to the sender without indicating he does not want to receive any unsolicited commercial electronic message and the message is relevant to the person’s business, role, functions or duties in a business or official capacity.
Even if one consents one way or the other to receive any unsolicited commercial electronic message, the recipient must be able to unsubscribe from the communication.
Proof of consent
Proof of the consent rests with the person who alleges the existence, that is to say the sender. You must keep the information relating to consent: date of request, information about the applicant, a copy of proof of the business relationship.
Unsubscribe option:
Even if one consents one way or the other to receive unsolicited commercial electronic message, CASL requires that the recipient must be able to unsubscribe at no charge to the sending of commercial electronic messages or certain categories of them, using the method that was used to send the message, or in case of impossibility, other electronic method that allows him to express this will. Also, all communications sent by email through the Cyberimpact Service, whether a first communication or follow-up, must contain an unsubscribe option by the recipient, which is clearly visible and remain functional for a minimum of sixty days.
According to CASL, the sender of the message must ensure that effect be given to the will of unsubscription of the recipient, without delay and in any event no later than ten working days after this will has been communicated to him day and without requiring any further action by the recipient.
Preservation of proof of withdrawal:
As sender, you must be able to demonstrate that you have responded to a will of unsubscription from the Receiver within the legal deadlines. We expect you to keep evidence of unsubscribe requests that have been submitted and the process time to which they gave rise.
Penalties
As of July 1 2014, sending unsolicited emails will be punished by fines of up to 1 million $ in the case of an individual and 10 million $ for a corporation or other organization.
Effective July 1 2017, a recipient who feels prejudiced by the sending of unsolicited emails may apply to a court to request compensation equal to the loss or damages and expenses incurred, in addition to $ 200 per violation to the CASL, up to one (1) million $ per day, depending on the type of violation. The maximum penalty is a million dollars for one person and ten (10) million $ for a corporation or other organization.
TRANSITION PERIOD
Transitional provisions state that implied consent for business or private relationship that existed before the CASL will be valid for three years following the entry into force thereof so until 1 July 2017. It will be necessary that you seek express consent during this transitional period of three years for there to be consent after the deadline.
How to prepare yourself for this legislation?
We changed Cyberimpact Service to make this easy. Thus, unsubscription, incorporation of your address and your email allowing your customers to easily communicate with you will be done automatically.
In terms of express consent, all those who register from the application form from your website comply with the law. Thus, your client will receive a confirmation email, you will receive a copy and we will keep all the information in the database.
We also added templates consent requests that will able you to get all the necessary information to prove that the person did indeed provide his express consent to receive your email communications. We suggest you over the coming weeks to send an email requesting permission to any person in your mailing lists.
It is clear that it is not all your customers who will provide their express consent first time. We suggest you make periodic reminders by the entry into force of the law.
For people who will not provide you their express consent, it will be important for you to keep in your records the information necessary to show that implied consent applies. So you can add a note in the customer record on Cyberimpact.
Conclusion
The Canada's anti-spam legislation is primarily intended to reduce the amount of spam and spammers. It requires making some adjustments to the ways of doing email marketing. However, because you already follow best practices by relying in Cyberimpact, these adjustments may be minor for you.
We suggest you promptly contact your mailing list in order to obtain a maximum of express consent before the entry into force of the law.