Canada’s Anti-Spam Legislation: What you need to know for your next e-mail campaign
If you’re sending out regular e-mail marketing campaigns, then you’re bound to be familiar with the US Regulations CAN-SPAM Act. If you’re also reaching out to people in Canada, you need to know about their own Anti-Spam Legislation or CASL. Canada is a huge marketplace for a lot of industries, which means getting your message through, and doing it the legal way, is critical to your best practices in the land of the north. Don’t worry! With a bit of preparation and following some simple guidelines, you’ll be able stay in line with their regulations, and more importantly, get through to your customers and potential customers. Here’s what you need to know.
Get to know the CASL now, so you don’t learn it the hard way
When it comes down to it, Canada’s CASL is all about liability. If you’re liable for sending spam, you could get fined anywhere from $1-10 million per violation. This also applies to the individuals who send the e-mails, and have their names on them. That means your executives, directors, and employees all run the risk of liability if the CASL rules are violated. Scary, huh? Well, that’s all part of the bargain when it comes to spam in 2016 and beyond. When you launch e-mail campaigns in Canada, you must be diligent, well trained in CASL, and accountable. All of that is possible, if you do your due diligence, and train your staff in policy, adherence and best practices.
What exactly is covered under the CASL, so you know what you’re getting into before getting started
Under Canadian law, CASL regulations may apply to any “Commercial Electronic Message”, or CEM, that is sent from anywhere in the world to Canadian computers or devices inside Canada. Essentially, if you’re sending any sort of e-mail, direct message, inbox, or other electronic communication to any device in Canada, you’re liable to follow CASL. But, if you’re sending a message that is merely routed through a Canadian computer system, it doesn’t apply to you. So basically, if the end user is on a Canadian device, in Canada, you’ll need to follow their code. Just to be sure you’re on the right track, here is what’s included under the definition of a CEM, according to the pros in e-mail marketing:
A CEM is any message that:
- is in an electronic format, including emails, instant messages, text messages, and some social media communications;
- is sent to an electronic address, including email addresses, instant message accounts, phone accounts, and social media accounts; and
- contains a message encouraging recipients to take part in some type of commercial activity, including the promotion of products, services, people/personas, companies, or organizations.
Fax messages and fax numbers are not considered electronic formats or addresses under CASL.
Which messages are exempt from CASL, and how to identify when following CASL protocol is unnecessary
There are a number of examples that don’t fall under CASL regulations, and it’s important to be able to identify them, to help expedite Canadian e-mails and e-mail campaigns. These do, however, still fall under Canada’s FISA regulations, which requires that marketers may only send e-mail to individuals who voluntarily opt-in to receiving them. Here’s a more thorough recap with the full list, as it applies to Canadian exemptions:
- Messages to family or a person with established personal relationship.
- Messages to an employee, consultant, or person associated with your business.
- Responses to a current customer, or someone who has inquired in the last six months.
- Messages that will be opened or accessed in a foreign country, including the U.S., China, and most of Europe.
- Messages sent on behalf of a charity or political organization for the purposes of raising funds or soliciting contributions.
- Messages attempting to enforce a legal right or court order.
- Messages that provide warranty, recall, safety, or security information about a product or service purchased by the recipient.
- Messages that provide information about a purchase, subscription, membership, account, loan, or other ongoing relationship, including delivery of product updates or upgrades.
- A single message to a recipient without an existing relationship on the basis of a referral. The full name of the referring person must be disclosed in the message. The referrer may be family or have another relationship with the person to whom you’re sending.
If your message does not meet one of these criteria, consent is required under Canada’s Anti-Spam Legislation.
The differences between “implied” and “express” consent
Thought you were out of the woods already? Well, not so fast. Under Canadian law, there are two different criteria for consent. These differences are defined by either “implied” or “express” consent, and knowing the difference can be a game changer if you’re about to execute a Canadian campaign. The main difference is that “implied” has a rather loose definition, while “express” consent is much more strictly defined, and as a result, more strictly enforced.
By Canada’s definition, you’re giving implied consent when:
- The recipient has paid for a service, product or done any sort of monetary business with your organization in the preceding 24 hours;
- You’re a political organization, registered charity, or any entity that can receive a donation or gift. This also counts for someone who is volunteering or has volunteered for you; or
- You send someone a professional message, based on an e-mail address that was given to you, unsolicited.
Further, Canada defines express consent as any written or oral agreement to receive specific types of messages. For example, if someone fills out a web form, or written form, that specifically states they will be receiving messages or newsletters from your company, they have given “express” consent. Make sense?
This type of express consent, however, is only valid if:
- There is a clear and concise description of why you are looking to obtain consent;
- You give a brief, clear description on the type of messages you’ll be sending the recipient; and
- You have the contacts full name and contact information, such as physical address, e-mail address, telephone number, or website URL.
When does this all kick into effect?
The CASL regulations were initially approved on July 1st, 2014, however they were given a 3-year grace period, known as a “transition period”, to ease into effect. During this transition period (up until July 1st, 2017), you may send messages (with either implied or express consent) without consent. Once you’ve passed the 2017 cut-off date, you can only send these types of messages to recipients with express consent, or to those whose implied consent is currently valid under CASL (that is, 24 months after a purchase or six months after an inquiry).
For more information on the details of the law, and general laws surrounding spam in Canada, you can find the entire legislation published on their government website. If you have any questions on how we handle CAN-SPAM, or CASL regulations, don’t hesitate to reach out and contact us here. We’d be happy to help make your campaigns compliant, and get you on track for both the Canadian market, and American market where applicable. Good luck!
In Conclusion: What you need to do to be compliant with Canadian CASL
- Offer an opt-out/unsubscribe link in every e-mail.
- Clearly identify yourself, or your company, with full name or company name as sender.
- Don’t harvest data from e-mail campaigns without implied or expressed permission.
- Check the exempt list to see if anyone of your message targets qualifies.
- Verify that your message can, or cannot be categorized as a CEM (Commercial Electronic Message).
Sending high open rate, quality e-mail marketing in Canada is a great opportunity, and despite regulations, can be both very effective and very efficient. If you follow these specific guidelines, you’ll find staying out of trouble is a cinch, and you can roll out your campaign with ease, knowing you won’t be labeled as spam, or worse yet, punished for it. Seize the opportunity, and execute!