On July 1, 2014, Canada’s new Anti-Spam Law (CASL) will take effect. Though that may seem far in the future, it’s important for email marketers to start preparing for the law today. When one email mistakenly taken for spam can rack up a $10 million fine, you’d be crazy not to. That’s why we’ve compiled everything you need to know about the CASL and the updates you’ll need to make to be in compliance.
According to the official CASL website, the law is intended to promote efficiency by establishing clear rules for consent in electronic communications.
It’s important to note that CASL applies to any electronic message sent in connection with a “commercial activity.” This means texts and social media will be held to the same standards as email. What’s more, even if the message isn’t intended to produce a profit, it still comes under the jurisdiction of CASL if it’s in a commercial context.
In addition to spam, the CASL also addresses privacy protection. The law prohibits the collection of personal information by illegally accessing a computer system or utilizing an email-harvesting computer program. It also prohibits the unsolicited installation of computer programs (i.e. viruses) and the alteration of data in transit via an electronic message.
The big focus of the CASL is consent. Anyone who sends commercial electronic messages (CEMs) within, from or to Canada needs the permission of the recipient before sending the message with very few exceptions.
Consent may be written, such as when the recipient fills out a consent form or checks a box on your website. Consent may also be verbally stated. If it’s written, make sure to store the date, time, purpose and manner of the consent in your database. If the consent is oral, obtain an unedited audio recording. And here’s a big change: You can no longer assume consent by pre-checking an opt-in box or including consent language in your terms and conditions of use or sale.
But what about implied consent? This is where things get tough. Implied consent may still apply, but only in three very limited situations:
However, implied consent becomes invalid after six months if the recipient does not become a client and in two years if an existing client does not purchase, subscribe or renew the account.
The CASL also requires you to provide recipients with information that identifies the sender and enables the recipient to withdraw consent. This must include:
For individuals and organizations that violate these regulations, the penalties are painful:
Additionally, the Private Right of Action, which comes into force July 1, 2017, allows individual victims to file civil charges and seek damages of $200 per violation and up to $1 million per day.
The real question is, “How well do you know your database?” You can no longer dust off an old list and start sending emails if you don’t know whether you have any Canadian recipients and whether those recipients have opted in. And it’s simply not enough to look for obvious domains that end in “.ca”; the stakes are just too high, the penalties too severe.
Instead, we recommend email marketers meticulously check every list they own:
As we all know, dirty data and poor email acquisition practices can give all email marketers a bad name. But by understanding the laws and following generally accepted standards, your emails will make it to your customers’ inboxes, boost your conversions and avoid racking up crazy fines!
Do you have additional questions about compliance with CASL? Contact TowerData today for help!
Photo Credit: Ian Muttoo