SOLVED: What Is CASL – Canadian AntiSpam Legislation

Canadian AntiSpam Legislation or CASL for short is the more onerous antispam legislation in the world of 2015.  Below are the primary items that everyone who deals with Canadian’s need to know:

1. CASL deals with Commercial Electronic Messages or “CEM”s for short
   1. This is NOT just mass emails
      1. It includes single emails, mass emails, texts, faxes, social media…
   2. Pretty much anything other than telephone calls.
2. It applies to everyone who communicates with Canadians regardless of where the message originates.
   1. Sooo, if you think you can have your US office send emails to your Canadian clients and prospects, you would be what we like to call, wrong. .
3. It came into effect on July 1, 2014 and the punishments come into effect on July 1, 2017 .
4. The penalties and punishments are:
   1. Initially the Canadian Government is most likely to just “publicly shame” the offenders by publishing their names, making them attend court, and making them apologize publicly.
   2. After 2017, the punishments will be:
      1. $1 million if a person is in breach of the law (sending the communication)
      2. $10 million if a company is in breach of the law (sending the communication)
      3. Even the specific PERSON who receives the message can sue for $200 per incident .
5. Consent is one to three ways around the law but you can NOT send an email/text asking for consent.
   1. Implied consent can by obtained by:
      1. Receiving a business card:  For example, at a Trade show someone might hand you their card)
      2. “Conspicuous publication” For example, if the receivers contact information is published on a website, like a real estate agents might be
   2. Express consent can be obtained by:
      1. verbally being told you can send to the recipient, BUT the recipient has to be the one who tells you that.  You cannot rely on a proxy, like an executive assistant.
      2. in writing .
6. Existing relationships (business or personal) mean you are not subject to the law for two years from the last related contact. .
7. The third way around the law is if they are sent by an organization class specifically named in the legislation.  In 2015 that includes political parties and registered charities. .
8. Due Diligence IS a defense so companies that have the any or all of the three items below may be able to avoid the penalties:
   1. have a written (and signed?) staff policy
   2. provided training to their staff
   3. have documented processes of avoiding such problems (i.e. went sent the mass email by accident due to a computer reboot) .
9. If, under CASL, you are allowed to send the message, it must meet specific ‘form and content rules’:
   1. clearly identify the sender
   2. a way for the recipient to contact the sender for a minimum of 60 days
   3. a functional unsubscribe/opt out mechanism .
10. What most companies need to do first is performed a documented audit of their systems and processes to identify potential for future breaches.  This can be handled by a law firm if you like to spend vast amounts of money or by someone in-house, with authority, who has spent the time to do the basic research to cover your companies bum!

You might find fun little video from the CRTC to be a useful start to your CASL journey of love. http://www.youtube.com/watch?v=Q_w5CVwbFM4