Do you send emails, texts, or other
electronic messages to your consumers, customers or suppliers? If
so, you will be impacted by Canada's Anti-Spam Legislation
("CASL"), which sets out new rules for sending commercial
emails, texts, social media messages and any other form of
commercial electronic message ("CEM").
The primary obligation imposed by CASL
is that the sender of CEMs must have the express consent of the
recipient, unless a statutory implied consent (or exemption)
applies. Where express consent is required, the recipient must give
a positive opt-in consent: pre-checked opt-in boxes, or consent
tied to the receipt of a service or entry into a promotion will not
be sufficient. Certain contact information and other
disclosures will now also be required when obtaining express
In addition, CASL also requires that
certain information be included in most messages themselves,
including contact information and an unsubscribe mechanism.
Key points about CASL relevant to
CASL doesn't just apply to
traditional "spam". Without the proper kind of
consent in advance of sending the email, and the proper disclosures
in the communication itself, your CEM could be contrary to
CASL applies to messages that are either sent from, or received
in, Canada. Even if the CEM originates from outside of the
country, CASL may still apply.
The onus is on the sender of the CEM to prove that express
consent, when required, was obtained. Procedures, training,
and ongoing monitoring should be in place if collecting emails and
consent to send CEMs at the point of sale to know that you can
prove the appropriate form of consent was obtained.
Consent to receive a CEM may be implied in certain limited
cases, including where an "existing business
relationship" exists between the sender and the
recipient. This includes situations where the recipient
purchased goods or services within 2 years before the day on which
the CEM is sent.
Exceptions to the consent requirements may apply in certain
situations, including where the CEM relates to a quote or estimate
which was requested by the recipient, transactional emails (e.g.
ecommerce) where the email facilitates, completes or confirms the
transaction, and providing warranty or product recall information
about a product or service that the recipient has purchased.
CASL applies to direct messages sent through social media
platforms like Facebook and Twitter, but not to public posts.
CASL also applies to computer programs – not just
malware, but virtually any app or website that makes software
available to consumers' devices. Note, however, that these
provisions don't come into force until January 2015.
The penalties are significant: for corporations, up to $10
million penalty per day that a violation occurs and, in
2017, individuals will be able to file their own suits against
alleged transgressors, or worse - file a class action.
This list of issues is not
exhaustive. As a preliminary matter, retailers should take an
inventory of the emails they send, and the basis on which they will
be permitted to do so following July 1, 2014. Note that
emails to obtain express consent will themselves be governed by
CASL. Since there is no blanket grandfathering of existing
lists, many companies are finding they need to go back and ask
recipients to 'reaffirm' their consent now, prior to the
July 1 deadline.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).