The Office of the Federal Privacy Commissioner
has issued a Guidance Document
with helpful tips on compliance with Canada's anti-spam
legislation, or CASL, for
businesses in their marketing activities. The Commissioner's
Guidance addresses "e-marketing" which encompasses
electronic marketing, including by way of emails and text messages.
The Guidance document is focussed specifically on email marketing
and on the issue of electronic address harvesting. The Commissioner
defines electronic address harvesting as, "the use of a
computer program to indiscriminately collect electronic addresses,
such as email addresses".
The Guidance document provides comment on the due diligence that
is necessary to avoid inadvertently harvesting email address or
using harvested email addresses in an e-marketing campaign. Due
diligence includes taking appropriate steps to ensure compliance
with CASL obligations by a third party who has been contracted to
do e-marketing for you or by third party list vendors who provide
email lists for you to use in our in-house e-marketing
The Guidance document outlines some practical steps that
businesses can take to ensure that they do not run afoul of CASL
consent requirements, including asking questions about where a
third-party has obtained the email addresses it is selling, how
consent was obtained to use the email address, whether lists are
kept up-to-date and how changes are communicated.
The Commissioner also cautions that contracts should be clear on
what steps the list vendor or e-mail marketing firm is to take to
ensure compliance with CASL requirements and that contracts should
ensure that it is an up-front obligation for an email marketing
firm to ensure that commercial messages are not sent to people who
have not provided their email addresses or have not consented to
receiving commercial messages.
The Office of the Privacy Commissioner is responsible for
violations related to electronic addresses harvesting and the
collection of personal information through illicit access to other
people's computer systems, primarily through means such as
The CRTC is responsible for investigating the sending of
unsolicited commercial electronic messages, the alteration of
transmission data and the installation of software without
The Competition Bureau is responsible for investigating claims
of false or misleading representations and deceptive marketing
practices in the electronic marketplace.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).