Canada Anti-Spam Legislation change around the corner
Canadians around the globe have been celebrating Canada’s ‘birthday’ on July 1 since 1867. This year Canada will be getting a special birthday present – a brand new law. Canada Anti-Spam Legislation (CASL), being passed on July 1, 2014, is aimed to help Canadians avoid spam, invasion of privacy, hacking and other electronic threats. While this is seen as a positive thing for most Canadians and their in-boxes, marketers who send email to Canadians have less cause for celebration.
CASL applies to all commercial electronic messages sent from or received by a Canadian mail server. Organizations in Canada and even those that are located outside of Canada, but contact subscribers who are in Canada, are subject to CASL.
It’s not necessarily SPAM as we know it
Legislation surrounding the sending of electronic messages is nothing new to marketers. North American marketers know what the best practices are and how to be compliant with the widely known US CAN-SPAM laws. But marketers beware; CAN-SPAM and CASL is not the same thing. Take the fines of up to $10 million per violation for example, or the potential for criminal charges for companies that intentionally mislead recipients. Canada isn’t messing around.
The other big difference between CAN-SPAM and CASL, and the most important part of the new legislation is consent. CASL has strict rules requiring more than the implied consent specified by many of the other privacy laws. Being able to prove expressed consent, having opt-in (not opt-out) options and no pre-checked boxes are some of the changes that marketers are going to have to make to their registration and subscription forms.
Marketers in the US have the option to send that first email, as long as recipients have the opportunity to request no further messages. However, in Canada itself, that first email will be illegal unless there is expressed prior consent. These guidelines should be familiar for marketers who have European email subscribers – and it’s something our teams in Europe have been helping clients manage for some time.
MarketOne has a number of best practices and solutions we suggest implementing to guarantee compliance with the new law.
1. Implied consent of contacts most likely already exists – get express consent now
Implied consent takes place when there is an existing business relationship with a contact within the past 24 months. This could mean they’ve purchased something, expressed interest or requested more information. You can contact those people with whom you have implied consent for up to three years after July 1, 2014. Figure out who these contacts are, tell them why it makes sense to continue recieving your emails, and get express consent followed by a welcome/confirmation subscription email for your records.
2. Have express consent? Keep a record
Keep a record with IP addresses, time and date of consent of the contacts that you have express consent for already. Go a step further and send a re-subscribe message to those you have identified as having consent to confirm that they want to receive email from you. If they don’t immediately opt-in, send a confirmation request to the subscribers to make sure they know the emails will stop if they don’t opt-in.
3. Follow the obvious best practices
4. Things to remember when sending emails requesting consent
- Eliminate pre-checked and opt-out boxes. Contacts must opt-in themselves
- Explain why you are asking for consent
- Clearly identify who you are with your organizations mailing address and contact information
- Provide a statement that consent can always be withdrawn at anytime
If you have further questions about the new legislation please do get in touch with us. We can share some of the examples of campaigns we’re doing with other clients to encourage opt-in from Canadian subscribers – and maybe help you out too.