Overview of Canadian Anti-Spam Legislation
Sep 23, 2014 QuickCounsel Download PDF
By Tricia Kuhl (Partner), Kaitlin Macdonald (Associate), Wendy Mee (Associate) and Alice Tseng (Partner), Blake, Cassels & Graydon LLP (Blakes)
Considered one of the most stringent anti-spam regimes in the world given its breadth, scope and penalties, Canada's Anti-Spam Legislation will have a significant impact on the electronic communication practices of businesses operating in the Canadian marketplace. This QuickCounsel focuses on what businesses need to know to comply with CASL's anti-spam provisions, which came into force on July 1, 2014. CASL also contains provisions related to the unsolicited installation of computer programs or software but those provisions do not come into force until January 15, 2015, and are not addressed in this QuickCounsel.
CASL was enacted in December 2010, but significant concerns raised by Canadian stakeholders regarding the potential impact of the legislation resulted in multiple rounds of public consultation and lengthy delays. The Canadian Radio-television and Telecommunications Commission's Electronic Commerce Protection Regulations (CRTC) (the "CRTC Regulations") were finalized in March 2012 and final Industry Canada Electronic Commerce Protection Regulations ("IC Regulations") were published on December 4, 2013.
Subject to limited exceptions, CASL prohibits the sending of a commercial electronic message (a "CEM") to an electronic address unless: (1) the person to whom the message is sent has consented to receiving it; and (2) the message complies with prescribed form and content requirements. An electronic message that is sent to request consent to send CEMs is itself considered a CEM, which may not be sent without consent (subject to the exceptions discussed below). This is a significant distinction from the CAN-SPAM Act in the U.S.
A CEM is defined broadly as an electronic message (e.g., email, text message, social media message) that has as its purpose, or one of its purposes, to encourage participation in a commercial activity. A Commercial activity includes any transaction, act or conduct or any regular course of conduct that is of a commercial character, whether or not the person who carries it out does so in the expectation of profit. This is another significant distinction from the CAN-SPAM Act in the U.S.
THE CONSENT REQUIREMENT
In general, consent to receive a CEM must be express. However, under CASL consent may also be implied in certain limited circumstances, which are discussed in more detail below.
Guidance documents published by the CRTC have made it clear that "a positive or explicit indication of consent is required" to comply with the express consent requirements of CASL. This impacts a common industry practice of using an opt-out or negative option method of obtaining consent for marketing, such as a pre-checked consent box that a consumer has to un-check to signify they do not wish to receive marketing messages is also another significant distinction from the CAN-SPAM Act in the U.S. Instead, a person must take an active step (e.g., checking a box) to indicate his or her consent. The guidelines also state that requests for consent cannot be "subsumed in or bundled with requests for consent to the general terms and conditions of use or sale" but rather must be clearly and separately identified.
To be valid, a request for express consent under CASL must set out "clearly and simply":
Although CASL generally requires express consent, consent will be implied in the following circumstances:
CASL exempts the following types of CEMs from its anti-spam prohibition altogether:
The IC Regulations also add the following exemptions from the anti-spam prohibition:
CASL also exempts the following CEMs from the consent requirement (though these CEMs must still comply with CASL's form and content requirements), if the CEM solely:
The IC Regulations also set out an additional exemption that applies only to the first CEM sent to an individual following a referral, provided the referral is from an individual who has an existing business, non-business, personal or family relationship with both the recipient and the sender. The CEM must disclose the full name of the referring party and state that the CEM is sent as a result of the referral.
CONDITIONS FOR USE OF CONSENT OBTAINED ON BEHALF OF A PERSON WHOSE IDENTITY WAS UNKNOWN
CASL provides that a person may, on behalf of an unknown third party, obtain the express consent of another person to receive CEMs from the third party, as long as certain conditions set out in CASL and the IC Regulations are met. The IC Regulations set out somewhat burdensome conditions for the use of this type of consent by third parties.
FORM AND CONTENT REQUIREMENTSIn addition to the consent requirement, CASL sets out specific form and content requirements for CEMs. In particular, each CEM must identify the sender, provide prescribed contact information for the sender, and set out an "unsubscribe" mechanism.
The prescribed contact information includes:
The CRTC clarifies that a valid unsubscribe mechanism may be set up in numerous ways and may be as broad or as granular as the sender wishes it to be (provided that it meets the requirements of the legislation). In other words, the CEM may offer the recipient the choice between unsubscribing from all or just certain types of CEMs.
AIDING AND ABETTING CLAUSEUnder CASL, it is an offence "to aid, induce, procure or cause to be procured the doing of any act contrary to" certain sections, including the provisions relating to sending CEMs. Accordingly, refer-a-friend promotions must be carefully structured to take into account requirements under CASL.
Under CASL, it is an offence "to aid, induce, procure or cause to be procured the doing of any act contrary to" certain sections, including the provisions relating to sending CEMs. Accordingly, refer-a-friend promotions must be carefully structured to take into account requirements under CASL.
Organizations should ensure to build and implement compliance programs that meet the strict standards of CASL. In order to get onside with the law, organizations should consider the general compliance strategies identified in the Blakes Bulletin published on December 10, 2013.
ADDITIONAL RESOURCESMemorandum of Understanding for Cooperation, Coordination and Information Sharing Between the Commissioner of Competition, the CRTC and the Privacy Commissioner of Canada regarding the Implementation of their Mandates under CASL
Additional ACC Resources
ACC Resource Library - Article
ACC Resource Library - Article
ACC Resource Library - ACC Docket
Crafting a Global Anti-Corruption Program: Leading Practices for Ensuring FCPA, U.K. Bribery Act, and Related Corruption Compliance
ACC Resource Library - Leading Practices Profiles
Have an idea for a quickcounsel or interested in writing one?
This resource is sponsored by:
Table of Contents