How To Prepare for Canada’s Anti-Spam Law (CASL)
On July 1st, 2014 there will be more than just Canada Day on the minds of Canadian marketers. Aside from celebrating the birthday of our beloved nation, July 1st also marks the day the Canada’s Anti-Spam Legislation (CASL) comes into effect.
Although CASL may be the cause of headaches for marketers nationwide, it is actually a legislation created for the purpose of fostering a healthy and safe online environment for both Canadian consumers and businesses. The official stated goal of CASL is “to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities.” Essentially, it is the Canadian government’s way of impeding the circulation of spam and preventing online crimes such as spyware, phishing and identity theft that many Canadians face each year.
Less spam and online criminal activity is definitely something to be celebrating, but CASL has several implications for Canadian businesses, even the ones who have been following email marketing best practices.
CASL touches on all aspects of digital communication including online content, social media, cellphone and email. Throughout this post, you will gain an understanding of what CASL is, how it effects you and the gaps you need to fill to ensure you are compliant to this new legislation.
Does CASL Apply to Me?
Before you throw all your digital marketing efforts towards becoming CASL compliant, it is important to ensure that CASL actually applies to your business.
Essentially, CASL will apply to any commercial electronic messages (CEMs) where a computer system is located in Canada is used to send or access the electronic message. A commercial electronic message “encourages participation in a commercial activity”, whether or not there is an expectation of profit. If you own or operate your business in Canada and utilize any form of digital communication, it is likely that CASL applies to you. If you are sending your emails outside of Canada, you have to assume the responsibility to find out where your customers are accessing their email. If your recipient accesses their email from Canada, then CASL applies to you!
The Nitty & Gritty Details
- December 4, 2013: Industry Canada Final Regulations
- July 1, 2014: CASL Takes Effect
- January 15, 2015: CASL Computer Program Provisions Takes Effect
- July 1, 2017: CASL Private Right of Action Takes Effect
The official date of enforcement for CASL is July 1st, 2014. However, there will be a 3-year transitional period in which businesses will be allowed to continue to send CEMs to their existing customers. This means that you have until July 1st 2017 to obtain “Express” consent for customers that are on your list through an existing business relationship.
What does CASL Require in a CEM?
Of course, as a legislation, it gets much more complicated than just three requirements. Under CASL, consent is a major consideration and a significant piece to becoming compliant under this new legislation. CASL defines consent as express and implied consent.
What is Express Consent?
“Expressed” consent is when the individual takes affirmative action to willingly be in your mailing list. Essentially, expressed consent is when the recipient says yes to receiving your CEM.
What is Implied Consent?
“Implied” consent is when a relationship exists between you and the recipient, but they are added to your list without any affirmative action. Examples of these types of relationships include a purchase from the recipient, download of your content, or if they give you a business card.
Implied consent, however, expires in 24 months, so it is best to set up a method to obtain express consent, which never expires.
Penalties & Enforcement
If your digital efforts are not compliant to CASL, there could be severe consequences to both your company’s reputation and finances.
The Canadian Radio-television and Telecommunications Commission (CRTC) are the enforcers of CASL and these are the penalties you could be facing if you fail to comply:
Preparing Your Business
Are you ready for CASL?
To avoid facing these consequences, you have to ensure that all aspects of your digital marketing efforts meet the requirements outlined by CASL. Proper preparation and implementation of your digital marketing efforts can ensure that you are CASL compliant, thus strengthening your relationship with your customers.
Review the following points to ensure that you are ready when CASL comes around.
Consent is a significant piece of complying with CASL. Make sure you can say “yes” to all these questions before moving on with your digital campaign.
- Are subscribers clearly informed about what they are consenting to receive from the sender? The permission statement must be clear and straightforward.
- Did you conduct “double opt-in”, which requires sending a message to the new subscriber’s email address, requesting a click on a confirmation or activation link to confirm or activate the subscription?
- Did you prepare a welcome message or confirmation email after receiving consent, which summarizes the details of your online relationship with the receiver?
- Do you have a method to document the details surrounding the provision of consent? This must be retained as proof if required.
Preparing your Database
CASL doesn’t just mean gathering consent. It also means taking a look at your current database and ensuring it is prepared to accommodate the requirements of CASL.
- Do all your current database records identify permission status as either implied or express, with the supporting information for this consent readily available?
- Have you established plans and procedures to secure express permission from any implied consent records to obtain an explicit opt-in from them?
- Does your data management system have the capability to manage time limits to assure compliance with CASL?
An important component of CASL is proper identification. Are you doing the following?
- Does your consent form identify the person, business, and organization asking for consent?
- Are your online messages free of false or misleading representations?
- Does your consent form include a valid mailing address and either a telephone number, email address or web address?
Note how Adobe lists their address, website, email address, and phone number in the image below.
Giving your recipients to unsubscribe is a crucial part of CASL.
- Are you doing the following?
- Do your e-messages include indication of a mechanism that will allow people to unsubscribe at any time?
- Is your unsubscribe mechanism must be straightforward and clear?
- Do you have a system in place to process “unsubscribes” as soon as possible? It must be done after 10 business days from the recipient activating the unsubscribe mechanism.
The process of gathering consent from your recipients also presents itself as a chance to renew their interest in your business. It gives you a chance to reevaluate your website and ensure that your website’s messages are also CASL compliant.
- Are your websites messages free of false or misleading representations?
- Are your Privacy Policies clear and easy to find on the website?
- Does the email subscription call-to-action on your website allow you to gain express consent?
Preparing for CASL might seem overwhelming, but we’re here to help! Simply fill out the short form below to stay in the loop with our CASL resources, tips, and updates to always ensure that your business remains CASL compliant.