Business Law News & Updates

How not to be a Spammer! Introducing Canada’s New Anti-Spam Legislation (CASL)

On July 1, 2014, Canada’s new anti-spam law, affectionately known as CASL (the “Act”), will come into effect. From that day on (subject to any applicable ‘seasoning’ in periods), organizations which send commercial email messages will be subject to the various regulators who enforce CASL, namely the CRTC, Office of the Privacy Commissioner and the Competition Bureau.

CASL regulates the sending of commercial electronic messages (a “CEM”), the re-direction or forwarding of data in an electronic message during the course of a commercial activity, as well as the installation of computer programs on another person’s computer, however, this article will address primarily the sending of CEMs and provide an overview of how CASL will affect the way in which Canadian businesses can use email in their marketing and business development, & CRM efforts.

CASL is the short name for the act (thankfully). The full name of the law is very descriptive and is as follows: An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications. CASL is a good alternative.

Why have an Anti-Spam Law in Canada?

As outlined in section 3 CASL’s function is to regulate certain activities (i.e. sending CEMs, re-directing/intercepting CEMs and installing computer programs on other persons computers) which causes Canadians to be discouraged from relying on, trusting in, and more fully adapting to electronic means for carrying out commercial activities. In other words, because dealing with spam is annoying and also brings with it other personal computing security risks, such as the risk of identity theft and other privacy risks for starters, Canadians in general will adopt a distrust for email and electronic commerce unless it is regulated. Distrust of email and electronic commerce has already happened to some extent, but the level of sophistication among average Canadian email users has also improved and consciousness of email scams has reached a level where email ‘scams’ are more easily identified by many. Scams however, become more sophisticated on a daily basis. The persistence and mass at which scammers continue to work is good reason to enact this protective legislation.

The idea is that if the act of sending commercial email is regulated, instances of spam and abuse will be reduced, and it will be harder for annoying and threatening practises to flourish. Canadians will become more comfortable with and confident in the use of electronic commerce technology in general, and the Canadian economy will in turn benefit from the increased efficiency and resulting increased volume of transactions, i.e., the better use and adaptation of electronic commerce technology.

What does CASL regulate exactly?

As outlined in sections 6 through 8, and as the long title suggests, CASL regulates the sending of commercial electronic messages (“CEM”), the redirection / forwarding of CEM’s and the installation of computer programs on another person’s computer in ways that discourage the use of and adaptation of e-commerce technology. A CEM is defined as a text, sound, voice or image message that, having regard to its content, and any hyperlinks to content on a website or other database or the contact information therein, could reasonably be concluded to be for the purpose of promoting or encouraging participation in a commercial activity of some sort. The definition also extends to include a message that requests consent to send a commercial message.

The Act excludes two way voice communications between individuals, fax and voice-recorded calls, as those are addressed by other mandates (such as the Do Not call List).

As outlined in s. 6, CASL prohibits the sending of a CEM to an electronic address, unless the sender has the recipient’s consent, and the CEM identifies the sender, and the person on whose behalf the CEM is sent (in the case where they are different persons). In addition, the message must include the contact information of the sender (and namely a postal address, plus one more of an email or website address or phone number) / or person on whose behalf the message was sent, as well as an unsubscribe mechanism. These requirements must all be conspicuous and accessible on the same interface as the CEM.

There are some exceptions / exemptions

As noted in s. 5 of the Act, the restrictions in s. 6 do not apply to a CEM that is sent to a person with whom the sender has a personal or a family relationship (both of which are elaborated on in the regulations to the Act).

Further exemptions to the restrictions on sending a CEM include where the CEM was sent:

  • to provide replies to certain inquiries, quotes or estimates that have been requested by the recipient;
  • in respect of a commercial transaction that is either on-going or has completed between the sender and recipient;
  • to provide warranty, safety or recall information about a product the recipient has used or purchased;
  • in relation to the ongoing use of a product, goods or service sold in conjunction with a membership, loan, subscription, account or similar relationship;
  • in relation to a current employment or employee benefit plan relationship;
  • in relation to a legal obligation, right, or the enforcement thereof;
  • by a registered charity as defined in the Income Tax Act (Canada), and primarily for the purpose of raising funds for that charity; or
  • by a political party or organization (including a candidate) for the purpose of soliciting contributions.



Interestingly, Regulation 3 (f) also indicates that s 6 of CASL does not apply to a CEM which is sent to a recipient in one of the foreign states listed in the schedule to the regulations, so long as that state has a law substantially similar to that of CASL, and the CEM conforms to the law of the foreign state.

Regulation 4 exempts a first CEM from the restrictions in s. 6 where it was sent after a referral was made to the sender by a person who has an existing business, non-business, family or personal relationship with the sender as well as one of the above relationships with the recipient (such relationships are defined in the Act and/or Regulations).

Consent


When seeking consent to send CEM’s to a particular recipient, the purpose for which consent is being sought must be clearly and simply set out and the person seeking consent must be identified. The burden to prove consent rests with the sender. This means that senders should keep accurate opt-in records for all recipients. If you receive oral consent to send a CEM, you should make note and save a record of the details of the consent. In all cases, if no-consent is alleged, it is the sender who is required to prove consent was provided, so the better your evidence, the easier it will be to make out your defence of consent.

What are the dangers of being accidentally offside?

The penalties for violations of ss. 6 to 9 are set out in s. 20, and include monetary penalties of up to one-million dollars for an individual and ten-million for other persons.

How can I be sure I am compliant?

To ensure you are onside ss. 6 to 9, consider the following:

1. be sure you have clear consent from a recipient before sending a CEM (and retain a record of the consent);
2. if you don’t have consent, make sure that you meet with one of the various exceptions as outlined in the Act and its regulations;
3. Seek the legal advice from a lawyer competent to advise in this area;


This article is not a comprehensive treatment on what a person can or cannot do in regards to sending commercial emails. It is simply a brief overview which touches on parts of Canada’s new anti-spam law and aims to be a brief and useful resource to help readers identify whether or not there may be an issue which needs further analysis or consideration before sending as CEM.