CASL. What is it and what does it mean for you? CASL, or Canada's Anti-Spam Legislation, is designed to regulate commercial electronic messaging. It's serious business, and Canada is taking some huge steps toward leading the fight against spam. Yet legitimate businesses may be affected by the new legislation also.
CASL comes into effect on July 1, 2014. Businesses that don't comply risk penalties of up to $10 million. But that's only if you break the rules or if you are engaging in what are considered to be spam practices. What do you need to know? What do you need to do? We will guide you through the new legislation and provide more updates as the date gets closer.
To learn more, sign up for our free interactive CASL webinar.
The biggest thing is that you need to have express opt-in consent to send electronic messages. This means that each person on your list must have opted in to receive your messages. If you do not have opt-in consent, you must obtain it before July 1 by asking your contacts to opt-in.
Express Consent: This means that the contact has actively given you their permission to send them messages. Contacts can provide express consent by submitting a signup form, responding to a contest or coupon offer, or signing up over the phone or at the point of sale. You cannot pre-check a consent box (on a signup form, for example). The contact must check the box themselves.Implied Consent: This means that it is reasonable to conclude that you have a contact's permission to send them a message based on a prior business relationship. Review the legislation's exceptions in order to see if you qualify for implied consent.
Don't fret. Asking your contacts to opt-in is simple and it is also a best practice that ensures that you have people on your list who are interested in viewing your messages. If you send to contacts who do not want to receive your messages, you are wasting time and money, because these people will not open your messages anyway.
Create a straightforward message that asks your subscribers to opt-in to receive your messages (through an opt-in mechanism such as clicking a link) and explain why you are asking them to do so. You must state why you are requesting their consent and explain to them that they can opt-out at any time. Whoever does not respond must be taken off your sending list because you cannot prove for sure that they want to receive your messages. There are a few exceptions, however. See the "Exceptions" section further down.
Anti-spam rules don't just apply to electronic messages. The rule of obtaining opt-in consent also applies to installations of computer programs. You must have the person's express consent to install any software onto their electronic device.
You have to be up front about who is sending the message. Include your name and/or the name of your company as the sender. This is actually a best practice for brand consistency as well as anti-spam, and your subscribers will come to recognize and trust the name, making them more likely to open the messages.
This goes hand in hand with ensuring that you are not misleading your subscribers with false or inaccurate information. Sending a message with misleading sender information is strictly prohibited.
Each message you send must have an opt-out mechanism that makes it easy for the contact to unsubscribe if they decide that they don't want to receive the messages. Usually this just involves clicking a link to opt-out. This option helps contribute to customer satisfaction.
Collecting Information Without Permission
CASL is also pretty clear about how you can and cannot collect personal information and email addresses. It goes back to the consent thing. You can't buy or harvest personal information, and you can't collect information from personal devices without permission, because the person has not provided their consent. Harvesting information is a strategy used by many spam marketers.
Exceptions to the Legislation
As with any legislation, there are some exceptions. Examples of messages that may be sent without express opt-in consent include: messages that provide an estimate that the contact requested from the business ("For the services you enquired about, the price would be $150."), messages that confirm a commercial transaction ("Thank you for your order. It has been received successfully."), and messages that contain important information about a product which the contact has purchased or used, such as warranty, recall or safety information ("Please note, regarding your recent purchase: Product ZX67A should never be placed upside down.").
There are also a few examples of exceptions where consent may be implied. If you have an existing business relationship with a contact, express consent may not be required in order to comply with anti-spam rules. If a contact has purchased or leased a product or service within the past two years, if there is a written contract with the contact, or if the contact inquired about goods, services or other commercial activities within the past six months you may not be required to obtain express opt-in consent.
Review Anti-Spam Requirements and Messages
It's a great idea to review all the types of commercial electronic messages that you or your company sends out to ensure that they will meet CASL requirements. These messages may be emails, social media messages or even text messages. You should come up with a list of guidelines that will ensure that your entire staff is up to date on the new requirements, and make sure that your staff is following the updated policy.
CASL doesn't have to be scary but it does have to be taken seriously. Addressing any issues with your message sending and software installation now will relieve stress when that July 1 deadline comes around. To learn more, sign up for our free interactive CASL webinar.