4 Comments

Summary:

The toughest anti-spam law in the world went into effect on July 1st, and people in Canada and beyond are worried they will have to throw out their email marketing lists or face a $1 million fine.

South Park Canada
photo: SouthParkStudios

On July 1, Canada celebrated its 147th birthday by drinking two-fours, and launching the “world’s toughest anti-spam law.” The latter is causing headaches for businesses in Canada and abroad who fear they will have to shred their marketing lists to avoid a $10 million fine.

Is it that serious? Yes and no. Companies, including American ones, should take notice of the new law but it’s not like they’re about to take a legal puck to the face if they send an email to a Canadian this month.

Here’s a plain English explanation of what’s really happening, and some tips about where to learn more.

Why is this new spam law such a big deal?

Canada passed the law last year, but it took effect on July 1st. It introduces new financial penalties of up to $1 million for individuals and $10 million for businesses that email people without their consent. The government says the law applies not only to Canadians but to those outside the country as well.

As the New York Times reported, the July 1 date set off a panicked attempt by businesses to comply. Some groups claim that when they updated their email lists to include only people who gave explicit consent, their contact and marketing lists shrank dramatically.

Do I have to remove all Canadians from my email lists?

No. While some companies have been sending out emails to get explicit consent, it is also possible to rely on “implicit consent.” Here is the part to read carefully: if the email recipient has bought something from you in the last 2 years, or expressed an interest in your company in the last six months, you have “implicit consent.” (Though you will have to renew that consent).

What will happen to me or my company if fail to comply? I can’t afford a $10 million fine

This is where common sense comes in. The anti-spam law is already under fire from Canadian lawyers and the country’s business community. The government agency charged with enforcing the law is not going to run around slapping large fines on little companies.

In the Canadian government’s own words: “The CRTC has a range of enforcement tools available to it, from warnings to penalties … these penalties are reserved for the most serious violations of the Act.”

Reports from the Canadian business press (links below) also quote government officials to suggest that unless your company is a sleazy spam operation, a warning is far more likely than a fine. And keep in mind that the civil servants responsible for enforcement would have to pick you out of what is likely to be tens of thousands of people who trip over the new law.

But my company is not even based in Canada! Will I get fined anyways?

Good point. The government says the law applies to anyone who sends spam to someone in Canada, but enforcing that is another matter. The agency will have its hands full just trying to apply the law in the first place, let alone tangling with complicated cross-border issues.

What Canada will do is try and work with other governments to go after the worst of the worst, which is what it does when it comes to telemarketers. In Canada’s own words: “[We will ] share information with the government of a foreign state if the information is relevant to an investigation or proceeding in respect of a contravention of the laws of a foreign state that is substantially similar to the conduct prohibited by this Canadian law.”

How do I even know who on my email list is in Canada?

Good question. Beyond looking for emails that end in “.ca,” that could pose a challenge. Email marketing providers like MailChimp may be able to tell you where recipients are based on their IP addresses, but that’s not 100 percent foolproof.

What about social media?

Perhaps strangely, the law does not appear to apply to things like Facebook posts or Twitter direct messages. Says the government, “CASL applies to emails, text messages, instant messages and any similar messages sent to electronic addresses. However, it does not apply to promotional information you post online in places like blogs or social media.”

So what should I do?

I’m not your lawyer and this is not legal advice, but my view is that companies should do what they can but not have a conniption if their policies are not up to snuff right this very day. A good way to start would be to ensure that your emails comply with existing rules, which apply both in Canada and the U.S., and require the sender to identify themselves and provide a simple “unsubscribe” button. This will help show you are a legitimate business operating in good faith — something that would make the Canadian government more inclined to offer a warning rather than a fine.

Going forward, companies should do their best to comply with the law by getting explicit consent from Canadian subscribers that, yes, you do have permission to send them email. Finally, make sure you really have your act together by 2017, when people will have the right to use the new law to sue directly or through a class action.

You can also call your lawyer, and point her to the Barry Sookman link below.

Where can I read more?

The CRTC will take a light touch enforcing Canada’s new anti-spam law – for now (Canadian Business explains the law and enforcement procedure, including direct quotes from Industry Canada)

Why has Canada’s anti spam law caused such an uproar (Professor Michael Geist, a leading authority on internet law provides some context in the Toronto Star. The last three paragraphs are especially helpful)

Businesses scramble as anti-spam law draws near (The Globe & Mail‘s business section has a comprehensive explanation of what’s going on, and also cites government officials about enforcement)

“Fast Facts” from the Government of Canada (a very short overview of the law)

FAQ’s for Businesses and Organizations from the Government of Canada (a moderately helpful Q&A)

CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline (Barry Sookman, a well-known Canadian lawyer, gets into the nitty-gritty)

  1. Sound like the *failing* EU no spam rules, that have done absolutely nothing to stop spam in the UK. Let’s hope the Canadians have more luck.

    Reply Share
    1. David Couillard Tuesday, July 8, 2014

      The system can barely handle a proper health care service…
      I doubt it will be able to handle email spam.

      Reply Share
  2. Re: social media – just to clarify, from what I understand (I’m not a lawyer) is that general social media posts to no one in specific aren’t considered a “Commercial Electronic Message” under CASL. However, if you follow someone on twitter and they send a direct reply that is commercial in nature without consent… it would be a CASL violation.

    Reply Share
  3. Don’t worry Americans, If Stephen Harper is as hopeless at this as he is at everything else, this will fail a Charter challenge, the guy is toast in 2015 anyways.

    Reply Share