The clock is ticking down to July 1, 2014, when CASL – Canada’s Anti-Spam Law – goes into effect. Although the law was written to govern commercial electronic messaging in Canada, U.S. emailers must get on top of the law quickly to avoid legal action and penalties.
Why? Because CASL applies to any electronic message accessed in a Canadian province. This is one of the most important aspects of CASL to understand right away.
If you do business in Canada, whether you have retail outlets or Canadian clients, customers or account holders, the law will apply to you, even if you send from the United States or any other country outside Canada.
This post will explain some of the biggest differences between CASL and CAN-SPAM, define key terms in CASL language and share several strategies you should take now to be sure you comply with the new law and resources for more information. It does not, however, constitute official legal advice.
THREE KEY TERMS
1. CEM: It stands for “commercial electronic message,” and it means any message that invites the recipient to participate in a commercial activity, such as buying a product, signing up for a contest, using a coupon, etc.
2. Express consent: An active request to receive email messages, SMS texts, social media posts, etc.
3. Implied consent: A person gives implied consent to receive messages when he or she contacts the organization with a request or inquiry, has a business relationship with it as a client or customer, posts an email address on a public website with no disclaimer warning against unsolicited contacts or otherwise offers it without no disclaimer, such as giving a business card at an event.
Important: Under CASL, implied consent is valid for two years after the first contact. You need to get express consent from your recipients within that period in order to continue contact via CEMs.
1. CASL is opt-in. CAN-SPAM is opt-out.
Both require that each commercial message includes a working unsubscribe function and a postal address. However, CAN-SPAM allows marketers to contact people without express consent until they opt out.
CASL, on the other hand, requires you to get express consent before you begin messaging, with certain exceptions, including but not limited to these:
• You can answer email inquiries or requests for help with products, services, warranties, etc.
• You can email anyone with whom you’ve had a business relationship for up to two years before July 1, 2014.
• You can use email to enforce contracts, such as chasing down delinquent accounts.
If you don’t have express consent for an address, CASL gives you three years, until July 1, 2017, to get it. After that, you could incur penalties for noncompliance.
2. CASL covers all commercial electronic messaging. CAN-SPAM applies mainly to email.
Although CASL’s impact likely will be greatest on email marketers, it applies to any electronic messaging, including the following:
• Social media
• Collecting email addresses or other information through spyware, cookies or other unauthorized access
• Phishing (false or deceptive electronic messaging)
3. CASL allows individuals as well as government agencies to sue for alleged violations. CAN-SPAM allows only government actions or ISPs.
Once the three-year transition period ends in 2017, a private right of action goes into effect, which allows individuals as well as government agencies to sue for alleged violation, especially in class-action lawsuits.
The penalties are severe, too: up to $10 million per incident for corporations and up to $1 million for individuals, compared with up to $16,000 per email as provided under CAN-SPAM.
1. Contact any addresses that lack express consent, evidence of a previous business relationship or clear geographic data, and ask for permission to continue contact.
You don’t need to reconfirm addresses that already have opt-in data (not the date you added the record but the date the owner initiated contact). But you should reconfirm addresses you added by default, from rented or purchased lists, from IP addresses with Canadian origins or those for which you have no geographic data.
Effective marketers already maintain detailed contact records, including opt-in date, IP address used, postal address and purchase or other behavior. Work with your database manager to begin adding this information to your records.
2. Switch to an opt-in permission model for all contacts.
Opt-in is just a better business model in the long run, even if you don’t have any or many Canadian customers. Study after study shows that permission marketing delivers higher engagement and better results than those added without consent.
While we’re talking about permission, here’s a quick tactic: Don’t use a pre-checked box on your opt-in form. It won’t pass muster for express consent under CASL.
3. Buff up your unsubscribe process.
Both CAN-SPAM and CASL require a functioning unsubscribe in each email message and an easy opt-out process (e.g., no password required). You also have 10 days to honor a Canadian’s opt-out request.
If you already comply with CAN-SPAM on unsubscribes, you probably comply with CASL as well. But do a dry run now to make sure your process is functioning properly, especially on links in older messages.
4. Rethink your referral links, especially “forward-to-a-friend.”
Most email experts who have weighed in with opinions on CASL say the law no longer lets you contact people whose addresses come to you through friend referrals, especially FTAF. You can continue to use informal language asking subscribers to pass your message on to friends, but the email itself can no longer come from your servers.
Remove any FTAF links from your messages. Use your other channels instead to build your email database. Below are four quick suggestions:
• Create a postcard or flyer promoting your email, SMS (texting) or social media channels and send it to postal addresses in your database, tuck it into packages or add it to billing or other account statements.
• Promote your email program in your social media channels and SMS messaging. You can add a dedicated tab with an opt-in form on a Facebook page or link to it in Facebook or Twitter posts.
• Add an opt-in invitation to transactional messages or inquiries, but do not pre-check the permission box.
• Add a welcome message that confirms the opt-in request before you begin your regular email program and includes an unsub link.
5. Make sure your legal staff is up to date the looming changes.
The suggestions we offer in this and future blog posts are not official legal advice but are based on recommendations provided by Canadian legal firms and government agencies. If your legal team has not contacted you about this major messaging change, schedule some time soon to make sure you’re all on the same page.
The Canadian government has provided a wealth of information on CASL and its implications. Below are two sets of links:
• CASL’s official home page is geared both toward individuals and businesses, including FAQ’s and a spam-spotting quiz: http://fightspam.gc.ca/eic/site/030.nsf/eng/home
• The Canadian Radio-Television and Telecommunications Commission, one of the regulatory agencies enforcing the law, has an extensive list of resources, including FAQs, a permission-form check-up tool and video tutorials: http://www.crtc.gc.ca/eng/casl-lcap.htm