Complying with the Canadian Anti-Spam Law (CASL) is a tricky business.
On July 1, 2014, Canada enacted the CASL to curb rampant electronic and telephone spamming. It established five types of consent a consumer must provide before receiving an advertisement:
- Personal relationship
- Express consent
- Implied consent for businesses
- Implied consent for non-business relationships
- Conspicuous B2B consent
Without these approvals, a company’s message could be considered spam.
Derek Lackey, managing director for Newport Thomson, spoke at the DX3 tradeshow in Toronto on March 10 to share some tips to avoid being hit with a CASL violation.
In recent years, Canada, along with the rest of the world, has seen a surge in the number of SMS spam and call scams. The CASL has been updated to specifically address this problem.
Although relatively unenforced, Lackey said that just having an anti-spam law is working. In 2019, the single largest fine was $100,000 made to the CEO of nCrowd, a social commerce platform. According to the CRTC notice of violation, the CEO was held personally responsible for allowing their email advertisements to omit a functional unsubscribe button, which violated CASL. The company announced foreclosure soon after.
But just because there haven’t been any major cases does not mean that the law is overlooked. Lackey said that if enough people set off an alarm bell, the CRTC will take action.
Because the CRTC needs to enforce compliance, Lackey said communication is key when the commission asks for proof of consent.
“The ones they [CRTC] hate are the ones who avoid them. They call you and ask you for something and you don’t return the call. They chase you down, you avoid them. I can guarantee you’re going to get a million-dollar fine when you do that. Every serious fine has been in companies that tried to avoid them…if they call, answer them.”
Communication can also determine the size of fines. Lackey said there’s a higher chance of negotiating a smaller fine if the violating party cooperates and bring their system up to compliance. Penalties range from a simple warning letter to issuing a full-on injunction.
It’s also important for consumers to understand when they’re giving consent. Companies can sometimes assume implied consent without the customer explicitly stating that they’ve signed up for advertising.
“I get emails from Hudson Bay. And the reason I’m getting it is I meet the measure of implied consent, though I know I didn’t [give] express consent,” said Lackey. “I might meet the measure of implied but I don’t know it. So I would be suing them, and it would be a nuisance lawsuit because they actually had consent under the implied rules.”
Regardless of the type, Lackey said all marketers need to have proof of consent documented and ready to present when the CRTC comes knocking.
“I don’t care how old or legacy your technology is, how decentralized it is, if you execute a reference centre properly, and keep it up to date, you not only empower your consumer with giving you their choices but your updated forms all your systems.”
Lackey also noted that a manual on advertising and proper employee training can make a CRTC audit much easier.
“Those are the easy parts. We just have to pay attention to them and do it.”
As an added precaution, Lackey warned that just because you’re a messenger doesn’t mean you’re off the hook. CASL not only prohibits illegal solicitation but also the act of aiding it. For example, if a company sends its illegal spam through an email service, the email service itself could face legal ramifications as it’s technically aiding the operation.