Try this riddle: Name something that you don’t want but you get lots of it everyday. Something that you can read, but you can also eat. Something that no one really reads, but many people write.
Stumped? The answer is spam.
Adam Kardash, was formerly a partner at Heenan Blaikie LLP. He focuses on privacy and information management law and he’s here to tell us all about spam. Or more specifically, Canada’s effort to eradicate it.
Canada’s Anti-Spam Legislation, known as CASL promises to cut down on the amount of spam that floods our inboxes. It will require businesses to receive consent from a person before sending them a commercial e-mail. It’s coming into force July 1, 2014.
Brian Jackson: Adam, this legislation received Royal Assent in December 2010. Why is it taking so long to come into effect and why is it unclear about when that will happen?
Adam Kardash: The act was passed but it won’t come into full force until the regulations are worked out. The Industry Canada regulations haven’t been worked out yet and there’s been a lot of concern from businesses about the unintended impact of this legislation. So between the behind the scenes and formal consultations, it’s just taken a lot of time. There’s three bodies involved in enforcement, the Office of the Privacy Commissioner of Canada, the Canadian Radio-television Telecommunications Commission, and the Competition Bureau of Canada.
Brian: Who should be paying attention to this legislation?
Adam: In short, all businesses should be worried. It’s very broad scope in legislations and all businesses will be caught, especially those businesses that have large databases for email or purposes of text messaging. They’ll be impacted significantly.
Brian: What are the risks of not complying?
Adam: This is what’s of concern to organizations, the fines are steep. There’s administrative monetary penalties of up to $10 million per contravention. Most importantly there’s a private right of action of up to $200 per violation, so a single e-mail or text message is considered a contravention of the law, so it’s a big concern.
Brian: Is dealing with CASL something I can get started with now or should I wait for the final legislation?
Adam: Many organizations have begun their compliance efforts and there’s two key parts. First you have to do an inventory of all the commercial electronic messages that you are currently or intending on sending. After that, you have to go through and bucket each type into the different type of categories, and then you have to figure out what your compliance obligations are for each category. It’s quite technical.