Tuesday, 24 June 2014

Canada's Anti-Spam Legislation (CASL) is coming into effect on July 1, 2014, we wanted to make sure the small business owners in the Thexyz community are properly prepared and compliant with the road ahead.

If you have not heard about this new legislation, CASL (Bill C-28) is a new set of regulations that aims to crack down on unwanted spam messages and is considered to be the toughest anti-spam law in the world. CASL requires all businesses that are selling or promoting products or services through email to prove they have consent to reach out to new, existing and potential customers.

The CASL aims to reduce spam, viruses and increase consumer confidence in e-commerce, failure to comply can result in tough penalties, up to $1-million for an individual and up to $10-million for a business. Here’s what you need to know, and some tips for making sure your business is compliant.

Is just mass email affected?

CASL applies to any commercial electronic message (CEM) sent by any medium, including your company's email, SMS or social media account, that promotes your business or encourages participation in a commercial activity, such as selling or promoting products, services or a business event, that communicates directly with a consumer. The only way you can send one of these direct messages legally is by obtaining explicit or implied consent from the recipient first.

What you should follow when sending CEMs

1. Consent: You must have implied or expressed consent to send a message. If a CEM is intended to be sent to a non-customer, then an analysis of whether proper consent exists needs to occur before the electronic message is sent. Express consent may be obtained orally or in writing, with clear disclosure of the purpose for which the consent is being sought and a statement that the recipient can withdraw his or her consent. In either case, the onus is on the person who is sending the message to prove they have obtained consent to send the message.

The Canadian Radio-Television and Telecommunications Commission (CRTC) is enforcing compliance and recommends that organizations protect themselves by tracking whether consent was obtained in writing or orally, when it was obtained, why it was obtained and the manner in which it was obtained.

2. Unsubscribe Mechanism: In every CEM you send you must provide a way for recipients to unsubscribe from receiving messages in the future. The unsubscribe mechanism should be accessible by the same electronic means that the message was sent. For instance, a CEM sent via SMS may state that an end-user can unsubscribe by texting the word "STOP". Another possibility is including a hyperlink clearly and prominently in an email that allows the end-user to unsubscribe by simply clicking it. The hyperlink may also be to a webpage that is readily accessible without delay and is at no cost to the recipient, the unsubscribe request should come into effect within 10 days

3. Identification: You must clearly and simply identify yourselves and anyone else on whose behalf the message is sent.This includes providing your company's name, mailing address and either a telephone number providing access to an agent or a voice messaging system, an email address or a website. You also need to include a sentence clearly stating that the individual can opt out of your communications at any time. This message should be located near the unsubscribe mechanism if possible.

Six simple tips for staying CASL compliant

1. Reach out to existing and prospect clients by email before July 1. If you ask for their consent electronically, you must do so by July 1 and have them opt-in by checking a box that says they’re willing to receive electronic communications. After July 1, this process will be an offence.

2. Those who don’t have consent by July 1 will need to get it through other means, such as a telephone call. Recall that consent under CASL is also implied if you have an existing business relationship or existing non-business relationship with the person or company.

3. Establish a procedure for new customers. You can ask for consent when they are buying on your website or asking permission when taking their first order, as long as the opt-in requirements are met (written or oral).

4. Maintain an accurate and current list of recipients’ consent to receive messages. Instances of express and implied consent should be handled separately to ensure clarity and compliance.

5. Educate your employees on the new policies that need to be implemented as a result of the act.

6. Remember that consent isn't transferrable. Beware of any businesses bearing lists because if anyone claims you can “Blast your ad to over 10,000 legitimate addresses for a price,” or “Buy a database with a million email addresses for only $100,” they are selling you spam lists that could result in receiving a large penalty.

If you still have any questions or comments regarding CASL please feel free to leave them below and we’ll respond as soon as we can.

Subscribe by email

Enter your email address:

Subscribe to more feeds

Trending Posts

Blog Archive


News (65) Web Hosting (48) security (25) Email (19) webmail (19) Advertising (15) Thexyz Cloud (14) Tutorials (13) Video (4) resellers (2)