In just a few short weeks, key provisions of one of the most stringent anti-spam regimes in the world, Canada’s Anti-Spam Legislation (CASL), will come into force. CASL will have a significant impact on the electronic communication practices of businesses operating in the Canadian marketplace.
As part of its cross-Canadian outreach program, the Canadian Radio-television and Telecommunications Commission (CRTC) and Industry Canada received many questions regarding CASL which required further consideration. On May 8, 2014, the CRTC published a revised and supplemental version of its frequently asked questions (FAQs) to address some of these questions.
NOTEWORTHY FAQ RESPONSES
Enforceability as of July 1
As we close in on July 1, 2014, the CRTC is reminding businesses that once the key provisions of CASL come into force, they will be immediately enforceable and compliance is required.
Scope of commercial electronic messages
Key to CASL is the concept of a “commercial electronic message” (CEM), which is defined as a message sent by any means of telecommunication that, having regard to the content of the message, the hyperlinks in the message to content on a website or other database, or the contact information contained in the message, it would be reasonable to conclude, has as its purpose, or one of its purposes, to encourage participation in a commercial activity. Many questions have arisen as to the potentially broad scope of this definition.
In response, the FAQs clarify that the mere inclusion of a logo, hyperlink or contact information in an email signature does not necessarily lead to the conclusion that a message is a CEM. In contrast, the FAQs indicate that a tagline in a message promoting a product or service to the recipient would lead to a message being considered a CEM. Accordingly, businesses should consider removing all promotional messaging, including messaging promoting the business itself (e.g. an award or ranking) from electronic messages that are not categorized by the business as being a CEM to avoid having such messages caught by CASL.
Under CASL, an electronic address is broadly defined as an address used in connection with the transmission of an electronic message to an email account, a telephone account, an instant messaging account or any other similar account. The notion of “similar account” has generated much debate about the application of CASL to social media. In response, the CRTC has affirmed that certain social media accounts may constitute a “similar account,” yet has stated that the determination will have to be made on a case-by-case basis.
The CRTC has clarified that it draws a distinction between direct messages sent through social media messaging systems, such as Facebook direct messages and LinkedIn direct messages, which would be viewed as being sent to an electronic address, and messages posted, published or broadcast on social media websites and blogs, such as a Facebook wall post, which would not be viewed as being sent to an electronic address.
We also note that the Industry Canada regulations enacted under CASL exempt CEMs sent and received on an electronic messaging service, such as BlackBerry Messenger (BBM), if the information and unsubscribe mechanism that are required under CASL are conspicuously published and readily available on the user interface through which the message is accessed, and the person to whom the message is sent consents to receive it either expressly or by implication.
Going forward, organizations will need to pay careful attention to their use of different social media platforms to send messages and the ways in which these platforms function to ensure they are CASL compliant.
While some businesses were hoping to rely on the “personal relationship” exemption for certain of their communications, the CRTC has clarified that the definition of "personal relationship" is limited to close relationships between individuals. According to the CRTC, legal entities, such as corporations and not-for-profit organizations, cannot have a personal relationship under CASL and the “personal relationship” exemption is limited to close relationships. In other words, an individual who sends a CEM on behalf of a business cannot allege that they have a personal relationship with the recipient.
In case there was any remaining doubt, the CRTC has re-emphasized that pre-checked boxes cannot be used to obtain express consent, as consent to receive a CEM cannot be presumed on the part of the end user. In other words, the end user must take a positive action to indicate their consent, such as by proactively checking a blank box.
Affiliates and service providers
According to the Electronic Commerce Protection Regulations (CRTC) enacted under CASL, a CEM must identify both the sender of the message, and if different, the person on whose behalf the message is sent. However, where it is not practicable to include this information in the body of a CEM, a hyperlink to a webpage containing this information is acceptable as long as the webpage is readily accessible to the recipient of the CEM and at no cost to the recipient. Additionally, the CRTC regulations stipulate that the link to the webpage must be clearly and prominently set out in the CEM.
Not surprisingly, this requirement has generated considerable concern from corporations that may send messages on behalf of numerous affiliates. In its FAQ, the CRTC has taken the position that a CEM sent on behalf of multiple persons must identify all such persons. However, the CRTC also states that not every person who is involved in the sending of a CEM must be identified. Rather, “only the persons who play a material role in the content of the CEM and/or the choice of the recipients” need be identified.
By way of example, the CRTC notes that an email service provider that simply sends emails on behalf of its clients and has no input either on the content of the message or the recipient list does not need to be identified in CEMs sent on behalf of such clients. However, the service provider shares responsibility with its clients for ensuring that CEMs are sent with valid consent (either express or implied) and contain an unsubscribe mechanism that meets the prescribed requirements of CASL.
Form of unsubscribe mechanism
The CRTC clarifies that a valid unsubscribe mechanism may be set up in numerous ways and may be as broad or as granular as the sender wishes it to be (provided that it meets the prescribed requirements of the legislation). In other words, the CEM may offer the recipient the choice between unsubscribing from all or just certain types of CEMs.
COMING UP NEXT…
Unfortunately, the revised FAQs provide only minimal new guidance on interpreting the legislation, and do not address many complex and nuanced requirements of CASL. However, additional guidance from the CRTC is expected in the coming weeks on corporate compliance programs.
As we close in on July 1, 2014, the CRTC is reminding businesses that once CASL comes into force it is immediately enforceable and compliance is required.