The Canadian Radio-television and Telecommunications Commission has issued a Frequently Asked Questions guidance document regarding compliance with Canada’s anti-spam law (commonly known as “CASL”). The FAQ explains how organizations can comply with CASL’s rules for commercial electronic messages.
Canada’s anti-spam law (commonly known as “CASL”) creates a comprehensive regime of offences, enforcement mechanisms and potentially severe penalties (including personal liability for employers, corporate directors and officers) designed to prohibit unsolicited or misleading commercial electronic messages (“CEMs”) and deter other forms of online fraud (such as identity theft, phishing and spyware).
For most organizations, the key parts of CASL are the rules for CEMs. Subject to limited exceptions, CASL prohibits the sending of a CEM unless the recipient has given informed consent (express or implied in limited circumstances) to receive the CEM and the CEM complies with prescribed formalities and is not misleading.
CASL gives the Canadian Radio-television and Tele- communications Commission (“CRTC”) regulatory and enforcement authority regarding CEMs and other matters. On May 8, 2014, CRTC issued a Frequently Asked Questions document to supplement previous guidance for compliance with CASL. Following is a summary of some of the guidance provided in the FAQ regarding CASL’s rules for CEMs.
Application of CASL: CASL does not apply to all marketing messages. It applies only to “commercial electronic messages” (as broadly defined in CASL) that are sent to an electronic address (as broadly defined in CASL) and that are sent or accessed using a computer system located in Canada. CASL does not apply if the message is not sent to an electronic address.
CEM: The FAQ reminds that a message is a CEM if one of the purposes (not the only or primary purpose) of the message is to encourage the recipient to participate in a commercial activity. The FAQ explains CRTC’s view that a tagline in a message that promotes a product or service to encourage the recipient to purchase the product or service would make the message a CEM.
SocialMediaMessagesandWebsitePosts:A CEM is a commercial message sent to “an electronic address”, such as an email account, a telephone account, an instant messaging account or “any similar account”. The FAQ explains that a social media account may constitute a “similar account”, depending how the particular social media platform functions and is used. According to the FAQ, websites, blogs (including Facebook posts) and micro-blogging will typically not be considered to involve sending a message to an electronic address. In contrast, a message sent using a social media messaging system (e.g. Facebook messaging and LinkedIn messaging) would qualify as sending a message to an “electronic address”.
Non-profits/Charities: The FAQ reminds that CASL applies to CEMs sent by or on behalf of non-profit organizations, but there is an exception for CEMs sent by or on behalf of a registered charity (as defined in the Income Tax Act) for the primary purpose of raising funds for the charity.
PersonalRelationship: CASL provides a full exception for a CEM sent by or on behalf of an individual to another individual with whom they have a personal relationship. The FAQ explains that the definition of “personal relationship” should remain limited to close relationships, to prevent potential spammers from exploiting the exception. The FAQ cautions that the “personal relationship” exception does not apply to legal entities (such as corporations), and therefore an individual who sends a CEM on behalf of a corporation may not rely on the personal relationship exception. The FAQ explains CRTC’s view that a “personal relationship” requires the CEM sender and recipient to know each other by their real identity, as opposed to instances where a virtual identity or alias is used. The FAQ warns that the mere use of a social media connection (e.g. clicking “like”, voting for or against a link or post, accepting someone as a “friend” or clicking “follow”) will generally not be sufficient to create a “personal relationship”.
Opt-In Consent: The FAQ reminds that CASL requires that express consent be obtained through an opt-in mechanism, as opposed to an opt-out. An individual must take a positive action to indicate express consent. Silence or inaction cannot be construed as providing express consent. Accordingly, a pre-checked box cannot be used to request consent, because the checked box assumes consent.
Messages by Multiple Persons: The FAQ reminds that a CEM sent by a person on behalf of other persons (e.g. the CEM sender’s corporate affiliates) must identify the sender and each person (e.g. each corporate affiliate) on whose behalf the CEM is sent.
Too Much Information/Not Enough Room: The FAQ explains that if it is not practicable to include in the body of a CEM all of the information required by CASL (e.g. the name, mailing address and website address of the person sending the CEM and each person on whose behalf the CEM is sent) and an unsubscribe mechanism, then a clear and prominent hyperlink to a webpage containing the required information and unsubscribe mechanism is acceptable, provided the webpage is readily accessible at no cost to the CEM recipient.
Granular Unsubscribe Mechanisms: CASL requires that each regulated CEM “clearly and prominently” set out an unsubscribe mechanism. The FAQ explains that an unsubscribe mechanism can be broad or granular (e.g. allowing an individual to unsubscribe from all or just some types of CEMs), and can be provided through a hyperlink to a webpage that is readily accessible without delay and at no cost to the CEM recipient. The FAQ reminds that an unsubscribe mechanism must be “readily performed”, which means that it should be “simple, quick and easy” for the CEM recipient to use.