On February 25, 2013, the CRTC held an informal consultation session with industry and consumer groups about Canada’s upcoming anti-spam legislation (“CASL” for short). The session was a response to all of the questions that have arisen following the CRTC’s publication of information bulletins about CASL and its regulations. They have now released a report summarizing the results of the consultation (the “Report”).
If you have been following CASL and all the developments, the topics in the Report will be of no surprise. It demonstrates that there is still a real need amongst businesses and organizations for clarity on how they can or are expected to comply with CASL. The CRTC has been asked to provide a framework of “guiding principles” that would assist with compliance.
Some of the issues discussed in the Report are:
- Means of obtaining express consent – participants balk at having to provide multiple check-boxes – (1) check-boxes required under CASL, for users to consent to receiving commercial electronic messages or CEMs, and (2) check-boxes required under other laws, such as PIPEDA. Marketers know that the more check-boxes there are, the less likely a user is to check them. Participants want the CRTC to be more innovative in what counts as express consent. It does not look like the CRTC will change its position, however, because it has been steadfast in insisting that CASL must be an opt-in regime, not opt-out.
- Proof of consent – participants asked whether oral consent can be demonstrated by reading a script and then recording the user’s consent in a database. This could apply in a call-center situation where there is no audio recording of the call. Others suggest that process-based consent should suffice – for example, a user consented to receiving CEMs because if he did not check the box to indicate such consent, he would not have been able to download the program.
- Transition period – the CRTC has stated that express consents obtained prior to CASL coming into force do not need to be re-obtained, but what if that consent did not meet all the requirements prescribed by CASL? Industry members would prefer that grandfathering all prior consents would be simpler, both for businesses and consumers.
- Obtaining consent for affiliates/by intermediaries – participants do not like the requirement to disclose every affiliate on whose behalf the CEM is sent, because there may be only one brand that the recipient associates with the sender, and it may be confusing to list all the corporate entities that are technically sending the message. When it comes to intermediaries, such as email service providers (ESPs) or direct marketers, participants want to know whether these parties need to be identified in the CEM, particularly if the marketer is sending the CEM on behalf of another business and does not otherwise deal with the recipient. If the recipient was interested in the product or service being promoted in the CEM, he or she would deal directly with the business.
- Computer programs – more clarity is needed with respect to when it is reasonable to believe a person has consented to the installation of a computer program on his or her computer. For example, does the purchase of a new computer with pre-installed software constitute consent?
We continue to wait for final regulations from the CRTC and an announcement on when CASL will come into force.