A Crash Course on Canada’s New Anti-Spam Law

Share on LinkedInShare on Facebook


The recent arrival of Canada’s anti-spam law has caused many companies to panic in fear of being fined up to $10 million dollars. Ironically, surrounding the effective date of July 1, 2014, many inbox’s were overloaded in an attempt from companies to obtain express consent. I know mine did! Most of us didn’t realize there is actually a transition period of three years giving companies time to receive consent and align with the new law.

At this point you may be thinking you’ve all heard about the new law, but what exactly is it? Canada’s Anti-Spam Law (CASL) was drafted to keep unsolicited electronic messages from consumer’s inbox’s; these could be emails, text messages or instant messages. Basically it means consumers shouldn’t be getting messages that they didn’t give consent to receive. The new law is lengthy and a lot of companies don’t know where to start. I know I was confused about implied versus express consent. So what is the difference and how do you know what consent your contact database has given your company?

Implied consent includes when a recipient has purchased a product or service with your organization within the last 24 months or has made an inquiry within the last six months. Also, if you are a registered charity and the recipient has made a donation in the past, or if a message is sent to a recipient who gave you their email address (like on a business card). All of these cases are implied consent.

Express consent on the other hand means a written or oral agreement to receive specific types of messages. Most companies are sending out mass emails asking for recipients to click ‘I Consent’. This is the recommended way for companies to be 100% sure they aren’t spamming un-wanting recipients.

The most important deadline for companies to know is the three year transition period ending July 1, 2017. After the transition period, individuals can sue entities they believe are sending spam messages. Another deadline you should know is January 15, 2015, when the provisions relating to the unsolicited installation of computer programs comes into force.

So now you have a brief understanding of the new law and deadlines, what should companies be doing?

  • Complete an audit of your contact lists and draft an email asking for express consent. Many companies are including a contest or draw in this email, making it worthwhile for recipients.
  • Keep a record of consent confirmations. You never know when this will come in handy in the future.
  • All messages you are sending must include your name, physical mailing address, phone number, email address or URL.
  • All messages must have an unsubscribe button and these requests must be processed within 10 days.
  • Just a note: check boxes cannot be pre-filled. The recipient must consent for themselves.

All in all, if you follow these steps you are well on your way to aligning with the new anti-spam law. For more information please visit the CRTC Website.



Share on LinkedInShare on Facebook