Canada’s Anti-Spam Legislation to impact electronic marketing and communications
Until recently, Canada was the only G8 country without specific anti-spam legislation. Canada’s new anti-spam legislation Bill C-28, commonly referred to as Canada’s Anti-Spam Legislation (CASL), is set to go into effect sometime in 2013. The CASL will significantly impact businesses’ electronic marketing and communications practices. Unlike Canada, the United States already has laws in place that address unsolicited commercial messages via email and telephone:
- Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM)
- Telephone Consumer Protection Act (TCPA)
Currently pending before Congress is H.R. 6377, the Mobile Device Protection Act (MDPA), which requires prior consent from a user prior to the time when monitoring software installed on their mobile device first begins collecting and transmitting information.
In the U.S., CAN-SPAM establishes requirements regarding unsolicited commercial electronic communications. In Canada, CASL applies broadly to all communications either sent by Canadian individuals or companies, or to Canadian recipients, or messages simply routed through Canadian servers. In general, CASL has more stringent requirements for compliance than CAN-SPAM. For example, CASL requires documented prior consent (opt-in) before sending commercial messages, whereas CAN-SPAM does not have an opt-in requirement. In addition, CASL is technology neutral, meaning that it applies to all forms of electronic communications, including emails, texts, images, voice or sound, or even technologies not yet developed. In addition to more stringent requirements, CASL also imposes more severe penalties for noncompliance. In contrast to CAN-SPAM’s $16,000 penalty per violation, CASL could impose penalties of up to $1 million per violation for individuals and up to $10 million per violation for businesses.
The CASL also addresses privacy issues, specifically requiring that users give consent to the installation of programs and are informed that a program has monitoring capabilities before that program’s installation.
The CASL is enforced by three organizations: the Competition Bureau, the Canadian Radio-television and Telecommunications Commission (CRTC), and the Office of the Privacy Commissioner. The CRTC is encouraging businesses to begin preparing for CASL’s enactment and has recently released informational bulletins to help businesses better understand the legislation and facilitate compliance with CASL.
For an illustrative example, the table on page 5 of the McAfee & Taft tIPsheet Intellectual Property Newsletter (PDF) shows how the CASL compares with existing U.S. laws, CAN-SPAM and TCPA, and proposed H.R. 6377 MDPA.
Businesses should begin preparing for the enactment of CASL by obtaining documented consent of future communications recipients and establishing communication practices in compliance with CASL. If outside marketing companies are used, take steps to ensure the outside marketing company is familiar with, and in compliance with, the CASL. While these options are not guaranteed to prevent all violations, having such procedures in place can reduce the potential for problems resulting in added costs.