It’s Canada Day, and to celebrate, our northern neighbors have enacted new anti-spam legislation that could cost your business $10 million if your email marketing isn’t compliant (it’s $1 million for individual senders).
Technically, the law was passed in 2010, but is just now going into effect. And while it’s smart to put your email blasts on pause until you have a chance to review to the new provisions (especially if you have Canadian prospects), there is a three-year transition period. Marketers have until July 2017 to confirm their email practices are in accordance with the Government of Canada’s regulations, or gain individuals’ express consent. Implied consent will suffice in the interim.
To cut through the legalese, here’s a plain-English breakdown of the provisions of the new law and what it means for your marketing:
1. Don’t send electronic messages to people who have not requested them
A publicly released fact sheet on the anti-spam legislation states that both individuals and companies must receive consent from an individual before they can send any electronic messages to that person’s email address, cell phone, smartphone or social media account. Bottom line: You can’t send and kind of marketing message to people who haven’t opted in, unless you’re already in a business partnership with them. You can’t automate email address collection for your campaigns.
This should be simple enough if you only use contact data from people who have opted into your email campaigns. However, it could be problematic if you have:
- Purchased email lists
- Otherwise acquired lists from a third-party
- Added people to your send list without their express permission
- Failed to perform hygiene checks to make sure your contacts are still active (Canada says inactivity is NOT considered consent.)
2. Don’t alter or redirect the message and its transmission data to a different destination
The law states that marketers can’t change the destination of email transmission data unless the recipient gives consent to redirect the message. There are a couple of ways you can read this:
- You can’t send an email on behalf of another person or company (without making this clear upfront) and then redirect the response to that third-party.
- Maggie Cavallin of Clark Wilson LLP offers an interpretation of the law as a preventative measure against “phishing” schemes or email “hacking.” These occur when hackers intercept data going to a legitimate website and redirect it to a fraudulent page where sensitive information can be collected. For example, a person thinks he or she is logging into a secure bank account portal, but is actually redirected to a fake duplicate site that collects his/her login credentials.
3. Don’t install any computer programs on another persons’ computer without consent
The new law states that companies cannot install any computer programs via their messages without the express consent of the computer’s agent or owner.
Cavallin states that the new anti-spam legislation does not “distinguish between spyware, malicious software and software used for legitimate business purposes, [so] the installation of all software must be in compliance with CASL and its Regulations.” This means the sender must be upfront about what it does and how it will be used, and the recipient must consent to this.
4. Don’t use false or misleading representations online, or when promoting products and services
If any part of the message is misleading or false, it is in violation of the legislation’s policies. Honesty is the best policy that you must now apply to your marketing messages.
5. Don’t harvest addresses or access personal information without permission
Similar to point No. 1, this provision says marketers cannot collect information through a computer system that violates the Criminal Code of Canada. They also cannot collect electronic addresses using computer programs or send messages to contacts that have been added to mailing lists without direct or express consent, a practice known as address harvesting.
6. Make sure you can prove consent & give contacts a way out
Marketers can safeguard their email campaigns by having clear proof of consent for their email contacts. Did the recipient opt-in for an email newsletter? Did they ask to be contacted? Do they have an easy way to unsubscribe from future messages? How long does it take to honor an unsubscribe request?
The new law has wide-sweeping effects because it applies to any messages sent to carry out commercial activities (emails containing content, links or contact data meant to promote a product or service, a person who is involved in commercial activities, a direct offer for something or an offer to participate in a commercial opportunity). Email marketing is one of the most powerful tools in brands’ belts, but these new regulations are a stern reminder that campaigns must be carried out with the utmost respect for recipients.
There are 122 billion messages sent every day, and stricter regulations will ensure that consumers only receive those they actually want. Marketers can keep their brands’ messages in front of customers if they avoid any and all black hat practices and provide their contacts with valuable content.
Want additional guidance about the anti-spam laws?
Here’s a graphic the Canadian Government provided to help businesses assess their campaigns
Here’s a fact sheet with tips for compliance checks
