Saturday, April 26, 2014

Canadian Anti-Spam Legislation Summary with your 3 Step Plan

It's effective as of July 1, 2014.

Did you know that you as an individual can be penalized $1 million per violation and an 
organization $10 million per violation? 

How do you comply? (i) proof of consent for each email or other types of electronic communications (ii) an unsubscribe process in every digital communication and (iii) documented date and type of each consent.  

Might sound impossible, but it's not. 

The Canadian Anti-Spam Legislation (CASL) does not only applies to email but also to SMS and Social Media direct messaging like LinkedIn in-mail, Twitter direct messages and Facebook messaging.

See my 11min video here on the details or see it on YouTube:

CASL focuses on commercial electronic messages (CEMs). However, even if your message is NOT selling anything, but you have an hyperlink back to your website where you do indeed market your products or service, it's considered CEMs.  

3 steps to CASL compliance 

  1. Divide your emails into three groups: expressed, implied and unknown consent.
  2. Review and tweak all the wording wherever you collect emails.
  3. Review and tweak all your electronic communications for appropriate unsubscribe and identification, 

Step One: Your current email lists

Sort your current emails into express, implied and unknown consent. 
(i) Expressed consent: list of external emails which you can identify the date you received verbal or written expressed consent and how you received it.  You can send appropriate emails to this list forever or until they unsubscribe. 
(ii) Implied consent: list external emails from business relationships who have not given your express consent, but to whom you've done business with or have had a prior business relationship with. To this email list you can communicate to up to two years after your last engagement. (Implied also include those who have made an inquiry to you, but, have not purchased, these emails you can use for six months.) 
(iii) Unknown consent: those emails where your company cannot identify if you have ever received expressed or implied consent can cause you trouble after July 1, 2014. You can either delete them, or prior to July 1, 2014 send them an email of importance or value or with a clever offer, requesting them to agree to your offer, which will give you your implied consent. OR Requesting them to opt into your emails, which give you your expressed consent.
In both implied or express consent, you'll need to have documented proof. 

Step Three: Collecting emails

What's changed? Expressed consent does not include those who give you a card to enter a draw. After July 1, 2014, you must adjust your signage, for example, "thank you for your email, we'll be sending you information monthly on "Blah Blah" as we'll be entering you into this draw."   

You can't send an email or promotion that has an "unclick if you DO NOT want to receive our blah Blah". Instead, after July 1st, you must give the user an activity to do in-order to get their expressed consent, like 'check the box" to opt-in and receive our email.  The key is to give your promotion real value which will entice people to exchange their email or SMS with you for the value you're offering to them.

Think about your electronic communications a little differently. Start including a share option to encourage those who already trust you and value your communications to share it with their colleges. You'll get more effective growth and conversion rates with your communications when friends or colleges recommend your communications. There are tools to help you do this and to get expressed opt-ins at the same time. I use Constant Contact.  

For implied consent emails collected after July 1st you're allowed to communicate with them for two years.  Of course, expressed consent emails, you're allowed to communicate with them until they unsubscribe. In both cases you'll need to start documenting the dates and types of communications with all of your different lists. I suggest you incorporate this into your communications calendar after you sort your list. 

Step Three: Electronic Communications

Review all of your outgoing communications and tweak them for CALs compliance. 

After July 1st all out going communications must contain:
  • The name of the person sending the email or name of the person the email is being sent on behalf of
  • Mailing address, either a telephone or someway to access the organization sending the email
  • An unsubscribe process. 
    • I believe this process should be immediate and automated, but the legislation gives you 10 business days after the unsubscribe has been clicked on to remove them from your lists. 

Who's Exempt from this legislation?

  • Non-Profits fundraising communications
  • Politicians soliciting contributions
  • Family & Friends
  • Communications to members of your organization, club or association
  • Out of Canada (you must comply with their legislation).
  • Messages sent over a closed network, such as Blackberry Messenger.
  • First commercial electronic message that is sent by a person for the purpose of contacting someone following a referral by any individual who indeed has an existing business relationship. 
 For the full list of who's exempt, click here.

There are a few other aspects to CASL. To see them all, please refer to the resources below. Our three steps in this blog will help you get your organization's email communication CASL compliant. 


Government of Canada CASL Website: 


  1. This was excellent Sofie!! Thanks very much! I will forward around.

  2. This is great, thank you. Do these rules apply to personal emails from one Sales Person who gets a leads email address of their website?

    1. Depends on what the website says about how the public can use those emails, everyone should be going into their websites and stating how they want to be communicated to.
      But, yes, a single sales person can be penalized to up to $1 million dollars for not following the legislation.

    2. What if they do not state how there email can be used. One of our sales team members email and calls potential customers using their contact information from their website.

    3. Yes, you can email them as their email is public, however, your sales reps MUST have an opt out process.

  3. Are fundraising inquiries from Non-Profits exempt? Everything I'm reading - such as here - suggests that exemption is strictly for charities.

    1. Doug, thank you for that questions, I just reviewed the legislation again, hoping to find both non-profit and charity, but, when the speak of who is exempt, they say it must be a Charity to be exempt. The Charity is ONLY exempt when trying to fundraise, they are NOT exempt for any other activities, nor can they have an email go out with anything BUT the ask for it to be exempt.

  4. Thanks Sofie...Under Exemptions you list association, i.e. WBN and it should be noted that current clients are also exempt.

    1. YES Shelley, your currently clients are exempt in the case that you are initiating an email due to current business transactions. But, in regards to any eNewsletter type communications you initiate, you need to let them have the option to Unsubscribe and can only email them that eNewsletter up to two years after your last business dealing, unless the Opt In somewhere along the way.

  5. Hi Sofie, If we have been emailing to leads for the past year and they have not subscribed does that fall under implied consent? Also, does this exempt a sales team from cold emailing people who have their emails available online?

    1. Correct, implied consent.
      For those who have emails shown publicly, they are suppose to indicate how they want to be communicated to. We were all suppose to add a notice saying please only communicate to this email about topic X then you are NOT suppose to email them about anything else..
      So, keeping the above in mind, yes, you can email people who have their emails available online when they have not stated you can't or your email is about the topics they say you can email them about. However remember, on all your emails you need to give the an opt out option.