In just a few short weeks, key provisions of one of the most onerous anti-spam laws in the world, Canada’s Anti-Spam Legislation (CASL), will come into force. CASL will have a significant impact on the electronic communications of businesses operating in Canada.
On May 8, 2014, the Canadian Radio-television and Telecommunications Commission (CRTC), being the primary regulators under the law, published a revised and supplemental version of its frequently asked questions (FAQs) to address some of the questions that kept coming up during their cross-Canada outreach program.
The CRTC has reminded businesses that once the key provisions of CASL come into force, they will be immediately enforceable and compliance is required.
Commercial Electronic Messages
Key to CASL is the concept of a “commercial electronic message” (CEM), which is defined as a message sent to an electronic address where, having regard to the content of the message, the hyperlinks in the message to content on a website or other database, or the contact information contained in the message, it would be reasonable to conclude, has as its purpose, or one of its purposes, to encourage participation in a commercial activity. Many questions have arisen as to the potentially broad scope of this definition.
In response, the FAQs clarify that the mere inclusion of a logo, hyperlink or contact information in an email signature does not necessarily lead to the conclusion that a message is a CEM. In contrast, the FAQs indicate that a tagline in a message promoting a product or service to the recipient would lead to a message being considered a CEM. Accordingly, businesses should consider removing all promotional messaging, including messaging promoting the business itself (e.g. an award or ranking) from electronic messages that are not categorized by the business as being a CEM to avoid having such messages caught by CASL.
Under CASL, an electronic address is broadly defined as an address used in connection with the transmission of an electronic message to an email account, a telephone account, an instant messaging account or any other similar account. The notion of “similar account” has generated much debate about the application of CASL to social media. In response, the CRTC has clarified that it draws a distinction between direct messages sent through social media messaging systems, such as Facebook direct messages and LinkedIn direct messages, which would be viewed as being sent to an electronic address, and messages posted, published or broadcast on social media websites and blogs, such as a Facebook wall post, which would not be viewed as being sent to an electronic address.
Also note that the Industry Canada regulations enacted under CASL exempt CEMs sent and received on an electronic messaging service, such as BlackBerry Messenger (BBM), if the information and unsubscribe mechanism that are required under CASL are conspicuously published and readily available on the user interface through which the message is accessed, and the person to whom the message is sent consents to receive it either expressly or by implication.
Going forward, organizations will need to pay careful attention to their use of different social media platforms to send messages and the ways in which these platforms function to ensure they are CASL compliant.
While some businesses were hoping to rely on the “personal relationship” exemption for their communications with long-standing, loyal customers, the CRTC has clarified that the definition of “personal relationship” is limited to close relationships between individuals. According to the CRTC, legal entities, such as corporations and not-for-profit organizations, cannot have a personal relationship with customers or clients under CASL. In other words, an individual who sends a CEM on behalf of a business cannot allege that they have a personal relationship with the recipient.
Affiliates and service providers
According to Regulations published by the CRTC, a CEM must identify both the sender of the message, and if different, the person on whose behalf the message is sent. However, where it is not practicable to include this information in the body of a CEM, a hyperlink to a webpage containing this information is acceptable as long as the webpage is readily accessible to the recipient of the CEM and at no cost to the recipient. Additionally, the CRTC regulations stipulate that the link to the webpage must be clearly and prominently set out in the CEM.
Not surprisingly, this requirement has generated considerable concern from corporations that may send messages on behalf of numerous affiliates. In its FAQ, the CRTC has taken the position that a CEM sent on behalf of multiple persons must identify all such persons. However, the CRTC also states that not every person who is involved in the sending of a CEM must be identified. Rather, “only the persons who play a material role in the content of the CEM and/or the choice of the recipients” need be identified.
By way of example, the CRTC notes that an email service provider that simply sends emails on behalf of its clients and has no input either on the content of the message or the recipient list does not need to be identified in CEMs sent on behalf of such clients. However, the service provider shares responsibility with its clients for ensuring that CEMs are sent with valid consent (either express or implied) and contain an unsubscribe mechanism that meets the prescribed requirements of CASL.
Form of Unsubscribe Mechanism
The CRTC has clarified that a valid unsubscribe mechanism may be set up in numerous ways and may be as broad or as granular as the sender wishes it to be (provided that it meets the prescribed requirements of the legislation). In other words, the CEM may offer the recipient the choice between unsubscribing from all or just certain types of CEMs.
Additional guidance from the CRTC and others can be expected in the coming weeks. A very useful alert was recently published by Imagine Canada providing clarification for charitable organizations on the exemption for that industry based on conversations with Industry Canada.
To obtain PrivaTech’s CASL Compliance Toolkit, CLICK HERE.