Marketing campaigns, including both print marketing (such as flyers) and electronic marketing (such as emails and paid search campaigns), are critical drivers of business. The United States and Canada are two of the many countries which have enacted laws attempting to balance the right of businesses to use electronic marketing with restrictions and requirements for sending certain forms of commercial electronic messaging to curb unsavory business practices. Marketing messages must comply with the US CAN-SPAM Act (for email messages sent to US recipients) and CASL (for commercial electronic messages sent to Canadian recipients). Otherwise, businesses may face fines, litigation, and/or distracting and costly government investigations. Applying CAN-SPAM processes to Canadian recipients is a dangerous approach, as CASL is considerably broader in scope than CAN-SPAM. This note provides an overview of some of the core differences between CAN-SPAM and CASL to help you start to understand the compliance requirements.
What are CAN-SPAM and CASL? CAN-SPAM (the Controlling the Assault of Non-Solicited Pornography And Marketing Act) is a US law with associated regulations enacted in 2003 regulating the sending of commercial email messages. CASL (“Canada’s Anti-Spam Law”) is a Canadian law regulating commercial electronic messages effective July 1, 2014.
What types of messaging are covered? CAN-SPAM and CASL both apply to marketing communications, but CASL has a broader scope. CAN-SPAM applies to email messages where the primary purpose is the commercial advertisement or promotion of a commercial product or service. Emails were the focus of online marketing practices in 2003 when CAN-SPAM was enacted, and it has not been expanded to cover other types of commercial electronic messages. CASL applies to any electronic message sent to an electronic address, where the intent is to encourage the recipient to participate in a commercial activity. Under CASL, these electronic messages are called “commercial electronic messages” or “CEMs”. Examples of CEMs are emails, videos, SMS/MMS messages, instant messages, software or system tray pop-up messages, and social media messages.
When can I send marketing communications under CAN-SPAM? You do not need prior consent to send a commercial email under CAN-SPAM. You can send an unsolicited commercial email under CAN-SPAM unless the recipient has told you he/she does not want to receive them. However, it is considered an industry best practice to use opt-in lists for marketing communications. One important exception is that you can’t send a commercial email to certain email addresses provided by wireless carriers (e.g., vtext.com or sprintpcs.com) without express consent to do so. A “transactional or relationship” message is excluded from CAN-SPAM requirements as long as it’s not primarily commercial in nature. Commercial email messages sent under CAN-SPAM must comply with certain requirements such as identification of the sender and initiator of the message (including physical postal address); no false, deceptive or misleading header information; identification of the message as an advertisement unless the recipient has opted in to receive it; and notice of the right to opt out, and a working unsubscribe mechanism (see the statute and implementing regulations for full requirements).
When can I send marketing communications under CASL? Under CASL, you can only send a marketing communication to a Canadian computer, email address, or network if you have express consent (or in some circumstances, implied consent) to send it, with very limited exceptions. The requirement for consent before sending the message is the most important difference between CASL and CAN-SPAM. A commercial electronic message sent in compliance with CASL must include identification of each sender (there can be more than one); each sender’s contact information; and a free unsubscribe mechanism (see the statute and implementing regulations for full requirements). There are some limited categories of CEMs excluded from all or some of CASL’s requirements (for example, quotes or estimates requested by a recipient are excepted from CASL’s consent requirements only, but still require compliance with CASL’s identification, contact information, and unsubscribe requirements). CASL also covers other topics such as installation of computer software.
Do I need consent to send a commercial electronic message? Under CAN-SPAM, you don’t need express or implied consent before sending a commercial message (but it is an industry best practice to only send marketing messages to opt-in recipients). Under CASL, you need express consent (or in limited circumstances, implied consent) first. When asking for express consent under CASL (e.g., on a web page visited by a Canadian resident), you must disclose (a) that the communication is from your company, including a mailing address and either phone number, email address or web address; (b) the purpose for which consent is being sought; and (c) a statement that the person can withdraw consent. Remember that under CASL you can’t send an email asking for consent (as that email would violate CASL). Consents should be obtained through other means, e.g., during the website checkout process, via checked boxes on paper forms, etc. There is an exception to the consent requirement providing an implied consent for business relationships existing as of July 1, 2014, but that only lasts for 3 years and you still need to comply with all other CASL requirements when sending messages under that implied consent.
What is the difference between express and implied consent? Express consent is clearly and unambiguously stated, where implied consent is inferred from behavior and situational circumstances. When you take an affirmative action to clearly and unambiguously give consent, such as checking a box or signing your name, you are providing express consent. If you don’t uncheck a box indicating you wish to receive marketing communications, or you give your business card to someone, your consent to receive marketing communications is inferred, and you have provided implied consent. (Only certain types of implied consent are acceptable under CASL – see the statute for specifics.) Under CAN-SPAM, there is implied consent to send an unsolicited message unless the recipient has opted out of receiving it.
What should I do if I cannot tell where a person is from when asking for the right to market to them? If you believe your campaign is likely to include Canadian recipients (e.g., it includes some .ca addresses), consider whether to follow CASL’s requirements for the Canadian recipients in the campaign. If you use a form to collect email addresses which will be used to send commercial electronic messages, please consider whether to require consent, or to pop up a consent box if the email address is a .ca address. If the form is on a Canada-specific page, you should always obtain consent.
The effective date of CASL is almost here, so don’t delay any further if you haven’t been paying attention to whether your electronic marketing strategy in Canada is CASL compliant. Failure to properly CASL could put your business in check.
