Nobody likes spam. Of the canned mystery meat variety or of the email variety that lands up in your inbox unasked for. Which is why many celebrated the July 2014 Canadian Anti-Spam Legislation ruling, a law generally prohibiting individuals and businesses from sending commercial email to Canadians without their consent.
But for small businesses and nonprofits it was also a cause for some consternation and confusion about what this meant for them and their ability to communicate with their customers and supporters. Confusion which your friendly Web Advisors addressed back then by answering your top 10 questions about CASL in this blog.
Now, three years on, with many even more stringent provisions in that law originally scheduled to come into force on July 1st, 2017, it is time for an update.
The Government Says… Hold On a Minute!
On June 7, 2017, the Government of Canada announced they were suspending “the implementation of certain provisions in Canada’s anti-spam legislation (CASL) in response to broad-based concerns raised by businesses, charities and the not-for-profit sector. The provisions, known as Private Right of Action, would have allowed lawsuits to be filed against individuals and organizations for alleged violations of the legislation.”
While the Government recognises that “Canadians deserve an effective law that protects them from spam and other electronic threats that lead to harassment, identity theft and fraud,” they also recognise that “Canadian businesses, charities and nonprofit groups should not have to bear the burden of unnecessary red tape and costs to comply with the legislation.”
As The Honourable Navdeep Bains, Minister of Innovation, Science and Economic Development, says: “Canadians deserve to be protected from spam and other electronic threats so that they can have confidence in digital technology. At the same time, businesses, charities and other non-profit groups should have reasonable ways to communicate electronically with Canadians. We have listened to the concerns of stakeholders and are committed to striking the right balance.”
In short, the July 1st opportunity for Private Right of Action has been put on hold while a parliamentary committee reviews the legislation.¹
The Canadian Chamber of Commerce Says… Hooray!
The PRA was particularly worrisome as it would have exposed business to potentially unjust and costly litigation. The Private Right of Action Provision would have allowed individuals to take legal action against any company which sent them an email they did not want to receive, without proof of damages.
“This is a big win for all Canadians. Businesses rely on their capacity to communicate with their clients, and some of these measures would have limited their capacity to do this,” said the Hon. Perrin Beatty, President and CEO of the Chamber. “Additionally, this provision would cost Canadians heavily in lost productivity and mischievous litigation,” he added.²
You Say… Wait, What?
What does this mean for how you can still have your say – and who you say it to – in terms of digital communications with your customers, the media, and other business partners and stakeholders? The consternation and confusion of three years ago still exists, and is now simply added to with this new announcement.
We Say… Stay the CASL Course
Understanding CASL – and government speak – has always been an issue for most ‘regular’ people. Ie. You, me, small business owners, big business owners, your mom, your dad, your lawyer… Which is why we wrote that original blog back in 2014 explaining exactly what CASL is and how it affects you and your small business. As for this recent stop on the CASL train, here’s the short version:
The government has decided to put a hold on the Private Right of Action provision of CASL that would have potentially hurt Canadian businesses by allowing individuals to take legal action against any company which sent them an email they did not want to receive, without proof of damages.
This doesn’t mean you can start emailing people willy nilly. All the original CASL rules and regulations are still in play – bear in mind penalties for the most serious violations of CASL can range from a maximum of $1 million for individuals and $10 million for businesses.
What it does mean is this:
It is CASL business as usual –
- Most of the law came into force July 1, 2014.
- Computer malware/spyware provisions came into effect July 1, 2015.
- The 3 year transition period for certain types of implied consent ends July 1, 2017.
As of July 1, 2017 –
- Implied Consent is still deemed in one of 4 ways:
- An existing business relationship (EBR)
- An existing non-business relationship (ENBR)
- Publication exemption (Directories, websites, etc)
- Business card exemption
- Implied Consent parameters are changing for EBR and ENBR:
- FROM: Anytime before July 1, 2014 consent was implied until July 1, 2017.
- TO: Now, consent is implied from last transaction, until two years, after which the relationship ends.
To Do Action Items –
- Scrub your databases – segmenting into express or implied if you have not already done so.
- Isolate EBR and ENBR consents and identify those that will expire:
- Ongoing business relationship are valid.
- Any consent implied on the basis of a pre-July 1, 2014 relationship will expire.
- Only implied consent arising from a relationship which has ended on or after July 1, 2015 will expire
To Be Announced –
- Individuals and businesses cannot bring a Private Right of Action as originally scheduled for July 1, 2017… yet!
We will keep an eye out for any further updates. Watch this space for CASL Version 3, but until then, as with everything in life, consent continues to be key!