The document summarizes Canada's Anti-Spam Legislation (CASL) which comes into effect on July 1, 2014. It regulates sending commercial electronic messages, altering transmission data, fraudulent practices, installing programs without consent, and collecting addresses or personal information electronically. It requires consent to send commercial emails and includes sender information, opt-out options, and no cost to unsubscribe. Penalties for non-compliance can include fines up to $1 million for individuals and $10 million for companies. The presentation provides an overview of key definitions, requirements, exemptions and prohibited practices under CASL.
4. What Does CASL Regulate?
• CASL regulates a broad range of activities, including:
– the sending of commercial electronic messages (not just emails)
– the altering of transmission data in an electronic message
– engaging in fraudulent or misleading practices through electronic
messages or websites
– installing computer programs without express consent
– automated collection of electronic addresses (email harvesting)
– unauthorized use of computers to collect personal information
April 16, 2014
5. Commercial Electronic Messages (CEMs)
• CASL’s anti-spam provisions prohibit a sender from
transmitting a commercial electronic message (“CEM”)
to an electronic address, unless:
i. the intended recipient has consented; and
ii. the message includes certain prescribed information.
April 16, 2014
6. CASL Compliance
• NEED TO GET CONSENT
OR
• Rely upon exemption
OR
• Face significant consequences/penalties
– Administrative Monetary Penalties
» A fine of up to $1,000,000 per violation for individuals
» A fine of up to $10,000,000 per violation for any other person
(i.e. any legal entity that is not an individual)
April 16, 2014
7. CEMs - Definitions
• “Electronic messages”
– Text message / Sound message / Voice message / Image message
• “Commercial” refers to anything that “encourages
participation in commercial activity”
– Advertisement of commercial activity
– Expectation of profit not necessary
• “Consent” can be Express or Implied
– An electronic message that requests consent to send a CEM can be deemed to
be a CEM
– Must be opt-in consent
– Implied if: “existing business relationship” or an “existing non-business
relationship” – for up to 3 years from law coming into force
April 16, 2014
8. CEMs Requirements
• CEMs must:
– Include sender identifying information
– Set out sender contact effective for at least sixty days
– Provide “opt out” or “unsubscribe”
– Be at no cost to person “unsubscribing”
April 16, 2014
9. Key Exemptions
• Messages from charities to raise funds
• Internal organization messages concerning activities of the
organization
• Messages between organizations that have a relationship about
activities recipient
• Messages in response to a request, inquiry or complaint
April 16, 2014
10. Alteration of Transmission Data
• Prohibited:
– Alteration of transmission data in an electronic message, causing sending to a
person other than intended recipient
• Exception:
– Alteration by telecommunications company for network management purposes
• Reason:
– Ensure electronic messages are not sent or copied somewhere other than where
the message sender believes his or her message is going
• Applicable if:
– Computer is located in Canada, or if the person is in Canada or acting under
direction of a person in Canada
April 16, 2014
11. Installing Computer Programs
• Prohibited:
– Installation in course of commercial activity of a computer program on another person’s
computer system, or use of an installed program to send a message without the express
consent of owner of the computer system
• Deemed Consent:
– For the installation of program (e.g., cookie, HTML, Java script, etc.)
• If reasonable to believe there was consent for installation
• Programs do not contain executable code
• Programs do not carry viruses or have the ability to install malware
• Applies to computer programs that:
– Collect personal information
– Interfere with the control of a computer
– Change or interfere with settings, preferences or commands
– Obstruct, interrupt, or interfere with access to or use of data
– Cause a computer to communicate with another computer without authorization
– Install a computer program that can be activated by a third party
– Perform any other functions specified in the regulations;
Does not apply to a function that is only transmission data.
April 16, 2014
12. Prohibitions
• False or misleading representations in the sender description,
subject matter field, message field, URL or other locator of an
electronic message or on a website
• Fraudulent and misleading representations have penalties under
both CASL and the Competition Act
• Harvesting
• Unlawful use of computer systems to collect personal information
April 16, 2014
13. START TO PREPARE NOW
Tips: January 2014 issue of MT’s Charities and Not-for-Profit
Newsletter, “Planning for Canada’s anti-spam legislation
(CASL) – Suggestions for auditing your organization’s current
electronic communications practices” available at http://
millerthomson.com/en/publications/
newsletters/charities-and-not-for-profit-newsletter/
january-2014/planning-for-canadas-anti-spam-legislation.
April 16, 2014