CASL is now in Effect!
Are you Compliant?
Inbox Marketer
Today’s Agenda
• CASL Overview & Timing
• Keys terms defined: EBR, CEM, Implied, Express
• Identification & Unsubscribe Re...
What is CASL?
Canada’s Anti-Spam Legislation
Intended to deter the most damaging
and deceptive forms of Spam:
Spamming Fra...
Important Dates
CASL
Passed
Dec. 2010
March 2012
CRTC Regs
Finalized
Industry
Canada Regs
Finalized
Dec. 2013
July 1, 2014...
What is a CEM?
A Commercial Electronic Message that encourages participation in a commercial activity
CASL provisions appl...
What is an EBR?
Existing Business Relationship
An existing business relationship is defined as a business relationship tha...
1. Consent
• Do you have Express or Implied consent?
2. Identification
• Messages must identify sender(s) & provide contac...
What is Implied Consent?
Implied Consent – the sender & recipient have an
existing business (or non business) relationship...
fdf
What is Express Consent?
Express Consent – recipients give a positive or explicit indication of consent
to receive CEM...
Consents cannot be bundled
“A request for consent cannot
be bundled with, requests for
consent to the general terms
and co...
Will Express consents under PIPEDA be
grandfathered as express consents
under CASL?
If you obtained valid express consent
prior to CASL coming into force, you
will be able to rely on that express
consent (a...
Does your organization have Implied
records in its database?
… you will have 3 years to upgrade (July 2017)
Transitional provision for Existing Email Contacts – If you
have (or had) a...
Does your organization actually have to upgrade their
Implied consents to Express?
The next question is an interesting one…
After CASL Comes into Force
… YOU CAN RELY ON IMPLIED CONSENT UNDER 3 SCENARIOS
1. Existing business relationship arising ...
After CASL Comes into Force
… YOU CAN RELY ON IMPLIED CONSENT IF
Existing business relationship arising from a purchase th...
A Best Practice to Consider
Do not turn on and/or refresh the email permission every time a member
transacts with you if t...
If you do choose to upgrade to express
• Upgrade message(s) should identify value proposition of your email
program; give ...
Industry Example of Upgrade Campaign
How to collect Express Consent under CASL
Requirements for Collecting Express Consent
Ensure clarity of language & branding so that customers are
well informed as t...
Requirements for Express Consent
Pre-checked boxes will not be allowed
Your Subscribe Page/Form must include:
• company po...
Fully CASL Compliant Example
Confirmation email is recommended
A confirmation (or welcome) email should
be sent after sign-up
Recommendation: Send imme...
Rule 2: Identification Requirements
Messages must identify sender & provide contact
information for the sender and if diff...
Rule 3: Unsubscribe Requirements
Must be clear & prominent and accomplished at no cost to the
customer
Must be able to be ...
Unsubscribe Requirements
An unsubscribe link must be present on all transactional emails
A recipient can unsubscribe from ...
How is Social Media effected by CASL?
Social Media under CASL
CASL covers all CEMs including social media messaging.
The Good:
- Posting your commercial content...
Social Media under CASL
Recommended Social Media policies for CASL Compliance:
1. Official accounts: list these on your we...
For B2B Organizations, there are some
exemptions to know about
There are some B2B Exemptions
Feedback:
Stakeholders argued that the legislation will prohibit regular
business practices ...
B2B Exemptions
… Section 6 of the Act does not apply to a commercial electronic
message
that is sent in response to a busi...
Also, Express Consent is Not Required if…
The CEM delivers a product or service (including updates)
that the recipient is ...
Next Steps & Recommendations
Create a CASL Compliant Database
Streamline your email programs
• Align the data teams
• Having multiple teams increases y...
Companies need to be able to prove
compliance if ever challenged
Proper Documentation Required
The burden of proof is on the sender
Recommended data capture fields
Level of Consent (Expre...
Identify all of your input sources:
• Point of Sale
• Call Center
• Web Forms
• Social Channels
• Offline Contests
• Event...
Identify all of your output sources:
• Email Service Provider
• Mobile Marketing Provider
• Web pages/triggers
• Ecommerce...
Identify all of your output sources:
Data management will be key to compliance
Review existing data and group consents:
• ...
Who needs to be involved?
Build a multi disciplinary swat team with a check list for each department
1. Privacy/Compliance...
Additional Recommendations
1. Contact your legal counsel. Get their input and sign-off as well as your
Privacy Officer
2. ...
Other things you should know…
• A Spam Reporting Center will be set-up and managed by
the CRTC
• Consumers & businesses wi...
Need help becoming CASL compliant?
• Inbox Marketer offers turnkey email marketing solutions that are
fully CASL compliant...
Próxima SlideShare
Cargando en…5
×

CASL is now in Effect! Are you Compliant?

691 visualizaciones

Publicado el

CASL is now in Effect! Are you Compliant?

0 comentarios
0 recomendaciones
Estadísticas
Notas
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Sin descargas
Visualizaciones
Visualizaciones totales
691
En SlideShare
0
De insertados
0
Número de insertados
27
Acciones
Compartido
0
Descargas
3
Comentarios
0
Recomendaciones
0
Insertados 0
No insertados

No hay notas en la diapositiva.
  • Super brief overview. Just talk to the fact that it is the new legislation “intended” to go after real spammers. The CRTC has said that they aren’t “out to get” legitimate marketers, however the legislation will require a lot of them to update processes.
  • Canada’s anti-spam legislation was passed in December 2010. Inbox has been following the progress since then.

    The next key dates that will impact marketers are the July 1st date this year where marketers need to be compliant with CASL and then the July 1st date in 2017 which is where the private right of action is in force.

    The key date that we’ll focus on today is getting ready for July 1st 2014
  • A commercial electronic message (CEM) is any electronic message that encourages participation in a commercial activity
    The message will need to directly promote a product or service in order to be a CEM.
    CASL provisions apply to all Commercial Electronic Messages sent to or from Canada.
    Email & SMS text messages are considered CEMs



  • Existing Business Relationship – An existing business relationship is defined as a business relationship that involves or arises from the purchase, lease or bartering of product, goods or services, a contract, or inquiry of a recipient within two (2) years immediately before the date the CEM was sent.
    If you’ve entered into a transaction with someone or a contract, you’d have an EBR. You can imply consent if you have an EBR.

  • The 2nd bullet Matt says violates our T&C
  • Existing Business Relationship – An existing business relationship is defined as a business relationship that involves or arises from the purchase, lease or bartering of product, goods or services, a contract, or inquiry of a recipient within two (2) years immediately preceding the date the CEM was sent.
  • Existing Business Relationship – An existing business relationship is defined as a business relationship that involves or arises from the purchase, lease or bartering of product, goods or services, a contract, or inquiry of a recipient within two (2) years immediately preceding the date the CEM was sent.
  • Existing Business Relationship – An existing business relationship is defined as a business relationship that involves or arises from the purchase, lease or bartering of product, goods or services, a contract, or inquiry of a recipient within two (2) years immediately preceding the date the CEM was sent.
  • Existing Business Relationship – An existing business relationship is defined as a business relationship that involves or arises from the purchase, lease or bartering of product, goods or services, a contract, or inquiry of a recipient within two (2) years immediately preceding the date the CEM was sent.
  • You don’t want to be the next US Airways.
  • Add the slide back about auditing your data groups
  • CASL is now in Effect! Are you Compliant?

    1. 1. CASL is now in Effect! Are you Compliant? Inbox Marketer
    2. 2. Today’s Agenda • CASL Overview & Timing • Keys terms defined: EBR, CEM, Implied, Express • Identification & Unsubscribe Requirements • B2B Exemptions • Next Steps & Recommendations Disclaimer: We are not lawyers , this is not legal advice.
    3. 3. What is CASL? Canada’s Anti-Spam Legislation Intended to deter the most damaging and deceptive forms of Spam: Spamming Fraud Hacking Harvesting Malware Privacy Invasions
    4. 4. Important Dates CASL Passed Dec. 2010 March 2012 CRTC Regs Finalized Industry Canada Regs Finalized Dec. 2013 July 1, 2014 Provisions in force Computer program provisions in force Jan. 15, 2015 July 1, 2017 Private Right of Action in force
    5. 5. What is a CEM? A Commercial Electronic Message that encourages participation in a commercial activity CASL provisions apply to all Commercial Electronic Messages sent to or from Canada. Commercial Electronic Messages Electronic Messages • Email • Text / instant messages • Social Media Commercial Activity • Offers to sell/lease of product/service • Offers Investment/business opportunity • Promotes individual • Requests for Consent
    6. 6. What is an EBR? Existing Business Relationship An existing business relationship is defined as a business relationship that involves or arises from: • the purchase, lease or bartering of product, goods or service within last 2 years • a written contract within the last 2 years • an inquiry of a recipient within 6 months immediately preceding the date the Commercial Electronic Message was sent
    7. 7. 1. Consent • Do you have Express or Implied consent? 2. Identification • Messages must identify sender(s) & provide contact information 3. Unsubscribe • Must be clear & prominent, able to be readily performed and accomplished at no cost to the customer There are 3 Primary Rules
    8. 8. What is Implied Consent? Implied Consent – the sender & recipient have an existing business (or non business) relationship Implied Consent is where the recipient has supplied/published work related email address and they have not included a statement that indicates they do not wish to be communicated via email Implied Consent is where the recipient has willingly disclosed their email address i.e. business card
    9. 9. fdf What is Express Consent? Express Consent – recipients give a positive or explicit indication of consent to receive CEM’s Your Email SubmitOR Under PIPEDA, pre-checked box’s are considered Express when the knowledge & consent of the individual is given They may check a box or type/write in their email address
    10. 10. Consents cannot be bundled “A request for consent cannot be bundled with, requests for consent to the general terms and conditions of use or sale.” A user must be able to consent to the general terms of sale while being able to refuse consent to receiving CEMs
    11. 11. Will Express consents under PIPEDA be grandfathered as express consents under CASL?
    12. 12. If you obtained valid express consent prior to CASL coming into force, you will be able to rely on that express consent (as long as you can prove having obtained valid express consent) A Big Win for Digital Marketers
    13. 13. Does your organization have Implied records in its database?
    14. 14. … you will have 3 years to upgrade (July 2017) Transitional provision for Existing Email Contacts – If you have (or had) an existing business or non-business relationship that already includes communication by commercial electronic message, you will have 3 years to upgrade Implied consents to Express Begin thinking about how your database will need to be configured to keep track of when customers upgraded For all existing implied records…
    15. 15. Does your organization actually have to upgrade their Implied consents to Express? The next question is an interesting one…
    16. 16. After CASL Comes into Force … YOU CAN RELY ON IMPLIED CONSENT UNDER 3 SCENARIOS 1. Existing business relationship arising from an inquiry, if no further action is taken, you have 6 months to continue to send and upgrade them to Express before you lose them 2. Existing business relationship arising from a purchase, lease, contract, barter (see section 10 for full definition of EBR) then organizations will have 2 years from time of EBR to continue to send & upgrade them to Express before you lose them
    17. 17. After CASL Comes into Force … YOU CAN RELY ON IMPLIED CONSENT IF Existing business relationship arising from a purchase that involves an ongoing use or ongoing purchase under a subscription, company will have 2 years from when the relationship terminates to continue to send & upgrade them to Express
    18. 18. A Best Practice to Consider Do not turn on and/or refresh the email permission every time a member transacts with you if they have unsubscribed. It is allowed under a strict reading of the legislation Not an ideal customer experience and therefore not recommended
    19. 19. If you do choose to upgrade to express • Upgrade message(s) should identify value proposition of your email program; give recipients a compelling reason to confirm their express consent. Be very clear on what they will be agreeing to receive • If database is large enough, test different offers. • Encourage customers to visit a preference center to update their email preferences. Our recommendation is to consider the value of an Upgrade campaign now vs. 2 years from now.
    20. 20. Industry Example of Upgrade Campaign
    21. 21. How to collect Express Consent under CASL
    22. 22. Requirements for Collecting Express Consent Ensure clarity of language & branding so that customers are well informed as to what they are agreeing to receive and the purpose(s) for which their consent is being sought. Yes, I would like to receive emails from CompanyABC with the latest information on your products, services and special offers
    23. 23. Requirements for Express Consent Pre-checked boxes will not be allowed Your Subscribe Page/Form must include: • company postal address & either phone number OR web address OR email address • link to Privacy Policy • a statement indicating that recipient can unsubscribe at any time
    24. 24. Fully CASL Compliant Example
    25. 25. Confirmation email is recommended A confirmation (or welcome) email should be sent after sign-up Recommendation: Send immediately or within 24 hours Asking recipients to confirm their opt-in is considered “double opt-in” and is the Gold Standard! Welcome message(s) helps to manage expectations and add clarity to what subscribers will receive as part of the email program
    26. 26. Rule 2: Identification Requirements Messages must identify sender & provide contact information for the sender and if different, the person on whose behalf it is sent The mailing address & either a phone number OR email OR web address must be present on the CEM Also required: A link to your privacy policy A link to your unsubscribe page Messages must not have false or misleading headers, subject lines or content
    27. 27. Rule 3: Unsubscribe Requirements Must be clear & prominent and accomplished at no cost to the customer Must be able to be readily performed (should be simple, quick and easy for the consumer to use) Cannot require a login Requests must be flagged without delay or no later than 10 business days Unsubscribe mechanism must remain functional for 60 days post deployment
    28. 28. Unsubscribe Requirements An unsubscribe link must be present on all transactional emails A recipient can unsubscribe from receiving transactional emails however if you do not include any marketing/promotional/commercial info, you may continue sending factual information about their account and/or purchases
    29. 29. How is Social Media effected by CASL?
    30. 30. Social Media under CASL CASL covers all CEMs including social media messaging. The Good: - Posting your commercial content to your brands social media accounts are ok - Twitter, Facebook pages, blogs, etc… The Bad: - Sending a DM if it’s a CEM is captured by CASL - Sending an @ mention message may be non-compliant
    31. 31. Social Media under CASL Recommended Social Media policies for CASL Compliance: 1. Official accounts: list these on your website and in the profiles of each account 2. Training of staff using these accounts and rules for posting 3. Maintain a policy around use of personal social media accounts vs. corporate or client accounts 4. Know the differences between what a reply is vs. Commercial messages 5. Use a commercial social media management account
    32. 32. For B2B Organizations, there are some exemptions to know about
    33. 33. There are some B2B Exemptions Feedback: Stakeholders argued that the legislation will prohibit regular business practices that are not among the malicious activities the Act was intended to capture. These would include sending banking e-statements, warrantee & recall messages, messages sent within or between firms with a current business relationship, etc.
    34. 34. B2B Exemptions … Section 6 of the Act does not apply to a commercial electronic message that is sent in response to a business request, inquiry, complaint or is otherwise solicited by the person to whom the message is sent that is sent to satisfy a legal or juridical obligation that is sent within a business or sent between businesses that are already in a business relationship where the messages are sent by an employee, rep, contractor or franchisee and are relevant to the business, role or function of the recipients
    35. 35. Also, Express Consent is Not Required if… The CEM delivers a product or service (including updates) that the recipient is entitled to receive under the terms of a transaction Third party referrals – only the 1st email can be sent without consent & you must identify the person’s first and last name who has provided the referral
    36. 36. Next Steps & Recommendations
    37. 37. Create a CASL Compliant Database Streamline your email programs • Align the data teams • Having multiple teams increases your risk of not being compliant • Create a centralized communications database and/or a centralized preference center • Create a centralized unsubscribe policy & database If companies don’t have the means to consolidate all their data across the different lines of business, at minimum, a central unsubscribe database is recommended.
    38. 38. Companies need to be able to prove compliance if ever challenged
    39. 39. Proper Documentation Required The burden of proof is on the sender Recommended data capture fields Level of Consent (Express vs. Implied) Date & time of the opt-in (for express) Date & time of the Existing Business Relationship (for implied) Source i.e. POS, web page, events, co-registration, list rental Why was email address collected? Newsletter? Promotions? IP address (nice to have, not a requirement) Capture what the subscribe form looks like – archive pages as they get updated Also consider implementing a “stop send” mechanism to track when implied consents expire and need to be suppressed Data Best Practice: suppress records, don’t delete
    40. 40. Identify all of your input sources: • Point of Sale • Call Center • Web Forms • Social Channels • Offline Contests • Events • Third parties • Other? What level of permission are you collecting (Express or Implied) at each source? If Express, ensure all prescribed information is present
    41. 41. Identify all of your output sources: • Email Service Provider • Mobile Marketing Provider • Web pages/triggers • Ecommerce solutions • Corporate emails • Social Networks • Other?
    42. 42. Identify all of your output sources: Data management will be key to compliance Review existing data and group consents: • Explicit * • Implied • Third party • Unknown • None
    43. 43. Who needs to be involved? Build a multi disciplinary swat team with a check list for each department 1. Privacy/Compliance 2. Legal 3. Marketing 4. Database Analytics team 5. Deployment team 6. Agents 7. Brand Managers 8. Sales team 9. Vendors & Partners
    44. 44. Additional Recommendations 1. Contact your legal counsel. Get their input and sign-off as well as your Privacy Officer 2. Educate all employees on the appropriate use of email addresses 3. Create a training program for all employees on what it means to be CASL compliant 4. Create a CASL compliance scorecard or checklist 5. Create a due diligence process & document it 6. Update all forms & processes that document consent
    45. 45. Other things you should know… • A Spam Reporting Center will be set-up and managed by the CRTC • Consumers & businesses will be able to report emails being sent without consent an emails with false or misleading content • Heavy fines for non-compliance - $10 million per violation for a corporation - $1 million per violation for individuals Permission was a best practice with PIPEDA, soon it will be the law!
    46. 46. Need help becoming CASL compliant? • Inbox Marketer offers turnkey email marketing solutions that are fully CASL compliant. • Digital Strategy & Email Best Practices • Email Design & HTML Development • Database Management & List Processing • Campaign Management & Email Deployment • Detailed Reporting & Analytics Call us at 519-824-6664 to hear how we can take your email program to the next level!

    ×