What is a Privacy Policy?
What is a privacy policy?
Create a tailored Privacy Policy, Terms & more in under 5 minutes.
Canada’s Anti-Spam Legislation (CASL) is a law that prevents businesses from sending unwanted commercial electronic messages to Canadians, whether the sender is based in Canada or not. The law requires businesses to get permission before sending marketing emails or texts, clearly identify themselves, and provide an unsubscribe option. Violations can result in fines up to $1 million for individuals and $10 million for companies per infraction.
Canada’s Anti-Spam Legislation (CASL) was enacted to shield Canadians from the detrimental effects of spam and the misuse of digital technology. The main goals of CASL include:
Before CASL, Canada was home to several of the world’s largest spamming organizations. By 2019, CASL successfully eradicated any Canadian organization from the list of the top 100 global spammers, showcasing the law’s effectiveness.
At its core, spam refers to unsolicited electronic messages, commonly emails, but also includes texts, messages through social media platforms, and unwanted software installations. Spam can carry risks like phishing schemes, identity theft, or the distribution of malicious software (malware).
CASL focuses specifically on commercial electronic messages (CEMs), which are communications that promote or encourage participation in commercial activity, even if there’s no expectation of profit.
CASL sets strict guidelines for how businesses can send CEMs. Whether sending emails, texts, or other electronic communications, organizations must follow these key rules:
One of the cornerstones of CASL is the requirement to obtain consent from individuals before sending them electronic messages. There are two types of consent recognized under CASL:
This is explicit permission provided by the recipient, often in writing or electronically. To be valid, organizations must clearly explain the purpose of the communication, who is seeking consent, and how recipients can opt-out later.
In certain situations, consent may be implied. For example, if someone has an existing business relationship with the organization, they may be contacted without express consent. Additionally, if a person publicly shares their contact information (such as on a website or business card), implied consent may apply as long as the message relates to the recipient’s business activities.
While CASL is strict, there are several exemptions to the consent and unsubscribe requirements:
CASL requires businesses to be more disciplined in their electronic marketing efforts. Organizations must now:
Consumers benefit significantly from CASL, as it reduces the number of unwanted and potentially harmful electronic communications they receive. Studies have shown a notable reduction in spam reaching Canadian inboxes since the law took effect. In fact, within the first year of CASL’s implementation, there was a 37% decrease in Canadian-based spam, and the global spam rate dropped significantly in the following years.
The Spam Reporting Centre (SRC) allows Canadians to report unsolicited messages that violate CASL. Between October 2021 and March 2022, Canadians lodged more than 167,000 spam complaints. Most of these complaints involved emails sent without consent, but spam in the form of text messages is also becoming increasingly common. Reporting spam helps authorities take action against offenders and keep the internet safer for everyone.
CASL imposes strict penalties for organizations that fail to comply with the legislation. Violations can lead to:
Businesses should regularly review their marketing practices and train staff to ensure ongoing compliance with CASL. With the right processes in place, companies can maintain positive relationships with customers while avoiding the costly penalties associated with non-compliance.