Canada’s anti-spam legislation (CASL) comes into force on July 1, 2014, but employers need to take proactive action now, said Joseph Cohen-Lyons, an associate lawyer with Hicks Morley, at a recent client event in Toronto.
CASL applies broadly to any electronic message “that has, as one of its purposes, the promotion of commercial activity,” Cohen-Lyons explained. However, one of the exclusions is electronic business-to-business communications where there is a relationship and the email relates to the business activities of the recipient organization. “So that’s actually going to carve out most of the emails that employees are sending on a day-to-day basis,” he added.
This legislation differs from anti-spam legislation in other countries in that it requires consent: people must opt in to receive messages, rather than simply being subscribed with an option to opt out. “So it’s going to require some affirmative action, some positive action, by organizations leading up to its implementation on July 1st,” Cohen-Lyons advised. “You can’t just sit back and wait for people to express their desire to no longer receive your messages.”
There are requirements relating to the form and content of messages as well, such as including a contact address and the identity of the sender. “There’s also the requirement to include what they describe as a ‘prominently displayed unsubscribe mechanism,’” he added—in other words, putting it in six-point font and hiding it at the bottom of the email probably isn’t going to fly moving forward.
And the penalties are steep. Those who do not comply could face fines of up of $1 million for an individual and $10 million for a corporation. While it’s unlikely that such harsh penalties will be swiftly and indiscriminately applied, Cohen-Lyons added, “the point is, the potential for serious fines is there—and it’s something that has organizations legitimately concerned.”
As an employer, how can you limit your risk? Cohen-Lyons provided a three-point action plan.
- Conduct an audit to understand the types of communications that your organization and its employees are sending electronically and how CASL might apply.
- Ask the right questions to determine who is managing the mailing lists, how contact information is received and if your organization is keeping up to date on consents, and assess the potential risk.
- Make changes to ensure that applicable electronic messages are CASL-compliant. For example, there are specific requirements relating to the unsubscribe function that will affect the messaging of many organizations.
Employers that need more details on CASL compliance should contact their legal counsel.