Will it be illegal to recommend a dentist under Canada’s new anti-spam law (CASL)?

January 3rd, 2012 by Barry Sookman Leave a reply »

Over the holidays I got an email from one of my relatives visiting Toronto. She asked me to recommend a dental surgeon for an unexpected tooth extraction. She also asked me to refer her to other dentists to get additional recommendations. I sent her an email with a recommendation to get treatment from a dental surgeon who I encouraged her to see and also provided the name of a family dentist who could make other recommendations. My email included a link to a website of the clinic operated by the dental surgeon. My wife sent a similar email when I told her my relative was looking for a dentist. Later that day I started wondering whether responding to this type of inquiry would be legal or illegal under Canada’s anti-spam law (CASL), once it is proclaimed into force.

The legality of recommending a dental surgeon to someone with a toothache should be a no-brainer. But under CASL sending anyone an email, IM, or other electronic message that encourages participation in a commercial activity may be illegal. Even recommending a dentist to a person with a toothache could be illegal under CASL. In fact, in many instances it would be impossible for the average Canadian to comply with all of CASL’s strictures even if all they wanted to do was recommend a dentist to someone with a toothache.

To determine whether a person will be able to legally email a recommendation for a dentist to someone asking for one without worrying about violating CASL, the average Canadian will have to make a number of legal determinations.

The first is whether the email or other electronic message is a “commercial electronic message” (a “CEM”).  An email would be an electronic message. To be a CEM the message including any links in the message need only encourage participation in a commercial activity. It is not limited to encouraging participation in a commercial activity with the sender of the message.

My email to my relative may well have been a CEM because it contained a recommendation and encouragement to purchase services from a dental surgeon and because the link to the clinic would display the clinic’s website which contains a description of clinic’s services, hours of operation, contact details, and other information about the clinic designed to solicit patients and new business. The referral to another dentist to recommend a dental surgeon would not likely have been enough to make the email a CEM on its own. However, since an email is a CEM if any part of it encourages participation in a commercial activity, the email as a whole would still likely be a CEM.

The next question is whether CASL contains any exceptions that make its internationally unprecedented onerous requirements inapplicable. There is an exception that permits a CEM to be sent to a person who has a personal or family relationship with the sender, as defined in the regulations. Since only draft regulations are available, we don’t know for sure whether sending a CEM to one’s relatives, friends or others will be illegal or not if CASL is not complied with. However, if we assume that the regulations that are ultimately finalized will be at least as broad as the draft CRTC and Industry Canada regulations, we can make some preliminary conclusions.

Under the draft Industry Canada regulations family relationship and personal relationship are defined as follows:

(a) “family relationship” means the relationship between individuals who are connected by

(i) a blood relationship, if one individual is the child or other descendant of the other individual, the parent or grandparent of the other individual, the brother or sister of the other individual or of collateral descent from the other individual’s grandparent,

(ii) marriage, if one individual is married to the other individual or to an individual connected by a blood relationship to that other individual,

(iii) a common-law partnership, if one individual is in a common-law partnership with the other individual or with an individual who is connected by a blood relationship to that other individual; and

(iv) adoption, if one individual has been adopted, either legally or in fact, as the child of the other individual or as the child of an individual who is connected by a blood relationship to that other individual; and

(b) “personal relationship” means the relationship, other than in relation to a commercial activity, between an individual who sends the message and the individual to whom the message is sent, if they have had an in-person meeting and, within the previous two years, a two-way communication.

Under these definitions some of my relatives and I would have a “family relationship”. For example, CASL exempts sending CEMs to parents, siblings, children, and other lineal descendants. I could also respond to an email with an email recommending a dentist to my aunts and uncles and first and second cousins as they are of “collateral descent” to my grandparents without violating CASL.[1]

Once you get past the obvious close “family” relationships, however, the average Canadian would need to have the knowledge of an estates, family, tax or immigration lawyer to know whether their family member is someone to whom they can recommend a dentist without being subject to CASL’s strictures.[2] Recommending a dentist would likely be illegal if sent by email, for example, to a great uncle or aunt or someone more removed than a second cousin, or members of their immediate families, unless CASL’s strictures are complied with.

CASL exempts certain friends where they fit into the “personal relationship” class, as defined in the regulations. However, CASL and its prohibitions against sending emails and other electronic messages that are CEMs would apply to a variety of other situations the average Canadian would never expect. It would apply to sending a recommendation to a friend you went to high school or university with, played a sport or went to camp with, were members of the same club, or simply had lost touch with, and hadn’t spoken or “had a two-way communication” within the last two years. It would apply to a friend who had moved away for a few years and was moving back and needed a dentist. You couldn’t email a friend of a friend to recommend a dentist, without violating CASL. You couldn’t recommend one to your brother or sister’s friend, or the parents of your child’s friend. You couldn’t reply to an email to recommend a dentist by email to a person you met at a party from out of town, but that you didn’t have a chance to directly speak to.

You also couldn’t send an instant message to someone recommending a dentist you had been conversing with over Facebook, even though you may have shared family pictures and videos with the person as well as had real time live video chats with the person continuously over the course of years. CASL does not recognize virtual friends as “friends”, even though many people would, at least in some circumstances.

Trying to help others by recommending a dentist to remedy a toothache could also be illegal in many other circumstances. If the person asking for help is not within the definition of “family relationship” or “personal relationship”, making a recommendation using email could be illegal. For example, if you are a lawyer negotiating a deal with out of town lawyers and are asked by email for a recommendation to a dentist to address a sudden toothache, none of the CASL exceptions would apply. They would also not apply to helping out a person you had just met related to a commercial activity e.g. a sales meeting with an out of town potential customer or supplier.

Unless the person asking for help is totally excluded from CASL by virtue of being in the “family relationship” or “personal relationship” classes, the next question the average Canadian will need to know before responding to a request for help is whether the person has the consent of the recipient to respond to the email. Again, one would have thought that it was a no-brainer that a person could reply to an email asking for a dental recommendation since one could easily imply or infer consent from the request. However, unlike New Zealand and Australia, Canada has chosen not to recognize inferred consents as valid under CASL. CASL also excludes all implied consents unless the relationship between the parties falls into the tightly defined categories of “existing business relationship” or “existing non-business relationship”, or several other limited classes in Section 10(9). In the case of a request for a dental referral, none of them are necessarily going to be applicable. Neither would any of the exceptions in Section 6(6) which sets out specific circumstances in which the requirement for an express consent is waived.

In these circumstances, a person could only respond to the email request if the request itself can be construed as an “express consent” to respond with a recommendation. CASL does not define the term “express consent”. It likely means an affirmative consent – something more than the type of consent that can be implied under paragraph 4.3.7 of Schedule 1 to PIPEDA,[3] or inferred from the circumstances. From a form perspective, it may also require that the consent be in a verifiable form including in writing or in an electronic format.[4] If so construed, an oral consent would not be recognized as a valid consent.

It is unclear whether a person asking for a recommendation gives an express consent (as contrasted with an implied or inferred consent) to reply with a recommendation. It is even more unclear whether a request for help includes an express consent for a third party, such as in my case, my wife, to give her recommendations. In the circumstances, there would be little doubt that my wife would have had implied or inferred consent. But, that would not have been enough to make her reply legal under CASL. CASL even makes it illegal to ask someone for consent to send him or her a CEM. Calling to ask permission wouldn’t help either since CASL’s draft regulations require all requests for consent to be in writing. So as absurd as it seems, it would not be clear that my wife or I would have had consent under CASL needed to make recommendations to the person in need of dental services –  even in reply to the person’s own email asking for help. Even more incredibly, there would be no legally recognized way to even ask for the consent.

Even assuming my wife and I had express consent to send the email replies, the emails would still need to comply with CASL (and its regulations’) formalities. In particular, our emails, to be legal, would need to

(a) set out prescribed information that identifies the person who sent the message;

(b) set out information enabling the person to whom the message is sent to readily contact the sender (the contact information must be valid for 60 days; and

(c) set out the prescribed unsubscribe mechanism.

Under the draft CRTC regulations, our email replies would have been illegal unless they contained our names and our “physical and mailing address, a telephone number providing access to an agent or a voice messaging system, an email address and a web address”.

It seems absurd that my wife and I would be forced to disclose our personal information – information protected by PIPEDA – simply to reply to an email requesting a recommendation for a dental surgeon. However, CASL compels every individual who sends a CEM on their own account to disclose this personal information. In fact, CASL makes all anonymous commercial speech in the form of CEMs illegal in Canada, regardless of the circumstances.

Moreover, it would be illegal to send the recommendations unless the other CASL requirements including having a web address and a voice mail system are met. My wife doesn’t have a web site. While I have this blog, it is not set up to receive communications under CASL. Accordingly, when CASL is proclaimed into force, we would not be able to reply to requests for recommendations in a manner that meets CASL’s identification requirements.

It doesn’t end there. CASL also sets out extremely onerous requirements for an unsubscribe mechanism which must be included with all CEMs. Under CASL, the unsubscribe mechanism must

(a) enable the recipient to indicate, at no cost to them, the wish to no longer receive any CEMs, or any specified class of such messages, from the sender, using (i) the same electronic means by which the message was sent, or (ii) if using those means is not practicable, any other electronic means that will enable the person to indicate the wish; and

(b) specify an electronic address, or link to a page on the World Wide Web that can be accessed through a web browser, to which the indication may be sent.

Under the draft CRTC regulations, the unsubscribe mechanism must also be able to be performed in no more than two clicks or another method of equivalent efficiency.

So, incredibly, under CASL, unless one of the “family” or “personal” relationship exemptions applies, neither my wife nor I could legally respond to a request for a recommendation for a dentist unless we also included in our emails the above unsubscribe options to the hapless requestor. CASL would require the average Canadian to license the same kind of “unsubscribe” tools that have become common place with commercial newsletters and mailouts – just to be able to recommend a dentist to a person with a toothache.

It is also interesting to consider the position of the dentists who were asked for email recommendations for dental surgeons. Their recommendations would likely also be CEMs. If they responded directly to my wife or me, they may, depending on our relationship with them, have an existing business relationship which would permit them to reply to us without an express consent. However, they would likely not have had express consent to send recommendations directly to my relative, nor would any consent to send these CEMs be implied under CASL. The dentists wouldn’t even have been able to pick up a phone to call to get permission to send recommendations electronically or send an email asking for permission. Accordingly, it would likely be illegal for the dentists to reach out electronically to my relative with recommendations for an oral surgeon. It also seems unlikely they would even think to comply with CASL’s identification and unsubscribe requirements. Their best legal course of action would be to refuse to help – and leave my relative without important information needed to assess what dental surgeon to retain. Ironically, they could communicate with my relative through conventional mail or by phone, methods usually seen as more intrusive forms of communications.

The strictures of CASL will also apply to other electronic formats including messages sent using instant messaging systems like BlackBerry Messenger (BBM) and other social networks, and SMS messages. They would also likely apply to recommendations forwarded using services such as Groupon or Livingsocial. However, it is virtually impossible to practically comply with all of CASL’s formalities using these messaging types – even assuming it is desirable to have these formalities apply in the circumstances.[5]

Consider for example if the request for the recommendation for the dental surgeon had been received via an SMS message. It would likely be impossible for the average Canadian to respond to the message via an SMS message. As noted above, CASL requires each CEM to include detailed identification information as well as an unsubscribe mechanism. It is impossible to include all of this information in the 140 character space limits that this messaging format permits.

The draft CRTC regulations provide an alternative that is equally unworkable. They provide that:

If it is not practicable to include the information referred to in subsection (1) and the unsubscribe mechanism referred to in paragraph 6(2)(c) of the Act in a commercial electronic message, that information may be provided by a link to a web page on the World Wide Web that is clearly and prominently set out and that can be accessed by a single click or another method of equivalent efficiency at no cost to the person to whom the message is sent.

The CRTC draft regulations would require individual Canadians, young and old, to do the following merely to reply to a request for a dental recommendation using SMS:

  • Have or establish a web site.
  • Publically post on the web site the individual’s PIPEDA protected personal information including physical and mailing address, telephone number and email address.
  • Establish a mechanism to receive unsubscribe requests and disclose this on the individual’s web site.
  • Include in the reply SMS message the dental recommendation and in the same 140 character space limit “clearly and prominently set out” the web link. Some links can be more than 140 characters. So this would force individuals to find link shortening tools that work on the person’s mobile phone and to copy the results into the SMS message. Even then, it is hard to see how the recommendation and the links could be included in only 140 characters.
  • Find a way to make the individual’s web site accessible in a single click from the SMS message. (On my phone it takes at least two clicks. One to select the link, the other to engage it.)

Consider next if the request for the recommendation for the dental surgeon had been received via an instant message from a BBM user. Again, it would likely be impossible for the average Canadian to respond to the message via BBM. Since it would not be practical to include all of the identification and unsubscribe information in a BBM message, individual Canadians would need to do the same things as a person replying using SMS. This is as unworkable for BBM and other IM messaging systems as it is for SMS messaging.

CASL is touted as being technologically neutral. But only part of it is. A CEM is defined, essentially, to include email, IM, telephone and similar messaging systems. However, the message form, prescribed requirements, and unsubscribe mechanisms are firmly rooted in a PC based email architecture, with work around add-ons that permit, without necessarily enabling, compliance using another specific technology – the web.  This asymmetrical approach to technological neutrality makes it a problem today – even before CASL is proclaimed into force. One can well imagine that as the technologies of communication evolve, CASL will increasingly hinder the innovation and deployment of new technologies and business models in Canada. This will undoubtedly disadvantage Canadians, who alone will be subject to laws as stringent and prescriptive as CASL.

It is obvious that the strictures of CASL are not limited to requests for dental surgeons. They would apply to requests that ordinary Canadians routinely get. They would apply ubiquitously to recommendations for any product or service including recommendations for doctors, lawyers and other professionals, restaurants, financial planners, stockbrokers, bankers, real estate agents, car dealers, bakers, plumbers, electricians and other contractors, retail stores, movers, babysitters, school tutors, and so forth – you name it. They would also apply to prevent individuals whose business life blood relies on third party recommendations from reaching out electronically to prospective new clients. For example, a real estate agent could not email a friend of a satisfied customer for a potential listing at the suggestion of the customer. Nor could a stockbroker make a “cold email call” to a friend of a customer at the suggestion of the customer.

It is also obvious that CASL could apply also to a myriad of other situations in which email or other electronic means are used in relation to a commercial activity. For example it could apply to a kid trying to buy or sell a baseball or hockey card; a student trying to buy or sell high school, college or university used textbooks; a mother trying to hire a new babysitter; or a kid soliciting a parent of a friend to shovel snow or mow a lawn for some extra cash. It goes on and on – you can only imagine.

CASL also makes it illegal for anyone to “aid, induce, procure or cause to be procured” breaching the anti-spam and its other provisions. Accordingly, it would also be illegal for a parent to help his or her child buy or sell the baseball or hockey card or the school textbooks or to solicit customers for snow shoveling by electronic means. Conceivably, providing access to a home computer with permission to use it for these purposes could be enough to create liability.

CASL and its strictures could apply to an unlimited and unpredictable set of activities engaged in by individuals, professionals, and large and small businesses including start-up businesses. Yet, its list of exceptions is narrow and can only change through a slow reactive regulatory process. Meanwhile, kids selling baseball cards or trying to make some needed money cutting grass, students trying to buy a used textbook to save money, mothers trying to hire babysitters for a needed night out, and others would have to set up websites, establish unsubscribe mechanisms and publically disclose their personal information on the web to try and comply with CASL just to do those basic things.

While on vacation I also thought about the occasional emails I get from my local cottage street association asking for a financial donation to help fund issues of importance to our neighborhood (my cottage is close to the riding of Minister Clement, who was originally the Minister responsible for CASL). Sending these emails will become illegal under CASL. No one has expressly consented to receiving them. But, it is implied, or at least inferred, by most everyone that such emails are wanted. In some cases the individuals receiving the emails would have “personal relationships” (as defined in the draft Industry Canada regulations) with the street volunteer who sends out the emails. In some cases they would not. None of the other exceptions in CASL would apply to dispense with obtaining express consents to send out the  emails. The local street volunteer is also unlikely to want to disclose his or her PIPEDA protected personal information merely to send emails to members of the street “association”. The street volunteer is also unlikely to be able to comply with CASL’s formality requirements which include having a web address and a formal unsubscribe mechanism.  (So will many unregistered charities which will also be very significantly impacted by the restrictions in CASL.) So, when CASL comes into force, the street volunteer will either likely continue as before illegally, or stop because CASL stifles using electronic means of communication.

The volunteer may need think long and hard before violating CASL, however, because the penalties for violation can be severe. Every person who contravenes any of anti-spam provisions can be liable for a fine (an administrative monetary penalty or AMP). The maximum penalty per violation is a $1,000,000 in the case of an individual, and $10,000,000 in the case of any other person. A person who merely aids in the violation – for example, the parent who helps a child get a snow shoveling job – can be liable for a fine of up to the same $1 million dollar maximum per violation. CASL also subjects individuals to damages and penalties under the private right of action provisions. The penalties can reach a maximum of $200 for each contravention not to exceed $1,000,000 for each day on which it occurred.

It is highly unlikely that the CRTC would seek the maximum penalties against individuals for some of the activities described here, assuming it even decided to prosecute individuals for some of these kinds of transgressions. However, individuals who know about these potential fines – such as the dentist who is asked for a recommendation or the street volunteer- might well decide that the risks associated with CASL to them outweigh the socially beneficial activities they were inclined to engage in.

It is ironic that under the Bill-C-11 (The Copyright Modernization Act) , the Government plans to lower the current cap on statutory damages from a maximum of $20,000 for each work infringed in the proceeding to a maximum $5,000 for all works infringed where the infringement is for a non-commercial purpose. Yet, when it comes to CEMs, CASL would make individuals liable for up to $1 million dollars per violation.

It is hard to imagine that Parliament could have intended to make electronic communications responding to requests for recommendations for needed information illegal. Nor is it conceivable that Parliament intended to make it illegal for local neighborhood associations to communicate electronically. Nor is it likely that many of the other problems described here could have been intended by Parliament. I very much doubt, for example, that Parliament intended to make kids buying or selling baseball cards or mothers trying to hire babysitters, or people trying to help them with these things, worry about CASL. But, CASL potentially affects everyone.

My colleague Lorne Salzman and I have pointed out elsewhere, that CASL will have many more unintended consequences including:

1)      FISA will impede start-up businesses from launching in Canada.

2)      FISA will impede Canadian businesses from developing new marketing models over the Internet.

3)      FISA will deter suppliers of service providers, including outsourcing and cloud service providers, from operating with or maintaining facilities in Canada.

4)      FISA will deter foreign businesses from offering their products to Canadians via the Internet, mobile and other communications networks.

5)      FISA will impose costs and restrictions on Canadian businesses that their competitors outside Canada will not have to bear.

6)      FISA contains very strong incentives for Canadian businesses to confess wrong-doing, even in cases of questionable or trivial conduct, thereby tarnishing the reputation of legitimate businesses in circumstanceswhere the offending conduct is not significant.[6]

Numerous organizations filed detailed submissions with Industry Canada and the CRTC in response to the draft regulations. They pointed out a multitude of unintended consequences with CASL that would make doing business in Canada electronically difficult, expensive, and in some cases impossible. The submissions pointed out how CASL could stifle innovation and put Canada at a competitive disadvantage relative to our trading partners, none of which have taken such an onerous or prescriptive approach to regulating electronic commerce. A summary of the comments can be found here. The Government is currently reviewing these submissions to determine if changes to the regulations, or additional regulations, are required to address these problems.

The problems identified above can be somewhat alleviated by adding new exceptions to CASL by regulation. However, regulations which merely incrementally add more narrow exceptions to address newly identified problems will not solve the fundamental structural problem with CASL. CASL bans all commercial speech in the form of commercial electronic messages – whether wanted or unwanted – unless the specific class of the message falls into an identified exception, and unless its strictures are also met. This approach inevitably will ban some – probably a lot of – desirable and constitutionally protected speech. Incrementally creating new exemptions to address newly recognized impingements on commercial speech will not solve the structural problems with CASL. It would be playing wac-a-mole with basic freedoms of Canadians. (CASL takes the same “ban-all” approach to computer programs, making illegal the installation of any program –good or bad- without express consent and compliance with other requirements.)

The approach CASL takes to commercial speech is akin to trying to prevent crime by making it an offense for citizens to leave their homes except for purposes that are listed as exemptions in the Criminal Code or in regulations – regulations that incrementally grow in number as new non-criminal activities are identified. It would be easy to name obvious initially exempt purposes such as work, school, and sports. But, with the myriad of diverse human activities, an unforeseeable plethora of legitimate activities that individuals expect can be legally engaged in in a free and democratic society would be criminalized. For example, if going camping, bird watching, or attending the annual Santa Claus parade were not in the class of exempted activities, it would be illegal to do them until the Government enacts new regulations to exempt them. The same is true with CASL.

One of the greatest problems with CASL is that it will chill and make legitimate commercial speech illegal. It will undermine fundamental freedoms protected by the Charter of Rights and Freedoms. My colleague Lorne Salzman and I raised this issue previously. So did a number of entities who made submissions to Industry Canada and the CRTC on the draft regulations.[7]

Following the Supreme Court of Canada’s decision in the Reference re Securities Act, 2011 SCC 66 case, questions might also be asked about the Federal Parliament’s constitutional jurisdiction to enact major portions of CASL including the anti-spam, anti-spyware, and address harvesting provisions. It may be that CASL would do better than the proposed national security regulator proposal as it does not interfere with property and establishes rules to address threats to commerce. However, it does regulate matters of a contractual nature such as consents and disclosures related to contractual activities and has similarities to provincial consumer protection legislation.

In light of the very substantial questions about, and problems with, CASL, once its regulations are finalized, the Government should consider referring the constitutionality of CASL including its compliance with the Charter of Rights and Freedoms to the Supreme Court of Canada.

Of course, steps could be taken to fix CASL before it is proclaimed into force. These measures could also help CASL survive the inevitable Charter challenge once it becomes law. But, merely tinkering with CASL through the regulatory process will not be enough. And it certainly won’t help you if you need a dentist when out of town.

 

For more information about CASL, see, CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline

_____________________

[1] Descent are of two sorts, lineal and collateral.  Lineal descent is descent in a direct or right line, as from father to grandfather to son or grandson. Collateral descent is descent in a collateral or oblique line, that is, up to the common ancestor and then down from him, as from brother to brother, or between cousins. Num v. Canada (Citizenship and Immigration), 2005 CanLII 62936, Burnaby Lake Greenhouses v. Her Majesty The Queen In Right Of The Province Of British Columbia, 2005 BCSC 1682.

[2] See Wikipedia “Cousins” http://en.wikipedia.org/wiki/Cousin

[3] Individuals can give express consent under PIPEDA in several ways. For example:

(a) an application form may be used to seek consent, collect information, and inform the individual of the use that will be made of the information. By completing and signing the form, the individual is giving consent to the collection and the specified uses;

(b) a checkoff box may be used to allow individuals to request that their names and addresses not be given to other organizations. Individuals who do not check the box are assumed to consent to the transfer of this information to third parties;

[4] See, Collection and Debt Repayment Practices Regulation, Alta Reg 194/1999, (Fair Trading Act) Consolidated Regulations of Alberta; Regulation respecting the Taxation Act, RRQ, c I-3, r 1; Income Tax Regulations, CRC, c 945, (Income Tax Act) Consolidated Regulations of Canada

[5] See, Fixing CASL: comments on the draft CRTC and Industry Canada regulations; Electronic Commerce Protection Regulations – Much Work Remains; Rethinking FISA

[6] See, Fixing CASL: comments on the draft CRTC and Industry Canada regulations; Electronic Commerce Protection Regulations – Much Work Remains; Rethinking FISA

[7] Rethinking FISA

Print Friendly
Advertisement