In a previous post, Evaluating the Industry Canada CASL regulations: why they are needed, I suggested that close scrutiny needs to be given to Industry Canada’s new draft Electronic Commerce Protection Regulations. CASL’s “ban all” structure makes it imperative that generous regulations be adopted to ensure that the goal’s of Canada’s new anti-spam/anti-malware law (CASL) are met. In another post, Evaluating the Industry Canada CASL regulations: how to assess them, I proposed a framework for assessing the regulations.
I then evaluated the proposed family and personal relationships exception in the post, Evaluating the Industry Canada CASL regulations: family relationships and personal relationships, finding them very troubling and concluding that without rectification CASL would adversely and surprisingly impair the ability of ordinary Canadians to communicate with extended family, friends and acquaintances and people who know each other from being members of the same clubs and associations, from going to school or engaging in recreational activities together, or from business, professional or other settings.
In the post, Evaluating the Industry Canada CASL regulations: the B2B exception (Part I-SMEs), I examined the proposed new business to business exception, focusing on its failure to remedy CASL’s impairment on the start-up and growth of small and medium sized enterprises. In my last post, Evaluating the IC CASL regulations: the B2B exception (Part II-Non-business entities), I showed how the regulations fail to address the harsher burdens CASL places on not-for profit organizations like charities, hospitals, and educational institution than on businesses, even though they have the least resources or wherewithal to bear those burdens.
In tthe post Evaluating the Industry Canada CASL regulations: jurisdictional overreach, I focused on the regulations failure to correct CASL’s jurisdictional overreach. I focused on two issues. First, CASL’s extra-territorial reach over foreign organizations and compliance with principles of international comity. Second, that CASL’s territorial reach will threaten high paying service jobs, research, development and technological innovation in Canada.
In this post I address the vexing problems posed by CASL’s extra-ordinarily broad definition of commercial electronic message (CEM) and its implications for organizations and individuals.
The term CEM is defined in an open ended way to be “an electronic message that, having regard to the content of the message, the hyperlinks in the message to content on a website or other database, or the contact information contained in the message, it would be reasonable to conclude has as its purpose, or one of its purposes, to encourage participation in a commercial activity”. Examples deemed to be CEMs by the law are offers to purchase or sell a product, good, or service or to advertise or promote them.
The message can be in an email, SMS message, instant message, or to an electronic address that is similar. Some messages transmitted in online portals and online marketplaces and social networks may be caught. It is unclear which ones are caught and which are not. The content can include text, sound, voice or images.
The message can be a CEM if any of its purposes, even a minor one, is to encourage participation in a commercial activity, a term that is also broad as it includes any particular transaction, act or conduct or any regular course of conduct that is of a commercial character. It is also not only what is in a CEM that counts. Any content that is in a hyperlink can be considered. Members of the CRTC recently told a group in Toronto that linking to a home page of a business can be enough.
Moreover, the contact information of an organization can be considered. It seems clear as well that an organization that uses a logo or trademark, especially a famous one like the word mark or a stylized mark like Coke, in an electronic message could be accused of not using the mark in a mere nominative way, but rather to use the goodwill associated with the mark so as to promote the brand and the products sold under it. It will probably take a decade of class action suits to develop a test for distinguishing those two uses.
Any publication that is sent to members of the public could be caught if it contains an advertisement, endorsement, or promotion of a product or service, or does do indirectly such as by providing links that give contact information about where to find a product or service. Newsletters, content feeds sent to email mail boxes (perhaps also a Google Reader account?), magazines, e-books, photos and even a video sent by e-mail or instant message could be considered a CEM depending on what ads, commercials, related materials, hyperlinks, or other information is included. Even the Ontario Reports sent by email could be a CEM because they contain ads by lawyers and notices of upcoming programs being put on by the Law Society. Newsletters sent by charities, non-profits, and political parties that ask for donations or that publicise a lottery such as to raise funding for cancer research could be caught.
The technological taxi that is the Internet will now be potentially encumbered by CASL restrictions. Delivering something by mail or courier will not be illegal. But deciding to deliver the same content electronically will be more onerous. We know what the Supreme Court thinks about this. See, Entertainment Software Association v. Society of Composers, Authors and Music Publishers of Canada, 2012 SCC 34 interpreting the communication to the public right and commenting about the need for delivery systems to be treated in technologically neutral ways.
The term CEM is very vague and could easily be accused of failing to provide fair notice to citizens of what conduct is the subject of legal restrictions, a problem that could be raised in one of the expected challenges under the Charter of Rights and Freedoms. See,R. v. Nova Scotia Pharmaceutical Society,  2 SCR 606.
Even more fundamentally, the broader the sweep the less the restrictions can be justified. There is justification in requiring express consents, form and unsubscribe formalities for false and misleading messages and in prohibiting messages sent out after a person has notified the sender that the person doesn’t want to receive any further messages. There is far less justification when even announcing who you are, identifying yourself, and providing information about where you can be found, and other open ended factors become inicia in determing illegality. Can you imagine a law that makes it illegal for a merchant to identify itself in public and to speak unless everyone provides prior express consent? The legitimacy of the broad prohibitions fall away, especially when tested against Charter values that require minimum impairment when speech is involved.
What concerns many about the scope of CEMs is its application to consumer friendly service messages like a notice that roaming charges may be incurred or that a GIC, mortgage, or loan is about to mature. These types of messages might be construed as implicitly encouraging users to buy roaming minutes or renew these financial products. Messages that go further to give consumers information about their options – information they surely want – would most likely cross the line. The problems here are twofold.
First, consumers must be given the option to unsubscribe from receiving any CEMs. If a consumer picks such an option, it would be illegal to send these kinds of messages. It could also even be illegal to send a consumer a message asking if the consumer meant to unsubscribe from receiving such messages, as that message might be considered a request for consent to send a CEM, something that is also illegal under CASL. This is a bad outcome all around.
Second, organizations are attempting to build business models that eliminate paper. But, if consumers with whom organizations have existing business relationships can unsubscribe from receiving CEMs that are statements, factual information, subscribed for content, warranty information and other information (including all of categories of information in s6.6), oganizations could never rely on moving away from also having paper based systems, unless they are willing to give up doing business with those consumers. This is also a bad outcome and runs counter to fostering a digital strategy for Canada.
Another concern is financial. There are major costs associated with implementing systems to comply with the consent, unsubscribe, and disclosure requirements of CASL. Organizations need to know which types of messages are covered in order to develop processes to handle each. There are costs associated with each decision. Yet, it has become an organizational mind bending problem to figure out what is in and what is not. You just have to sit through enough meetings as I have in trying to help clients comply with CASL and hear enough scenarios to realize how unworkable the definition is.
Industry Canada suggested the problem with the ambiguous scope of CEMs could be addressed through “interpretational guidelines and other guidance material”. However, the public has the right to know what is legal and what is not, especially when the restrictions involve fundamental freedoms of speech and the penalties for being off side are so severe.
CASL’s goal was to promote confidence in electronic commerce. It’s hard to be confident about electronic messages when you don’t know the rules, even identifying yourself by brand or contact information, such as by hyperlinks produces risks, and when not being able to provide consumers information they want and need – and then getting blamed for not doing it – is illegal. These problems should be fixed or at least be ameliorated before CASL becomes law.
For more information about CASL, see, CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline.