The CRTC has published materials recently used in public Information Sessions on Canada’s Anti-Spam Legislation (CASL). The materials consist of a video and transcript of one of the information sessions as well as slides. The transcript did not include answers given to questions from the public at the information sessions.
Much of the information provided had already been published by the Commission. However, some of the information was new or had elements that were new. The following are some examples.
Validity of prior express consents: Express consents obtained before CASL comes into force can be relied upon. Importantly, an express consent obtained prior to CASL coming into force does not require compliance with section 10 or the CRTC regulations pertaining to providing the requisite identification and contact information to be a valid express consent.
Transitional period for implied consents: Section 66 deems implied consent for a period of 36 months (unless the recipient withdraws consent earlier) as long as there was an existing business relationship or existing non-business relationship and the relationship included the communication of CEMs. The CRTC clarified that the transition period will apply if one of those relationships ever existed, regardless of how far back, if it included communication of CEMs e.g. “you could go back 25 years in theory”.
Quotes/estimates vs Requests, inquires and complaints: s6(6) of CASL deems there to be implied consent to send a CEM that provides a quote or estimate for the supply of a product, good, or service. S3(b) of the GIC Regs provides a complete exemption for sending CEMs in response to a request, inquiry or complaint, requested by person to whom the message is sent. One might have logically concluded that sending a quote or estimate in response to a specific request would be completely outside of CASL because it also falls into the express wording of the GIC Regs, even if it might only have qualified for the implied consent exemption under s6(6). Given that some merchants’ ecommerce platforms do not have any mechanism to add fields to include the information the CRTC says is required and therefore cannot comply with this CASL restriction without expensive system reworking, we can expect this position of the CRTC to be challenged at some point.
What is a CEM: One of the most confusing sections of CASL is s6(6). There is considerable debate as to whether each of the messages listed in the section is a CEM or is deemed to be a CEM because it is listed in the section as having an implied consent to send it, or must be a CEM before CASL applies to it. The CRTC suggested in its comments about messages containing quotes and estimates referred to in s6(6) above that the section only applies to them if they are CEMs. The slides state the following:
If you are sending a CEM that provides a quote or estimate for the supply of a product, goods, a service, land or an interest or right in land, if the quote or estimate was requested by the person to whom the message is sent, you do not need consent (express or implied). However, you are still required to meet information requirements and to add an unsubscribe mechanism to the CEM.
This requirement that a quote or estimate must be a CEM before s6(6) applies to it was repeated in the speech:
…if you are sending a CEM that provides a quote or estimate for the supply of a product, good, service, land or an interest or right in land and if the quote or estimate was requested by the person to whom the message is sent, you do not need consent, express or implied. However, you still need to – are required to meet the information requirement and to add an unsubscribe mechanism
The Commission’s interpretation of s6(6) above is the correct one. It gives meaning to the wording at the beginning of s6(6) which states that the section applies to a “commercial electronic message”. It avoids deeming messages such as transactional messages, safety notices, and messages that deliver purely factual information, or a product or service to be CEMs. It is consistent with the statements in the RIAS and also with previous guidance given by the CRTC in public meetings. See, CRTC guidance on interpreting its CASL regulations and guidelines at the IT-Can/TCLG meeting, CRTC clarifies questions about CASL, It would be useful for the CRTC to provide unequivocal public guidance that none of the messages in s6(6) must include identification and unsubscribe information unless they are CEMs.
Limited-access secure and confidential account: One of the new exemptions in the GIC Regs is the exemption for CEMs “sent to a limited-access secure and confidential account to which messages can only be sent by the person who provides the account to the person who receives the message”. This exemption was intended to be used for CEMs send through secure online portals like banking ecommerce portals.
The CRTC has interpreted this exemption as requiring that “within those accounts, communication is one-way: messages can only be sent by the person who owns or provides the account. The account-holder is unable to send messages to the account owner.” This restriction cannot be justified by the wording of the exemption. The only messages that the exemption refers to are those sent to the confidential account which is held by the user. The phrase “the account to which messages can only be sent by the person who provides the account” is intended to limit the message senders to those that send messages to the holder of the account and not messages sent back to the person who provided the account. This is confirmed by the language at the end of the exemption which clearly links the sender as being the person who sends messages to the “person who receives the message”.
The “one way” restriction interpretation of the CRTC also belies the policy behind the exemption, which was to remove restrictions on commercial speech where they served no useful purpose and to not regulate secure and confidential banking portals. There is no useful purpose served by preventing the exemption from applying where the portal functionality permits the consumer to communicate with an organization with which it does business. Further, because many banking portals already include two-way functionality, this interpretation of the exemption by the CRTC would also make it inapplicable to the very purposes for which it was intended.
What is a TSP: The GIC Regs introduced several new exceptions to the computer program provisions which apply only to Telecommunications Service Providers. In the RIAS, Industry Canada suggested that the tem applied to many providers of telecom services beyond traditional telcos like Bell. The CRTC repeated this noting that CASL’s definition is much broader than that provided in the Telecommunications Act and would extend to OnStar provided by General Motors.
For more information about CASL, see, CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline.