The Government just revised the fightspam.ca website. The site now has more information about CASL and how it will be enforced. In addition, and likely because of the heavy criticisms of CASL, the site purports to clarify some “myths” about CASL.
The new website does give facts about CASL, although they are incomplete. Some of the so called myths about CASL are more fact than myths. For example:
MYTH: I won’t be able to use email or my current email list to promote my products and services.
Fact: You can continue to use email if you have express or implied consent from recipients. During the 36-month transition period, you can continue to use your current email list if
- you have previously provided your products or services to them an
- they haven’t told you to stop.
Comment: Organizations can rely on express consents and only two types of “implied consents”, those arising because of an existing business relationship or a non-existing business relationship, as defined in CASL. CASL does not recognize existing implied consents that are valid under PIPEDA. If the databases organizations have relied on for the last decade to remain PIPEDA compliant do not differentiate between the types of consents they have, they are at risk in continuing to send CEMs to their customers. This was pointed out to the Government in submissions during the GIC regulations consultations. But, the Government did not fix this problem. See, CASL Industry Canada regulations: summary and comments, Canada’s anti-spam law, too much of a good thing.
MYTH: Compliance is going to be onerous and costly for businesses.
Fact: Businesses that already comply with privacy laws and use common best practices for email marketing will require little effort to comply with CASL. The 36-month transitional provision provides time to adjust and seek express consent from pre-existing clients.
Comment: The differences between CASL and PIPEDA are very significant. The most important difference being that PIPEDA recognizes implied as well as express consents. Compliance with PIPEDA was best practice. CASL changes the rules. There are huge investments that have to be made to move from PIPEDA to CASL having regard to the differences in the consent regimes. Further, for the reasons given above, the 36 month transitional provision has major gaps that make the transition much more onerous than it has to be.
There are also tremendous problems in determining what electronic messages are covered by the legislation and how the various exemptions will be interpreted. Then there are challenges in addressing the prescriptive rules dealing with obtaining consents and the information and unsubscribe mechanism that has to be included in every CEM. For example, some messaging systems do not support the insertion of new data fields that are needed for such information. Numerous organizations also have separate contact management databases that do not support unsubscribing at the organizational level, something required by CASL.
Anyone who has talked with Canadian organizations in the last year would know CASL is expensive, onerous and in some cases pragmatically impossible to comply with. It was aptly described in an opinion piece published by Margaret Wente in today’s The Globe and Mail titled This spam law is a sledgehammer (online Anti-spam law is ludicrous regulatory overkill). In it she said: “The law is a sledgehammer. It will harass the innocent and leave the guilty largely untouched. The only winners will be consultants and lawyers. On top of that, the problem it’s supposed to address isn’t really that important. There are things known as spam filters. They’re not perfect, but they’re not bad.”
MYTH: CASL won’t stop spam from overseas.
Fact: No law will eliminate all spam, including that from overseas. CASL allows Canadian enforcement against spammers operating in Canada.
Comment: There is little evidence that CASL will be effective against spam from overseas. In fact, most commentators believe that CASL’s onerous regime will almost invariably be applied much more against Canadian than overseas international spammers. Margarete Wente touched on this in her opinion in The Globe and Mail today stating “The anti-spam law is a ludicrous example of regulatory overkill. It hurts folks who, by any reasonable definition, aren’t spamming anyone at all. And it won’t touch the real offenders, such as those responsible for the estimated 98 per cent of our spam that originates outside Canada.” She went on referring to the CRTC’s enforcement capabilities “But its resources, alas, are finite. It almost certainly is powerless to shut down the real villains – the Nigerian scammers, the Viagra peddlers and the people masquerading as my bank who want me to send them my credit card number. Besides that’s a criminal matter, not a regulatory one.”
Fact: There are no automatic penalties. The CRTC has a range of enforcement tools available, from warnings to penalties (up to $1 million for individuals and $10 million for businesses).
Comment: Of course the penalties are not automatic. However, the “myth” is completely true. The potential for severe penalties and class actions has significantly contributed to the fears about CASL and sending electronic messages that could be viewed by the CRTC as CEMs. Margaret Wente commented on the fines in her article saying “Ridiculous indeed. The fines are mind-boggling: up to $1-million for an individual or $10-million for a company that violates the legislation. Officers and directors of any organization can be held personally liable.”
Another article published this morning Will Anti-Spam law Hurt Realtors observed that “With fines of up to $10 million for businesses and $1 million for individual offenders, Canada’s new anti-spam law seems to be designed to intimidate.” Laws should intimidate bad actors like environmental polluters. Laws should not be designed to intimidate free speech, especially by honest people who can’t legitimately figure out which speech is being censored and don’t have the resources to get legal opinions every time they send out emails.
For more information about CASL, see, CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline.
1 comment
“MYTH: I heard that I could be fined up to $10 million for sending an email and that there could be class actions.”
What’s the procedure for getting charged for a CASL-violation?
For example, company ABC sends a CEM with, let’s say, no unsubscribe mechanism to John, Peter, and Emily (i.e. 3 messages, so ABC is now a subject to a $600 charge). What should happen for ABC to actually be charged?
Should there be an actual lawsuit from John, Peter, and Emily (separate lawsuits or class action)? Or does the Government of Canada applies the charge for breaking the law (i.e. no lawsuit were started, but John, Peter, and Emily reported ABC to, for example, CRTC.