Many of us here in Canada have likely experienced an onslaught of “consent request” emails in the last few months. “In order to respect the new Canadian anti-spam legislation,” they say, “we ask you to confirm your consent.” The Canadian anti-spam legislation (CASL) comes into effect July 1st, 2014. So what exactly does this legislation entail, and what does “consent” mean in this context?
In an attempt to clear up some of the confusion, the ADR Institute offered a free webinar this week on the soon-to-be-implemented CASL. Led by corporate lawyer Ralph Kroman (WeirFoulds LLP), the webinar was a thoroughly insightful and understandable overview, taking specific care to address to concerns of ADR professionals.
The bad news? Mr. Kroman says that Canada’s new legislation is possibly the most draconian anti-spam legislation in the world. As opposed to American law, which only mandates that commercial emails have an “unsubscribe” mechanism, Canadian law will now require that individuals and organizations have the consent of all recipients of their commercial emails. The penalties for offenders are steep: the maximum penalty is $1 million per violation by an individual or $10 million per violation by an organization.
As a family mediator or other ADR professional, you may think that none of your emails would qualify as something that can be marked as “spam.” But under the new legislation, it’s not your intention as a sender that matters: it’s how the person whose inbox your email lands in receives it. What exactly constitutes a commercial electronic message (CEM)? Well, the definition is pretty broad: if your email can reasonably be determined to encourage the recipient to participate in any commercial activity, it can be spam. For instance, emails doing any of the following could be considered spam if sent without consent:
- Offering mediation services
- Announcing upcoming ADR training or courses
- Promoting yourself as an ADR professional
The good news? There are ways to protect yourself and your business, and to adopt stronger email list management practices in the meantime. Before July 1st, sending a blanket consent request (yes, those emails we’ve all been inundated with) to obtain records of express consent is definitely a good idea, especially for those with large mailing lists. There requests must include the following information in order to comply with the legislation:
- The option to give consent, and a clear statement that the recipient can later withdraw consent by unsubscribing
- The purpose of obtaining consent (what types of emails they will receive if they consent)
- For whom you are requesting consent (your organization’s name)
- Your mailing address
After July 1st, any new additions to your mailing list should be given this information – and there must be a record of it. (Oral consent is only good if there is a recording!) For instance, email list sign-up sheets at conference booths should likely now have all of the above information clearly stated.
There can be some exemptions to the need for express consent. You can also choose to rely on implied consent based on past dealings for some of your subscribers, but this can prove a bit trickier. Consent can be implied due to business dealings when:
- The recipient has made a purchase from you or been in a contract with you in the past 2 years: For instance, a mediation client or training participant who paid you or was in contract with you in the past 2 years may have implied their consent to received CEMs from you. But, a system likely needs to be in place to check your dates – it has to have been within 2 years of the date you send each CEM.
- The recipient has made an inquiry or application in respect to business matters in last 6 months: For instance, someone who emails you to inquire about your ADR services may have implied their consent to receive CEMs from you for 6 months – but again, you need to keep track of the dates!
- Business card exchange: If the recipient of a CEM has given you their business card AND the email content is relevant to their business, then consent can be implied. (But you need to have the business card for proof!)
This is not an exhaustive list of the exemptions under the act, but these are likely the most relevant to ADR professionals. Remember, that when relying on the implied consent of your subscribers, the onus will be on you as the CEM sender to prove it if there’s a complaint– so you may want to make sure your records are in order. And, there still needs to be the option for recipients who have implied consent to withdraw that consent by unsubscribing.
All this being said, it is unlikely that a sole practitioner or small ADR firm is going to be targeted, and especially with the maximum penalties. It’s probably safe to assume that the main purpose of the new legislation is to target senders of true “junk” mail – when the content of emails is not only irrelevant to your business and unsolicited, but has no unsubscribe option. Nonetheless, the safest course of action is likely to adopt practices that conform to the new laws. The bonus is, you know your email list is chock-full of subscribers who say they want to be there.
