I was recently asked a question about CASL (Canada’s Anti-Spam Legislation) and whether it applies to international senders? It turns out that the answer, like CASL, is a bit complicated.
Before I get into the international requirements, I thought it might be good idea to review what exactly CASL means for a normal Canadian business contacting Canadians. CASL relies on opt-in, which puts the onus on the sender to prove they have the right to contact the recipient. To determine if a contact qualifies the relationship must meet one of the following three tests:
- Expressed Consent:
If a contact has selected an opt-in option to receive email messages from you or your company, then this customer qualifies as expressed consent. Once you have expressed consent you can mail these customers until the end of time (or at least until they opt-out). - Implied Consent:
It wouldn’t be fair if you couldn’t contact your own customers, and this is where implied consent comes into play. These are customers who have made a purchase from you but have not expressed consent by opting in. For these customers you have up to two years from their last purchase date to convince them to opt-in. Any new purchases reset this timer. Additionally, if you contacted these customers prior to July 1, 2014, then you have three years to convert these customers to expressed consent. - Existing Business Relationship:
If someone contacts you with questions, it wouldn’t make sense if CASL stopped you from replying. That’s why CASL grants up to 6 months to gather expressed consent from customers who inquire about your company.
Special exemptions also apply for registered charities and government campaign fund-raising. But for everyone else, compliance is your best option, especially with potential fines for non-compliance of up to $10,000,000 for companies or $1,000,000 for individuals.
Now what does this mean for international email senders? CASL is interesting in that it applies to the computer system used to access the message, if it is located in Canada. That’s a unique and far reaching distinction, and potentially allows CASL to cast a very wide net to anyone sending a message to a Canadian computer.
The CRTC states “If the spammer is offshore, we have the ability under the law to cooperate with foreign governments, to share information and to bring proceedings together against individuals that are offshore.” That’s a lot of bark, but it’s yet to be seen if CASL has any bite. But it does send a clear message to international companies, that if they plan to email into Canada, it will be important that they ensure they are CASL compliant.
For further information, you can access the CRTC’s frequently asked questions on CASL.