Canada’s Anti-Spam Legislation to come into force on July 1, 2014
By now many of you will be aware that on December 5, 2013 the Government of Canada announced that the majority of its Anti-Spam Legislation (CASL – pronounced: castle) will come into force on July 1, 2014.
There is some good news for charities, which along with political parties have been exempt from CASL in a manner not dissimilar to the DNCL (Do Not Call List) legislation passed a few years ago. However, many NFPs will want to take note of these changes since the legislation applies to all CEMs (commercial electronic messages) – whether or not there is an expectation of profit – and it is these messages that fall into the first of the three parts of the act to come into force.
Organizations will need to ensure that they have appropriate processes, procedures and record keeping in place, in order to obtain and track consent.
Consent: If your organization has not already done so you will want to begin to collect written consent from those you hope to solicit via email (this consent will be valid for 18 months). In addition, ongoing relationships, including membership in your organization, volunteer work completed for your organization and donations made, will function as consent for a period of two years.
Requirements: All electronic messages, even those sent to individuals from whom you have obtained consent, must contain the contact information of the sender (including a return address) and an opt-out/unsubscribe function.
Penalties: The maximum penalty per the act is $10 million and the act does extend liability to your organization’s directors and officers. However, one can only assume that it will be unlikely that a fine of that magnitude would be levied against a not-for-profit.
Next Steps:
- Determine the individuals from whom you have consent by virtue of ongoing or recent relationships.
- Seek written consent from any individual not covered under step one who you are likely to send CEMs to after July 1, 2014.
- Keep a list of all individuals from whom you have obtained consent, ensure the list is updated whenever someone opts-out – many email systems will do this work for you.
- Configure outgoing CEMs to ensure that the sender’s information is clearly identifiable and make sure the way to submit an unsubscribe request is clear.
Not sure that you are in compliance? It is best to seek legal advice where clarity is required.