U Need to Know: Canadian Anti-Spam Law (CASL)


Published on

The Canadian Anti-Spam Law (CASL) goes into effect on July 1, 2014. Review this slidedeck to get the basics and better yet, to prepare

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

U Need to Know: Canadian Anti-Spam Law (CASL)

  1. 1. TheU: What you need to know about the Canadian Anti Spam Law
  2. 2. Your Presenter: www.highroadsolution.com Jenny Lassi has been affiliated with HighRoad Solution for 7 years first as a client and then as an employee.With experience handling deployments and deliverability for a wide range of clients with optimized recipient engagement top- of-mind, Jenny routinely trouble shoots deliverability issues from ISP level filtering to email client level filtering (email Forensics as she refers to them). She also consults with clients on authentication, content, content strategy, email preference center management & other deliverability optimization tactics.
  3. 3. Today’s Content www.highroadsolution.com • What is CASL? • What is CAN SPAM? • How does CASL compare to CAN SPAM? • Will your organization’s eMessaging be impacted by CASL? • If impacted, what can you do to be in compliance? • References & Resources
  4. 4. What is CASL? www.highroadsolution.com Canada’s Anti-Spam Legislation or Canadian Anti-Spam Law Going into effect July 1, 2014
  5. 5. What will it do in theory? www.highroadsolution.com Legislation is written in efforts to reduce the amount of SPAM emails that reach your inbox, give power to enforcement agencies to penalize offenders and reduce the need for other SPAM reduction efforts (Email server filtering software, etc.) that cost organizations thousands in software and manpower to manage.
  6. 6. CASL Fast Facts www.highroadsolution.com Prohibits sending commercial eMessaging without the recipient's express consent, including messages to email addresses and social networking accounts, and sms text messages sent to a cell phone Prohibits the alteration of transmission data in an electronic message which results in the message being delivered to a different destination without express consent Prohibits the installation of computer programs without express consent Prohibits using false or misleading representations online in the promotion of products or services Prohibits the collection of personal information through accessing a computer system in violation of federal law (e.g. the Criminal Code of Canada) Prohibits the collection of electronic addresses by the use of computer programs or the use of such addresses, without permission (address harvesting)
  7. 7. CASL Basics for Email www.highroadsolution.com CASL is essentially an opt-in legislation and permits email marketers to send CEM (Commercial Electronic Messages) only to recipients who have asked for them or otherwise given consent to receive them specifically from your organization. Express (or Explicit) Consent: Membership or subscription sign-up collects consent, date, time & email address Enewsletter subscription sign-up collects consent, date, time & email address Implied Consent: CASL does have language that speaks to implied consent if Expressed consent was not obtained but a previous relationship exists between CEM sender and recipient. CASL language does give 2-years to gain Express consent if you have Implied consent.
  8. 8. What is required for compliance? www.highroadsolution.com Express Consent To obtain express consent the email sender must: 1. Clearly describe the purposes for requesting consent 2. Provide the name of the person seeking consent, and identify on whose behalf consent is sought, if different 3. Provide contact information for either of those persons (mailing address and either a telephone number, email address of web address) 4. Indicate that the recipient can unsubscribe
  9. 9. Enforcement Agencies www.highroadsolution.com There are three government agencies responsible for enforcement of the law.When the new law is in force, it will allow: The Canadian Radio-television andTelecommunications Commission (CRTC) to issue administrative monetary penalties for violations of the new anti-spam law. The Competition Bureau to seek administrative monetary penalties or criminal sanctions under the Competition Act. The Office of the Privacy Commissioner to exercise new powers under an amended Personal Information Protection and Electronic Documents Act.
  10. 10. What is CAN SPAM www.highroadsolution.com The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003) was signed into law by President GeorgeW. Bush on December 16, 2003 and establishes the United States' first national standards for the sending of commercial email and requires the FederalTrade Commission (FTC) to enforce its provisions.
  11. 11. CAN SPAM Basics www.highroadsolution.com CAN SPAM is essentially an opt-out legislation and permits email marketers to send unsolicited commercial email as long as it adheres to 3 basic types of compliance defined in the CAN-SPAM Act: unsubscribe, content and sending behavior compliance: Unsubscribe: An unsubscribe mechanism present in all emails Opt-Out requests that are honored within 10 business days Opt-Out lists that are only used for compliance purposes Content compliance: Accurate friendly from names Relevant subject lines A label if content is adult in nature
  12. 12. CAN SPAM Basics www.highroadsolution.com Sending Behavior: A physical address of publisher or advertiser A message cannot be sent to a harvested email address Cannot contain a false header Email should contain at least one sentence Email cannot be null or blank Exemptions: Transactional messages Relationship messages
  13. 13. How does CASL differ from CAN SPAM? www.highroadsolution.com CASL Requires Express consent or Opt-In from Canadian subscribers Opt-In Legislation Cannot send email without permission to Canadian subscribers Personal or Family relationship exemption CAN SPAM Requires unsubscribe mechanism in emails sent to US subscribers Opt-Out Legislation Can send without permission if you allow recipient to unsubscribe You can send to any subscriber as long as you allow them to unsubscribe
  14. 14. www.highroadsolution.com CASL Transaction messages are exempt from express consent rule and also exempt from unsubscribe rule Refer a friend and Forward to a Friend methods of email sending exempt from Express consent rule Emails required by law are exempt CAN SPAM Transaction messages are also exempt from unsubscribe rule Refer a friend and Forward to a Friend methods of email sending exempt and unless they sign-up, they are not a part of the email database Can send any email, including legal notices, product recalls, safety information as long as there is a way to unsubscribe How is CASL similar to CAN SPAM?
  15. 15. www.highroadsolution.com Will your organization be impacted? Yes if: You send emails to Canadian email addresses (with or without your knowledge) You do not know if your existing business or non-business relationship with the recipient means you have Express consent , Implied consent or no consent Your membership sign-up does not clearly communicate that they consent to receiving emails from your organization as a part of their membership You allow non-members to subscribe to your available eNewsletters and you do not have a date/time stamp of the subscription submit
  16. 16. www.highroadsolution.com Will your organization be impacted? No if: You collected express permission from all members & non-members when signing up or all non-members when they subscribed to available newsletters. You only send transaction messages and no marketing/commercial email You obtained express consent under PIPEDA and/or other privacy legislation prior to CASL going into effect on July 1, 2014
  17. 17. If you are impacted or think you may be, what now? www.highroadsolution.com
  18. 18. ACT NOW! www.highroadsolution.com
  19. 19. Where should we start? www.highroadsolution.com Membership sign-up process express consent audit Non-Member eNewsletter subscription process audit Data Audit - Identify Canadian email addresses that end in .CA in your database or clarify if Country was a required field in either your membership sign-up process or non-member eNewsletter subscription process
  20. 20. Client Case Study www.highroadsolution.com
  21. 21. Case Study Scope www.highroadsolution.com Our client is a member driven organization based in Toronto. They analyzed their membership sign-up process and non-member enewsletter subscription process and determined that they had “Express Consent” from members, but their legal department did not feel they had express consent from non-members even though non-members subscribed to emails and this could be construed as a prior business relationship that has “Implied Consent.” They deployed an email message to non-members May 2013 to drive non-members to give “Express Consent” by logging into their online subscription portal and giving permission to continue to send them email.
  22. 22. Case Study www.highroadsolution.com Sent to over 45,000 non-members 80% Delivery Rate 29.78% Open Rate 49.23% Click Rate
  23. 23. Case Study www.highroadsolution.com Approximately 6,597 non-members driven to re-permission landing page. All non-members who did not respond were scrubbed from the email marketing database and flagged in AMS as do-not-contact by email.
  24. 24. Re-Permission Campaign www.highroadsolution.com Whether you didn’t collect Express Consent for your members at the time of sign-up or for your non-members at the time of their eNewsletter subscription process, there are tools you can use in your email platform to re-permission subscribers. Step One: Identify/Segment which subscribers are affected Do a search for any email addresses that end in .ca and also review your subscription process to see what data is captured at the time of sign-up. If your association automatically sends emails to all that sign up for membership, have your legal department review the language on the page. If it does communicate to them that will receive emails by submitting/applying for membership, they consent to receiving these emails and at the time of submit, a date/time stamp is saved? If not, you need to re-permission these subscribers.
  25. 25. Re-Permission Campaign www.highroadsolution.com StepTwo: Create a segment and also save a list export of all of those affected You will need to deploy an email to these subscribers to drive them to a landing page to collect permission. If this landing page is on a re-permissioning system you have built, great.You can skip next steps. If you were to use your email platforms sign-up widget that is hosted on a landing page, you will have a few more steps.
  26. 26. Re-Permission Campaign www.highroadsolution.com StepThree: Create a sign-up widget and host on a landing page Create a sign-up widget that puts all subscribers into a segment you call Canadian Permission. Put that widget code on a landing page. Then send an email driving subscribers to the landing page. When you do this, the email platform should track the date/time of the submit as well as takes it up a notch with tracking the IP address. NOTE: Every platform handles this a bit differently so test if subscribers have to be deleted from your account just after you deploy the email so when they are reintroduced, the system tracks date/time. At this time, DOI is not a CASL requirement.
  27. 27. Re-Permission Campaign www.highroadsolution.com If you have an email preference center application that functions as a subscription sign-up form this could also be utilized to obtain Express consent for a re-permission campaign.
  28. 28. BeforeYou Send… My $.02 www.highroadsolution.com This deployment is important and you need to make sure you have done everything you can to reach an inbox. Permission and Re-Permission campaigns may not net you the response rate you would like, but if your emails are getting routed to SPAM folders or going missing, all this effort will go to waste and you’re wasting money. Deliverability Check List: - Have DKIM/SPF authentication in place - Send email traffic on a warm IP - Manage the bounce logs, address root issues of bounce and re-deploy
  29. 29. Best PracticesTakeaways www.highroadsolution.com • Work with your legal team to isolate/segment affected subscribers • Member driven organizations may have Implied consent for members but consult your legal team to define these requirements for you • Update existing member sign-up processes and non-member subscription processes to obtain Express consent if you don’t already • Start now to deploy a re-permission campaign to Canadian email subscribers that do not have Express consent • You will need to capture date, time, email address to prove Express consent at the time of sign-up or re-permission • Take permissioning a step further and collect the IP address of the submit location
  30. 30. Questions? www.highroadsolution.com
  31. 31. Next Up atTheU: www.highroadsolution.com TheWorld of Content Marketing:Why It's the HottestTrend for 2014 When: Friday, January 24th Time: 2- 3 pm Eastern Content Leader: Mitchell Beer, President, Smarter Shift CAE Credit: 1 hour may be earned for participation in the live webinar Register: https://www.eventsforce.net/hrs/frontend/reg/tOtherPage.csp?pageID=3419&ev entID=14&eventID=14
  32. 32. Thank you! www.highroadsolution.com Other questions for Jenny? eMail = jenny@highroadsolution.com Twitter = @highroadjenny
  33. 33. References & Resources http://fightspam.gc.ca/eic/site/030.nsf/eng/h_00039.html http://www.cba.org/cba/submissions/PDF/11-43-eng.pdf http://www.business.ftc.gov/documents/bus61-can-spam-act-compliance-guide-business http://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003 https://www.priv.gc.ca/information/pub/gd_phl_201106_e.asp http://www.mondaq.com/canada/x/281088/Telecommunications+Mobile+Cable+Communic ations/Canadas+AntiSpam+Legislation+Comes+Into+Force+July+1+2014 Melissa J. Fitzgerald, Esq., CIPP | Vice President, Privacy Consulting & Counsel ATA-SRO Certified Auditor GRYPHON - Unlock Your Marketable Universe Phone: 781.278.1922 | Cell: 617.899.4431 Email: mfitzgerald@gryphonnetworks.com Follow on Twitter @GryphonCore www.highroadsolution.com