Posted: June 22, 2017
The Canadian Anti-Spam Legislation (CASL) is a series of regulations that are placed on businesses that market to Canadian consumers and businesses. Almost all electronic means of communications for commercial purposes fall under the scope of CASL. Forms of communication covered include email, text, instant messages, social media messages, and installation of computer programs.
Although CASL was enacted in 2014, the Private Right of Action (PRA) provision was not set to go into effect until July 1st, 2017. This provision was established to allow lawsuits to be filed against entities for alleged violations of the legislation and to enable fines of up to $200 per infraction not to exceed $1,000,000 per day. Simply, the PRA would give businesses a disadvantage in marketing and communications and would have enabled major class action law suits.
However, the PRA has been suspended indefinitely and will NOT go into effect on July 1st.
According to its press release, “the Government of Canada is suspending the implementation of certain provisions…in response to broad-based concerns raised by businesses, charities and the not-for-profit sector.” Although this is great news for businesses, penalties for non-compliance remain up to $1,000,000 per violation for individuals and up to $10,000,000 per violation for organizations. Thus, compliance with CASL should still be a priority for commercial electronic messaging campaigns.
According to CASL, each of the following would be considered violations of the requirements:
We understand compliance with these requirements can be difficult to manage. Please feel free to reach out to firstname.lastname@example.org for more information on the requirements regarding CASL, how to comply, or any other privacy, security or compliance matters.
Paul Gipson, Managing Associate at CompliancePoint, is focused on U.S. and certain international direct marketing compliance regulations. He works with clients in a variety of industries and is dedicated to provide reliable and practical consulting services. Paul has earned a Certified Information Privacy Professional (CIPP/US) certification from the International Association of Privacy Professionals, a Customer Engagement Compliance Professional (CECP) certification from the Professional Association for Customer Engagement (PACE), and has a B.A. in Business Management with a focus on consumer economics from the University of Georgia. In his spare time, he enjoys woodworking, hiking, and spending time at one of the many parks in Atlanta, where he resides.