CASL Update 5/1/18: Although it was in question for some time, the Canadian Government has reaffirmed that the “Private Right of Action” is still effective. One legal interpretation can be read here
On July 1, 2017, the private right of action came into force for the Canadian Anti-Spam Legislation – or CASL. Before this date, only the Canadian Government could pursue legal action against alleged spam communications. After this date, private citizens can also take action. This means there will be a far greater potential to have any unsolicited email reported or prosecuted. The potential fines for breach of CASL: $1 million for individuals and $10 million for companies and organizations.
Scary right? Not if you are well prepared. The following checklist will give you an idea if you are truly prepared:
To do in Preparation:
- Talk to your legal department and confirm your company’s position on CASL.
- At the same time, confirm with legal what is commercial communication (marketing or selling) and what is transactional communication (expiry messages or outage information) to be sure you are not sending commercial communications to non-compliant contacts.
- Check the country details in your database. If you have country values that are blank, create a data capture process to ensure the country is always gathered. Suppress commercial emails to any contact who has not given their express consent if their country is unknown. Do not assume a contact is ‘safe’ if you don’t know where they are from as they may be from a country with strict privacy or anti-spam laws.
- Be sure you know all communication avenues and be sure they are all compliant. You may well have 100% compliance in your marketing automation tools, but another department might use another system for sending emails – are they compliant too?
- Implement an air-tight compliance process for all Canadian contacts in your database.
- Have a process of proving consent:
- Can you prove the date and source of consent being captured for all Canadian contacts?
- If you cannot, how will you prove you are in accordance with the law?
- Run full test scenarios for all data capture points. Find the weaknesses and correct them.
If you have any gaps with the above checklist we strongly advise you to address them. Here is an example of a company being fined for breaching CASL. The Canadian government is committed to this law and will prosecute offenders.
4Thought Marketing has a suite of Oracle Marketing Cloud Apps (for Eloqua, Responsys, Infinity, and more) that enable Compliance under CASL, GDPR, CCPA, and other regulations. We have successfully implemented compliance solutions for many companies to ensure they stay on the legal side of CASL. Contact us if you have any concerns your company could be at risk of breaching the law and risking heavy fines.