It’s hard to sit down and write a simple email these days without someone asking: “do you have CASL consent?” Gone are the days of endless spam and an inbox filled with newsletters and offers which, as a consumer, could sound idyllic. But what exactly is CASL and what does this mean for a business owner?
CASL or the Canadian Anti Spam Legislation was put in place on July 1, 2014. The name of the Legislation is An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act. However, since this is quite the mouthful, CASL is used as a short title. The legislation requires businesses to have consent before sending out any commercial electronic messages (CEMs). A CEM is anything that suggests or encourages a commercial action such as a coupon or promotion is a very broad term, and covers any electronic message that has the purpose of encouraging participation in commercial activity. CASL has some very serious consequences attached to it and so as a business owner you want to make sure you are following their rules.
Here’s a step-by-step guide on how to get, store and keep consent so that you (hopefully) never face a CASL fine of any size.
1. Identify if and how you are sending CEMs.
Do you have existing implied or express consent from your audience to send these messages?
2. Develop a plan to address any gaps in your “consent coverage.”
This could be done through a click box on an intake form. The line should read something like “Yes, I want to receive electronic communications from ATB Financial.” Many businesses run promotions to collect CASL consent, offering discounts to customers who fill out the consent form.
When requesting consent you must provide:
- The name of your organization
- The purpose for which consent is being sought
- A mailing address as well as a phone number, web address or email address where the person can get more information
- The identity and contact information of any third party used to obtain consent
- A statement indicating that the person whose consent is sought can withdraw their consent
- Easy to use unsubscribe option that contains a link or address that easily allows the individuals to unsubscribe
3. Store the consent in a safe place in accordance with privacy legislation.
There are many e-newsletter systems that can store this data for you such as Mailchimp. You can also do this through traditional email—if you do, make sure each consent form is saved. You need to be able to reference it if anyone questions that consent was obtained.
4. Make sure everyone who is using, saving or connecting with the data in any way is trained on why it's important and how it needs to get saved.
Losing or deleting even one email could have big consequences.
5. Play it safe—make sure you cross reference your mailing list with your consent list before sending any CEMs.
It is your responsibility to show when they consented to receive the message – not the other way around. Under CASL, you are required to have express or implied consent to send CEMs.
6. Research and understand the CASL rules.
There may be some best practices to follow depending on the nature of your business. For example, ATB is allowed to contact customers without consent if there is an update to a product they have with us.
Interested in learning more about email marketing and what it means to follow the rules of CASL?
Grab a copy of our entrepreneur guide to help you get started!
Other Resources: Read more about CASL and how it affects your business