This article has been contributed by Darrell Gold LLB with Robins Appleby LLP.
You may already be receiving specific e-mail notices from businesses asking you to “click to consent” to continue receiving their emails. This article will explain why.
What is CASL: Federal legislation passed in 2010 that prohibits sending commercial electronic messages (“CEMs“) (aka SPAM) unless you received express or implied consent from the recipient, (subject to certain limited exceptions).
What is a CEM: It is an electronic message sent to an electronic address to encourage participation in a commercial activity including messages that offer services, advertise or promote services, or promote a person as being someone who performs such services. It applies to most forms of electronic messaging, i.e. e-mails, text messages, and certain messages sent via social networking. Voicemail and fax messages are excluded.
How is Consent Obtained: Consent must be express or implied.
Express Consent – Orally or in writing and must include: (i) the name of the person or company seeking consent; (ii) the contact information (mailing address and either a phone number, e-mail address or web address for the company); (iii) a statement that the individual can withdraw consent; (iv) an unsubscribe mechanism (via return e-mail or link), which must be effective within 10 business days. All CEMs must contain the above information as well. Consents cannot be “bundled” with the general terms and conditions of use or sale and must be an “opt-in” consent where the recipient checks a box or enters an e-mail into a field.
Implied Consents: – There are three exemptions where express consent is not required and will be implied: (i) the “existing business relationship” exemption i.e. a business relationship between the sender and the recipient arising from: A. a current written contract or one expired within the previous two years; B. the purchase of goods or services within the previous two years; or, C. an inquiry or application by the recipient made within the previous six months. (ii) the “business card” exemption – if the recipient disclosed their electronic address to the sender (e.g., by providing their business card) without giving notice that they do not want to receive unsolicited commercial messages. The CEM must be relevant to the recipient’s business, role, functions or duties in a business or official capacity, e.g. a soccer ball manufacturer emailing a sporting goods store; (iii) the “published electronic address” exemption – where the recipient has conspicuously published (or caused to be published) their electronic address (e.g. a website), without any notice indicating that they do not wish to receive commercial messages. Again, the CEM must be relevant to the recipient’s business, role, functions or duties in a business or official capacity.
When Does it Take Effect: In force on July 1, 2014 subject to a 3 year transitional period for implied consents for “existing business relationships”.
Consequences of Non-compliance: Administrative monetary penalties of up to $1 million per violation per person and $10 million per violation per business entity. A private right of action in court to seek actual and statutory damages against individuals and organizations who may have violated CASL. (The private right of action is subject to a transitional period ending the earlier of July 1, 2017 or until the recipient unsubscribes, whichever is sooner without regard to the two-year limitation period noted above, provided the relationship already includes the sending of CEMs).
Who Enforces Compliance: The Canadian Radio-television and Telecommunications Commission (“CRTC“) can issue administrative monetary penalties for violations. The Competition Bureau can seek administrative monetary penalties or criminal sanctions under the Competition Act. The Office of the Privacy Commissioner can exercise new powers under an amended Personal Information Protection and Electronic Documents Act.
How Is Non-Compliance Reported: Consumers, businesses and other organizations will be able to report CEMs sent without consent; and/or CEMs with false or misleading content, via: www.fightspam.gc.ca on July 1, 2014. This information will be used by the three enforcement agencies (the CRTC, Competition Bureau, and Office of the Privacy Commissioner) under CASL.
Proving Consent was Given: The person alleging consent was given has the onus of proving it.
Where CEM Consent is Not Required: No consent is required when the CEM solely:
(i) provides a quote or estimate that the recipient requested;
(ii) facilitates, completes or confirms an existing transaction;
(iii) provides factual information about a product or service;
(iv) is an inquiry to a person engaged in a business activity and is related to that activity;
(v) is in response to a request, inquiry or complaint or is otherwise solicited by the recipient;
(vi) is to someone with whom the sender has a “personal” or “family” relationship;
(vii) is by way of a third party referral (first message only) where a third party (the referral provider) has an existing business relationship or a family or personal relationship with both the sender and the recipient;
(viii) is within an organization;
(ix) is between organizations in a relationship and the message concerns the activities of the recipient organization;
(x) is to satisfy a legal or juridical obligation;
(xi) is to a limited-access, secure and confidential account to which only the account provider sends messages (e.g., bank);
(xii) is from Canada with a reasonable belief that it will be accessed in another (listed) country;
(xiv) is by a charity or political party soliciting donations or contributions.
The Lessons: 1 For an implied consent – the business card or other form of disclosure should be kept in the sender’s records. 2. Oral consent can be shown if consent is verified by an independent third party or an audio recording of consent. 3. Track and update your client/customer lists regularly to indicate who has consented and if it was express or implied. 4. Revise your website to provide that email addresses on it are not consent to receipt of 3rd party CEMs. 4. CASL also deals with other electronic threats to commerce, such as the installation of computer programs and the alteration of transmission data, without express consent including malware, such as computer viruses.5. Consider adding an “express consent” box to your standard form agreements and retainer letters.
Disclaimer: This article is for general information purposes only and not intended as or to be relied upon for legal advice. Consult with a lawyer for your unique situation.
[*If there is a general real estate or leasing related question you would like to see addressed in a future article in “The Legal Corner”, please contact me directly by e-mail at firstname.lastname@example.org with your suggestio
n. Not all requests can be accommodated.]