Email Best Practices
Flight School Friday: CASL 101
We take you through the key points of Canada’s Anti-Spam Legislation (CASL) and how it affects your business
If you’re using email to communicate with your customers, you might have already heard about CASL (Canada’s Anti-Spam Legislation). While the name suggests a law applying only to Canadians, you could be affected too. Although may be headquartered outside of Canada, the customers you are engaging with might be based elsewhere or are opening email as they’re traveling. With the help of tech, the world has become flatter than ever before, enabling us to be connected more than ever before. This means more business opportunities, but also a diverse demographic of geography, culture and laws to be conscious of. As Heidi Lorenzen, CMO of Cloudwords, said at a conference recently, …Globalization shouldn’t be an afterthought.“
This Flight School Friday, we will review the basics of Canada’s Anti-Spam Legislation (CASL), which is set to be enforced July 1. As mentioned before, even if your company isn’t based in Canada, you may have to abide by the CASL if you have customers accessing their inbox from the Great White North. Here’s what you need to know:
There are two types of consent a customer can give before opting in to receive your email communication; implied or express.
Implied Consent is when there is an existing business relationship between you and the customer, but they have not explicitly given permission to be sent communication.
Customer has bought or leased a product or service from you in the past two years
Customer has signed a written or electronic contract with you in the past two years
Customer has volunteered with or donated to your charity or political organization within the past two years
Express Consent is when the customer gives explicit permission to receive communication; they either fill out a form or check a box saying they would like to receive email.
Opt-in form on your website
Check-box after purchase
It is the sender's responsibility to show proof of opt-in for every customer on your list, if solicited. If you have affiliate partnerships with other organizations where a customer signing up to receive your communication will also receive email from Company B, all parties involved are responsible for keeping record of and managing consent. If a customer opts-out of your list, you must contact Company B to reflect this within 10 business days.
For the most part, CASL is very similar to US's CAN-SPAM Act that you may be more familiar with. There are a variety of resources you can reference on the Canadian Government's website. If you're still unsure, it's always a safe bet to consult a lawyer that is familiar with CASL regulations.
The consequences of not abiding by CASL regulations are serious. Not only are there monetary penalties, butreputational costs that are less quantifiable. Sending an email without permission can set an individual sender back $1,000,000 — that number doubles to $10,000,000 for corporations. Failure to identify yourself or providing misleading identification in an email can even lead to jail time and fines; up to one year for individuals and up to 14 years for corporations. While these are examples of financial and legal penalties, there are also reputational costs to consider. Being listed as a spammer as a result of not complying with CASL makes it hard for your future sends to pass through ISP filters. The impact is far-reaching as your sender reputation is tied to the IP address from which you send email.
THE GOOD NEWS
Good news is that you have until July 1st, 2017 to review your contact lists for type of consent, proof of opt-in and double-check opt-out requests. After the three year period, class action lawsuits will be filed against senders who violate CASL. And it doesn't have to be a tough transition — the laws are in place to protect, not hurt businesses, after all. CASL challenges senders to create higher quality email and keeps the inbox free of malicious spam that can dilute the consumer's email experience.
[ Posted Fri, 27 Jun 2014 15:19:47 ]
The AI data privacy conundrum: Is ChatGPT safe?
It’s big. It’s new. And it’s scary. No, not the latest TV series reboot. We’re talking about artificial intelligence (AI) and ChatGPT privacy, and how these new tools are upending industries and making people, businesses, and governments wonder about the safety...
ePrivacy: Everything you need to know about the EU Cookie Law
What do you know about the EU Cookie Law? You’ve no doubt taken efforts to comply with GDPR, but you should also be prepared for the new ePrivacy directive that’s about to take effect. How can you do that? In this article, we have summarized everything you need to...
Marketing calendar 2024: Dates you shouldn’t miss this year
We finally got through 2023 (phew!) and Q1 is just around the corner. It’s time for you to start scribbling down your New Year’s Resolutions to make sure we start the year with a bang. If you’ve found your way here, we’re guessing that’s because creating a winning...