As a marketer or business owner, you know that email marketing is an essential tactic in any business toolkit. It is cost-effective, easy to execute and, if done right, efficient. However, it is your responsibility to make sure that your email marketing operates within legal parameters. Sending commercial electronic messages (CEM) in Canada has become a strictly regulated environment and understanding of Canada’s anti-spam legislation (CASL) is a must to protect your business.

CASL regulates a broad range of activities including sending CEM, installing software, collecting email addresses without consent and so on. In this post, I will cover key CASL requirements related to sending communications and how it impacts your email marketing.

About CASL

One of the purposes of CASL is to protect Canadians from undesirable emails by introducing a set of regulations for organizations that communicate with the Canadian audience via email, text or any other similar messages. Any commercial electronic message (CEM) that promotes your business or encourages a recipient to participate in any commercial activity (advertisement, service or product offer, etc) fall under CASL umbrella. Key CASL adoption milestone dates are:

July 1, 2014 - CASL went into effect
July 1, 2014 - July 1, 2017 - a three-year transitional period that was given to allow organizations to adopt new practices in sending CEM

After July 1, 2017, your email marketing has to be fully CASL compliant. If you fail to follow the regulations, you can be fined up to $1M as an individual and up to $10M as a business. At this time there is no room for any mistake.

How to ensure you are CASL compliant

Since the regulations of CASL have fully taken effect only in 2017, it is common that many people still have questions and concerns related to adoption mechanisms, processes, and best practices. Below is a review of the main requirements to ensure your email marketing is covered.

1. Customer consent

CASL makes it very clear that in order to send any commercial message, you need to get a customer’s consent. As you may know, there are two types of consent - implied and express.

Implied consent is based on the existing business relationship that resulted in purchasing of product or service. For example, if you bought a product from a brand at least once, this is considered an implied consent. It can also be an activity such as the purchase of membership in a non-profit organization or volunteering. Implied consent does not last forever. In case of the existing business relationship, the consent expires 2 years after the purchase of a product. When it comes to non-business activity, your 2 -year period starts on the day your relationship (e.g. membership) ends.

Express consent is based on an agreement (in writing or orally) with receiving emails from your organization. Usually, it is conducted through CASL compliant sign-up/opt-in form.

Unlike implied consent, express consent does not have an expiry date and is valid until a person decides to unsubscribe. Check out Implied VS Express consent at a glance.

After July 1, 2017, (the end of transitional period) you can send a CEM to a person with either an express consent or with a valid implied consent, collected during the transition period, and that will eventually expire. Also, make sure to collect and keep records of all your consents.

2. Identification

Your CEM has to include your business name (if different from your name), including mailing address, phone number, email or website. The same criteria apply to the message sent on behalf of anyone else. When the message is sent on behalf of multiple people, it is acceptable to provide a valid and accessible web page containing this information.

3. Unsubscription mechanism

As a marketer, having your customer want to unsubscribe is the last thing you want.

Even if you do a good job by sending relevant and valuable content, your audience has to have access to an easy-to-find, working unsubscribe link. CASL makes it also clear that it is your responsibility to handle this requirement. You have to manage the mechanism by processing an unsubscribe request within 10 days.

Even though, the unsubscribe mechanism is a must, you can give your recipients an option to either unsubscribe from all types of messages or some of them. By doing so, they can give it a second thought before making a final decision on how to interact with your brand.

Some companies decide to separate “Unsubscribe” and “My preferences” form allowing recipients to manage their level of engagement. Give them a reason to stay but let them decide.

How to get started

Managing your mailing list under CASL can be a daunting task. To do it right, you need to understand the topic and have a clear action plan. Your ultimate goal is to develop an email marketing program that is CASL compliant. Let me share with you a few tips on some steps in revisiting and managing your mailing list.

Audit your existing mailing list, consent status, and associated forms
Clean up your list by removing emails with a non-compliant status
Set up a mechanism to track your implied consent expiry date and keep records of all your consents
Ensure your sign-up form collects express consent in compliance with CASL. You need to ask for the proper information.
Make sure your email has an easy-to-find unsubscribe link and all identification details
Grow your mailing list by adding recipients with only express consents.