Since July 1, 2014, small business owners and email marketers alike have been following the Canadian Anti-Spam Legislation (CASL) implementation timeline. As the July 1, 2017 deadline approaches, many are wondering if they have taken the necessary steps to become compliant.
Because we know that you love your audience and want to keep your email marketing lists healthy and legal, we’ve come up with a handy checklist to ensure your subscribers stay happy and help you avoid hefty penalties.
CASL is the abbreviation for Canadian Anti-Spam Legislation, which is a law enforced by the Canadian Radio-television and Telecommunications Commission. Its purpose is to protect Canadians from unsolicited commercial electronic messages including text messages, emails, and instant messages. These email marketing laws won’t prevent you from using email as part of your marketing mix, but if your organization is based in Canada and/or you have Canadian subscribers on your list, you’ll need to make sure that you’re compliant.
The law was passed in late 2010, and was effective as of July 1, 2014, however, businesses were given a three-year window from that date to ensure compliance. On July 1, 2017, that window will be closed. As of the same date, the private right of action will be enforced, giving individuals and organizations the ability to file lawsuits and seek damages against businesses who are not CASL compliant. Lawyers and lawsuits and fees, oh my! Follow our checklist to avoid that noise:
There are 4 words you need to remember when confirming CASL compliance: Consent, Identity, Unsubscribe, and Truth. Use this checklist to make sure your business’s email marketing practices are CASL-approved.
If you have an email address, chances are you’ve received a spam or phishing email from a business or individual at some point (hello, Nigerian Prince scam). Obtaining consent in this context simply means that you get permission to send emails to your subscribers. Under CASL, there are two different types of consent: Express and Implied.
Express Consent is when permission is explicitly requested, and the individual clearly agrees either verbally or in writing. An email marketing best practice is to have a “double opt-in” process, which sounds more complicated than it is. In practice, this means that when someone subscribes to your list, they then receive an automatic message following up to make sure they intended to subscribe. Replying to that email or clicking a confirmation link would demonstrate express consent. This consent is not time-limited unless the recipient explicitly withdraws it. As of July 1, 2017, express consent is required for all commercial electronic messages.
Implied Consent is less clear and explicit. One example of implied consent would be when someone makes a purchase from your business. They might not have specifically signed up for your email newsletter, but one might assume that since they chose to do business with you, they would be interested in joining your list. Implied consent is invalid after 2 years if the subscriber does not engage further with your business (for example, makes another purchase) from the date the business relationship was established. If you have subscribers on your list who you only have implied consent from, you will need to obtain express consent prior to July 1, 2017. It’s advisable to send an email to these subscribers and request that they confirm their opt-in status prior to that date.
In both cases, it is up to the organization sending the emails to be able to prove that consent exists. Because of this, it is extremely important for business owners and marketers to develop a plan to track consent. Though consent can be given verbally, it is more difficult to prove, so a best practice is to get things in writing.
When obtaining express consent online, it’s advisable to track the date, IP address, opt-in page URL and time that the individual joined your list. Email marketing services such as MailChimp and Constant Contact have double-opt-in capabilities that make this easier to track. Offline, you’ll need to implement comprehensive record keeping of your paper registrations, and ensure that the registration forms themselves include CASL-compliant language.
Now is not the time for mystery. Under CASL, you must ensure that your subscribers know who you are. Which we’re guessing you’ll want too, since you probably want them to do business with you again.
Must-haves include a physical mailing address, a functional email address (no-reply addresses need not apply) and a phone number or website address. If you’re using a third-party to send your emails, they must be clearly identified as well.
You want them to want you. And if they don’t want to hear from you anymore, you need to give them an easy exit. No one likes to be stalked.
All communications must include a clear and accessible unsubscribe link that works for at least 60 days from the time the email was sent. Charging a fee to unsubscribe is not kosher, and all requests to unsubscribe must be processed within 10 calendar days. If you’re using an email marketing service to manage your list, this should be almost instant, which makes things much easier to stay on top of.
Finally, your communications can’t be false or misleading. That includes sender information, subject matter and more.
Simpler than you thought, right? The CASL guidelines are in-line with current email marketing best practices, and you may already have some if not all of your bases covered. Having permission to market to your subscribers ensures they’re receiving value and supports the development of long-term relationships, which we think is pretty important.
Where are you on your journey to becoming CASL compliant? Share your tips in the comments.
Briar Latam is the Senior Project Manager at FlexDealer. When she’s not juggling budgets and charting deadlines, you’ll find her touring Toronto's west-side with her fiancé and their pup, Millie.