Download - CASL is now in Effect! Are you Compliant?
![Page 1: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/1.jpg)
CASL is now in Effect! Are you Compliant?
Inbox Marketer
![Page 2: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/2.jpg)
Today’s Agenda
• CASL Overview & Timing
• Keys terms defined: EBR, CEM, Implied, Express
• Identification & Unsubscribe Requirements
• B2B Exemptions
• Next Steps & Recommendations
Disclaimer: We are not lawyers , this is not legal advice.
![Page 3: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/3.jpg)
What is CASL?
Canada’s Anti-Spam Legislation
Intended to deter the most damaging and deceptive forms of Spam:
Spamming Fraud
Hacking Harvesting
Malware Privacy Invasions
![Page 4: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/4.jpg)
Important Dates
CASL Passed
Dec. 2010
March 2012 CRTC Regs
Finalized
Industry Canada Regs
Finalized Dec. 2013
July 1, 2014Provisions in
force
Computer program
provisions in force Jan. 15,
2015
July 1, 2017 Private Right of Action in force
![Page 5: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/5.jpg)
What is a CEM?
A Commercial Electronic Message that encourages participation in a commercial activity
CASL provisions apply to all Commercial Electronic Messages sent to or from Canada.
Commercial Electronic Messages
Electronic Messages• Email• Text / instant messages• Social Media
Commercial Activity• Offers to sell/lease of product/service• Offers Investment/business opportunity• Promotes individual• Requests for Consent
![Page 6: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/6.jpg)
What is an EBR?
Existing Business Relationship
An existing business relationship is defined as a business relationship that involves or arises from:
• the purchase, lease or bartering of product, goods or service within last 2 years• a written contract within the last 2 years• an inquiry of a recipient within 6 months immediately preceding the date the
Commercial Electronic Message was sent
![Page 7: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/7.jpg)
1. Consent • Do you have Express or Implied consent?
2. Identification• Messages must identify sender(s) & provide contact
information
3. Unsubscribe• Must be clear & prominent, able to be readily performed
and accomplished at no cost to the customer
There are 3 Primary Rules
![Page 8: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/8.jpg)
What is Implied Consent?
Implied Consent – the sender & recipient have an existing business (or non business) relationship
Implied Consent is where the recipient has supplied/published work related email address and they have not included a statement that indicates they do not wish to be communicated via email
Implied Consent is where the recipient has willingly disclosed their email address i.e. business card
![Page 9: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/9.jpg)
fdf
What is Express Consent?
Express Consent – recipients give a positive or explicit indication of consent to receive CEM’s
Your Email SubmitOR
Under PIPEDA, pre-checked box’s are considered Express when the knowledge & consent of the individual is given
They may check a box or type/write in their email address
![Page 10: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/10.jpg)
Consents cannot be bundled
“A request for consent cannot be bundled with, requests for consent to the general terms and conditions of use or sale.”
A user must be able to consent to the general terms of sale while being able to refuse consent to receiving CEMs
![Page 11: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/11.jpg)
Will Express consents under PIPEDA be grandfathered as express consents
under CASL?
![Page 12: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/12.jpg)
If you obtained valid express consent prior to CASL coming into force, you will be able to rely on that expressconsent (as long as you can prove having obtained valid expressconsent)
A Big Win for Digital Marketers
![Page 13: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/13.jpg)
Does your organization have Implied records in its database?
![Page 14: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/14.jpg)
… you will have 3 years to upgrade (July 2017)
Transitional provision for Existing Email Contacts – If you have (or had) an existing business or non-business relationship that already includes communication by commercial electronic message, you will have 3 years to upgrade Implied consents to Express
Begin thinking about how your database will need to be configured to keep track of when customers upgraded
For all existing implied records…
![Page 15: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/15.jpg)
Does your organization actually have to upgrade their Implied consents to Express?
The next question is an interesting one…
![Page 16: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/16.jpg)
After CASL Comes into Force
… YOU CAN RELY ON IMPLIED CONSENT UNDER 3 SCENARIOS
1. Existing business relationship arising from an inquiry, if no further action is taken, you have 6 months to continue to send and upgrade them to Express before you lose them
2. Existing business relationship arising from a purchase, lease, contract, barter (see section 10 for full definition of EBR) then organizations will have 2 years from time of EBR to continue to send & upgrade them to Express before you lose them
![Page 17: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/17.jpg)
After CASL Comes into Force
… YOU CAN RELY ON IMPLIED CONSENT IF
Existing business relationship arising from a purchase that involves an ongoing use or ongoing purchase under a subscription, company will have 2 years from when the relationship terminates to continue to send & upgrade them to Express
![Page 18: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/18.jpg)
A Best Practice to Consider
Do not turn on and/or refresh the email permission every time a member transacts with you if they have unsubscribed.
It is allowed under a strict reading of the legislation
Not an ideal customer experience and therefore not recommended
![Page 19: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/19.jpg)
If you do choose to upgrade to express
• Upgrade message(s) should identify value proposition of your email program; give recipients a compelling reason to confirm their express consent.
Be very clear on what they will be agreeing to receive
• If database is large enough, test different offers.
• Encourage customers to visit a preference center to update their email preferences.
Our recommendation is to consider the value of an Upgrade campaign now vs. 2 years from now.
![Page 20: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/20.jpg)
Industry Example of Upgrade Campaign
![Page 21: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/21.jpg)
How to collect Express Consent under CASL
![Page 22: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/22.jpg)
Requirements for Collecting Express Consent
Ensure clarity of language & branding so that customers are well informed as to what they are agreeing to receive and the purpose(s) for which their consent is being sought.
Yes, I would like to receive emails from CompanyABC with the latest information on your products, services and special offers
![Page 23: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/23.jpg)
Requirements for Express Consent
Pre-checked boxes will not be allowed
Your Subscribe Page/Form must include:
• company postal address & either phone number OR web address OR email address
• link to Privacy Policy
• a statement indicating that recipient can unsubscribe at any time
![Page 24: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/24.jpg)
Fully CASL Compliant Example
![Page 25: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/25.jpg)
Confirmation email is recommended
A confirmation (or welcome) email should be sent after sign-up Recommendation: Send immediately or within 24 hours
Asking recipients to confirm their opt-in is considered “double opt-in” and is the Gold Standard!
Welcome message(s) helps to manage expectations and add clarity to what subscribers will receive as part of the email program
![Page 26: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/26.jpg)
Rule 2: Identification Requirements
Messages must identify sender & provide contact information for the sender and if different, the person on whose behalf it is sent
The mailing address & either a phone number OR email OR web address must be present on the CEM
Also required:
A link to your privacy policy
A link to your unsubscribe page
Messages must not have false or misleading headers, subject lines or content
![Page 27: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/27.jpg)
Rule 3: Unsubscribe Requirements
Must be clear & prominent and accomplished at no cost to the customer
Must be able to be readily performed (should be simple, quick and easy for the consumer to use)
Cannot require a login
Requests must be flagged without delay or no later than 10 business days
Unsubscribe mechanism must remain functional for 60 days post deployment
![Page 28: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/28.jpg)
Unsubscribe Requirements
An unsubscribe link must be present on all transactional emails
A recipient can unsubscribe from receiving transactional emails however if you do not include any marketing/promotional/commercial info, you may continue sending factual information about their account and/or purchases
![Page 29: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/29.jpg)
How is Social Media effected by CASL?
![Page 30: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/30.jpg)
Social Media under CASL
CASL covers all CEMs including social media messaging.
The Good:- Posting your commercial content to your brands social media
accounts are ok- Twitter, Facebook pages, blogs, etc…
The Bad:- Sending a DM if it’s a CEM is captured by CASL- Sending an @ mention message may be non-compliant
![Page 31: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/31.jpg)
Social Media under CASL
Recommended Social Media policies for CASL Compliance:
1. Official accounts: list these on your website and in the profiles of each account
2. Training of staff using these accounts and rules for posting3. Maintain a policy around use of personal social media accounts
vs. corporate or client accounts4. Know the differences between what a reply is vs. Commercial
messages5. Use a commercial social media management account
![Page 32: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/32.jpg)
For B2B Organizations, there are some exemptions to know about
![Page 33: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/33.jpg)
There are some B2B Exemptions
Feedback:
Stakeholders argued that the legislation will prohibit regular business practices that are not among the malicious activities the Act was intended to capture.
These would include sending banking e-statements, warrantee & recall messages, messages sent within or between firms with a current business relationship, etc.
![Page 34: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/34.jpg)
B2B Exemptions
… Section 6 of the Act does not apply to a commercial electronic message
that is sent in response to a business request, inquiry, complaint or is otherwise solicited by the person to whom the message is sent
that is sent to satisfy a legal or juridical obligation
that is sent within a business or sent between businesses that are already in a business relationship where the messages are sent by an employee, rep, contractor or franchisee and are relevant to the business, role or function of the recipients
![Page 35: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/35.jpg)
Also, Express Consent is Not Required if…
The CEM delivers a product or service (including updates) that the recipient is entitled to receive under the terms of a transaction
Third party referrals – only the 1st email can be sent without consent & you must identify the person’s first and last name who has provided the referral
![Page 36: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/36.jpg)
Next Steps & Recommendations
![Page 37: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/37.jpg)
Create a CASL Compliant Database
Streamline your email programs
• Align the data teams • Having multiple teams increases your risk of not being compliant
• Create a centralized communications database and/or a centralized preference center
• Create a centralized unsubscribe policy & database
If companies don’t have the means to consolidate all their data across the different lines of business, at minimum, a central unsubscribe database is
recommended.
![Page 38: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/38.jpg)
Companies need to be able to prove compliance if ever challenged
![Page 39: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/39.jpg)
Proper Documentation Required
The burden of proof is on the sender
Recommended data capture fieldsLevel of Consent (Express vs. Implied)Date & time of the opt-in (for express)Date & time of the Existing Business Relationship (for implied)Source i.e. POS, web page, events, co-registration, list rentalWhy was email address collected? Newsletter? Promotions? IP address (nice to have, not a requirement)
Capture what the subscribe form looks like – archive pages as they get updated
Also consider implementing a “stop send” mechanism to track when implied consents expire and need to be suppressed
Data Best Practice: suppress records, don’t delete
![Page 40: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/40.jpg)
Identify all of your input sources:
• Point of Sale• Call Center• Web Forms• Social Channels• Offline Contests • Events• Third parties• Other?
What level of permission are you collecting (Express or Implied) at each source?
If Express, ensure all prescribed information is present
![Page 41: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/41.jpg)
Identify all of your output sources:
• Email Service Provider • Mobile Marketing Provider • Web pages/triggers • Ecommerce solutions • Corporate emails • Social Networks • Other?
![Page 42: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/42.jpg)
Identify all of your output sources:
Data management will be key to compliance
Review existing data and group consents:
• Explicit *• Implied• Third party• Unknown• None
![Page 43: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/43.jpg)
Who needs to be involved?
Build a multi disciplinary swat team with a check list for each department
1. Privacy/Compliance2. Legal3. Marketing4. Database Analytics team5. Deployment team6. Agents7. Brand Managers8. Sales team9. Vendors & Partners
![Page 44: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/44.jpg)
Additional Recommendations
1. Contact your legal counsel. Get their input and sign-off as well as your Privacy Officer
2. Educate all employees on the appropriate use of email addresses
3. Create a training program for all employees on what it means to be CASL compliant
4. Create a CASL compliance scorecard or checklist
5. Create a due diligence process & document it
6. Update all forms & processes that document consent
![Page 45: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/45.jpg)
Other things you should know…
• A Spam Reporting Center will be set-up and managed by the CRTC
• Consumers & businesses will be able to report emails being sent without consent an emails with false or misleading content
• Heavy fines for non-compliance
- $10 million per violation for a corporation- $1 million per violation for individuals
Permission was a best practice with PIPEDA, soon it will be the law!
![Page 46: CASL is now in Effect! Are you Compliant?](https://reader038.vdocuments.us/reader038/viewer/2022102901/554974f7b4c905525e8b542a/html5/thumbnails/46.jpg)
Need help becoming CASL compliant?
• Inbox Marketer offers turnkey email marketing solutions that are fully CASL compliant.
• Digital Strategy & Email Best Practices
• Email Design & HTML Development
• Database Management & List Processing
• Campaign Management & Email Deployment
• Detailed Reporting & Analytics
Call us at 519-824-6664 to hear how we can take your email program to the next level!