For the London Free Press – February 10, 2014
Read this at lfpress.com
The Canadian anti-spam act comes into force July 1, 2014. If you think it won’t affect your business or not for profit because you don’t send mass e-mails trying to sell random products, you would be wrong.
It defines spam — the act calls it commercial electronic messages — so broadly that it will affect how most organizations communicate. The definition goes far beyond what the average person would consider spam. It then layers on a series of complex exceptions and implied consents that allows commercial electronic messages to be sent in certain circumstances.
Volume is irrelevant. One e-mail sent to one person can be spam, and subject the sender to a fine of up to $10 million. Starting in 2017, remedies will include a private right of action (the right of recipients to sue the sender) that allows for the payment of statutory damages. In other words, there will be no need to prove actual damages were suffered from receiving the message.
Depending on the nature of the message and the relationship between the sender and recipient, some commercial electronic messages can be sent without any conditions, some require an unsubscribe mechanism, and some can’t be sent at all.
Unfortunately the act’s biggest impact will be the compliance headache it will cause the average business or not for profit.
In the short term, we can expect to receive a deluge of e-mails requesting that we consent to receive e-mails from various entities for various things. In many instances recipients may be confused or perhaps ignore those requests, based on the thought that they are already getting the messages or have already consented.
Recipients may not understand that subtle differences in how consent is requested, granted or tracked.
Some things worth noting include:
- Directors and officers can be personally liable if they participate in or acquiesce to violations under the act.
- Charities benefit from some additional exemptions, but the act still applies to many things most charities do.
- Commercial electronic messages are defined broadly to include more than e-mail — such as certain social media messaging tools.
- The onus of proof is on the sender, meaning that the sender must track and document compliance on an individual recipient basis in order to defend itself from alleged violations of the act.
- Consents to receive commercial electronic messages must be obtained in specific ways and by disclosing specific information.
- Consents one already has that are sufficient for privacy legislation may or may not be grandfathered, as valid consents depending on the circumstances.
- the act includes a three-year grace period for consents — but only in certain defined situations.
- Sending an e-mail to request consent is itself considered spam.
Given the complexity of the Canadian anti-spam act and the consequences for non-compliance, businesses and not for profits can’t afford to ignore this. Legal help is available to assist. More information on the act can be found on the author’s blog by searching for “anti-spam” at elegal.ca.