Home  › Email › Email Marketing

Canada's Anti-Spam Law

  |  March 16, 2011   |  Comments

A look at the new law, Canada's Online Protection Legislation (COPL), and how businesses need to change their practices to comply with it.

Most online marketers doing business in Canada today are already familiar with PIPEDA. But many are not aware that a new law, known in Parliament as Bill C-28 and later renamed Canada's Online Protection Legislation (COPL) was given Royal Assent on December 15, 2010. The law imposes onerous opt-in and other responsibilities on marketers doing business online in Canada. It covers items such as the sending of commercial electronic messages (CEM), prohibition of installing computer programs without consent, and sending messages with false or misleading information in the content or header. Enforcement of the law is expected to commence in September 2011, which should give marketers ample time to comply.

COPL is effectively Canada's first anti-spam law, which removes the distinction of Canada being the only G8 nation without one. The provisions of PIPEDA already covered opt-in, however, enforcement actions were limited. Under the new law, a definitive set of requirements and enforcement actions are laid out and penalties for violation of the law can be severe. Unlike CAN-SPAM, which covers only e-mail, COPL covers CEM, which is defined as any commercial "message sent by any means of telecommunication, including a text, sound, voice or image message." Effectively, this includes:

  • E-mail
  • SMS
  • Instant messages
  • Social media postings such as tweets
  • Some voice communications

There are a number of requirements set forth in the law regarding CEM, most notably:

  • Express affirmative (opt-in) consent
  • No false or misleading headers, including sender and subject line
  • Cannot alter transmission data
  • Must provide a conspicuous unsubscribe mechanism
  • Must include postal address of sender
  • Cannot perform address harvesting to obtain e-mail addresses or send to harvested addresses
  • Liability for entities who knowingly allow spam to be sent on their behalf, even if the message was not directly initiated by those entities

Exemptions to the opt-in requirement exist under certain circumstances. Consent is deemed if there is an existing business relationship, an existing non-business relationship (such as sending to a family member), conspicuous posting of an electric address such as on a "Contact Us" page (provided there is no statement near the address indicating that it should not be mailed), or where the recipient has provided the electronic address to the sender. In most cases, this implied consent is valid for two years, after which the sender must gain affirmative consent.

Enforcement/Liability

Computer systems located in Canada used to send or access an electronic message fall under the COPL umbrella. This means that any CEM that leaves or enters Canada is subject to the regulation. COPL is primarily enforced by the Canadian Radio-television and Telecommunications Commission (CRTC), and imposes fines of up to $1 million per violation for individuals and $10 million per violation for businesses. There is also a provision for private right of action, allowing individuals and businesses to seek actual and statutory damages.

Enforcement does take into account "honest mistakes," and for that reason, it is important to undertake clearly defined actions to comply with the law. Willful violations are the primary focus of enforcement.

Next Steps

Businesses will need to scrub their lists and remove any covered address for which there is no affirmative opt-in to receive e-mail and other CEM. It is expected that many e-mail lists will be significantly reduced in size as a result. Privacy policies and form collection on websites should be updated to ensure proper consent. In the case of forms, this includes moving from an opt-out (pre-checked) to an opt-in (not pre-checked) methodology.

I recommend that businesses meet with their legal, compliance, and marketing teams to determine the full scope of changes to their business practices in order to comply with the new law, as there are a number of key considerations and requirements not provided in this column which may apply. We also encourage affected parties to read the full text of the law, which can be found here.

(Note that the purpose of this post is to provide general information about Canada's Online Protection Legislation. It does not constitute legal advice. Please consult your legal counsel for full requirements and implementation recommendations.)

ClickZ Live Toronto Twitter Canada MD Kirstine Stewart to Keynote Toronto
ClickZ Live Toronto (May 14-16) is a new event addressing the rapidly changing landscape that digital marketers face. The agenda focuses on customer engagement and attaining maximum ROI through online marketing efforts across paid, owned & earned media. Register now and save!

ABOUT THE AUTHOR

Dennis Dayman

Dennis Dayman has more than 17 years of experience combating spam, security issues, and improving e-mail delivery through industry policy, ISP relations, and technical solutions. As Eloqua's chief privacy and security officer, Dayman leverages his experience and industry connections to help Eloqua's customers maximize their delivery rates and compliance. Previously, Dayman worked for StrongMail Systems as director of deliverability, privacy, and standards, served in the Internet Security and Legal compliance division for Verizon Online, as a senior consultant at Mail Abuse Prevention Systems (MAPS), and started his career as director of policy and legal external affairs for Southwestern Bell Global, now AT&T. As a longstanding member of several boards within the messaging industry, including serving on the Board of Directors and the Sender SIG for the Messaging Anti-Abuse Working Group (MAAWG), Secretary/Treasurer for Coalition Against Unsolicited Commercial Email (CAUCE), Certified Information Privacy Professional (CIPP) Advisory Board, Dayman is actively involved in creating current Internet and telephony regulations, privacy policies, and anti-spam legislation laws for state and federal governments.

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

ion Interactive 9 Strategies to Engage Your Consumers White Paper

9 Strategies to Engage Your Consumers
Online marketing apps are highly engaging - taking visitors on short, but effective, conversion-focused journeys. This white paper illustrates 9 strategies to engaging consumers through app-like experiences.

eMarketer: Redefining Mobile-Only Users: Millions Selectively Avoid the Desktop

Redefining 'Mobile-Only' Users: Millions Selectively Avoid the Desktop
A new breed of selective mobile-only consumers has emerged. What are the demos of these users and how and where can marketers reach them?

Resources

Jobs

    • Sr. Paid Search Manager
      Sr. Paid Search Manager (Bisk Education) - TampaCurrently seeking a Sr. Paid Search Manager in Tampa, FL for Bisk Education! Bisk Education is a...
    • Contact Center Professional
      Contact Center Professional (TCC: The Contact Center) - Hunt ValleyLooking to join a workforce that prides themselves on being routine and keeping...
    • Recruitment and Team Building Ambassador
      Recruitment and Team Building Ambassador (Agora Inc.) - BaltimoreAgora, www.agora-inc.com, continues to expand! In order to meet the needs of our...