Staying on the right side of Canada’s Anti-Spam Legislation

If you, or your clients send email into Canada, it's high time you oriented yourself with Canada's Anti-Spam Legislation (CASL), due to come into effect in 2013. With fines of up to $10 million CAD in place for non-compliance, it's also a very costly law to get on the wrong side of.

The good news is that if you already abide by Campaign Monitor's anti-spam policy, you're most probably already in the clear. However, it's worth taking the opportunity to review your subscribe forms and other channels by which you allow subscribers to opt-in to your lists, to make sure they abide by CASL's requirements.

Before you say, 'well, this doesn't apply to me', an interesting thing to note is that CASL can come into effect even if the end recipient isn't based in Canada. If an email message is routed in Canadian territory (such as by an ISP's mail server), then it's expected to abide by the legislation. Given the distributed nature of the Internet, its unwise to make any assumptions about how email travels from our mail servers (which are based in the US, mind) to their final destinations.

Stricter opt-in requirements

The CASL requirements most likely to affect email senders are in regards to 'express consent', or how senders gain permission to email subscribers. Under the law, a sender must state:

  • The purpose, or purposes for which consent/permission is being sought (eg. to send marketing messages via email), and;
  • information that identifies the person seeking consent and, if the person is seeking consent on behalf of another person, prescribed information that identifies that other person

What this means is that subscribe forms in particular have to carefully state why email addresses are being collected and who is collecting them. This can be as simple as a message like:

Sign up for ABC Widgets' weekly email newsletter. We'll be sending you offers and information about our products - don't worry, we won't share your email with anyone and you can unsubscribe at any time.

If this seems a little wordy, it's because we're covering all bases - for one, CASL requires that email campaigns feature an unsubscribe mechanism, which is something we want to inform subscribers of prior to opting-in. If you send using Campaign Monitor, an unsubscribe link is a standard part of your campaigns.

On a related note, the CASL unsubscribe requirement also applies to transactional email - Word to the Wise wrote a strong argument for featuring unsubscribe links in both recurring and one-off sends.

Featuring contact information in campaigns

The second big requirement is that email campaigns include information that personally identifies the sender. This information must be correct for at least 60 days after the message is sent. Contact information should include a name or company name, a postal address, or phone number that you or your client can be contacted on. Our template builder creates templates with an editable space in the footer for including contact information.

Finally, the From: address in your campaigns should be real and regularly-monitored - here's why a no-reply address is an email marketing no-no.

Don't forget your permission reminders

These changes in the law are also a solid prompt to check your permission reminders. While not a requirement, permission reminders do help keep spam complaints to a minimum. Even a short message like...

You are receiving this email because you signed up for ABC Widgets' weekly newsletter on our site

... can make all the difference. Subscribers may forget that they've signed up for a list and at first glance, assume a message is spam. Sometimes a little prompting like this can be all it takes to jog the memory.

This new Canadian law may have been dubbed 'the toughest anti-spam law the world has ever seen', but in reality, it's fairly easy for legitimate senders to abide by. Secondly, it's for the good of all - similar anti-spam legislation in Australia resulted in a measurable decrease in spam traffic following its introduction in 2003. We think the Canadian approach is a step in the right direction when it comes to distinguishing the awesome campaigns we send from email spam and security threats - hopefully it will prove to be a great model for other countries to follow.

Do you think that Canada's Anti-Spam Legislation is a good thing for email senders? Do similar laws exist in your country? Let us know in the comments below.

Posted by Ros Hodgekiss


  • CRS
    26th July

    “If you, or your clients send email into Canada” - not true - the new laws don’t affect foreign companies - it can only apply to Canadian companies. A country’s law cannot extend past its borders (unless you’re the FBI of course :P).

  • Ros Hodgekiss
    26th July

    Hey there CRS, I’m not a lawyer, but Fasken Martineu’s commentary suggests otherwise:

    “FISA (ie. the Canadian Anti-Spam Legislation) sets out rules that must be followed by anyone sending an “electronic message” that is sent or accessed from a computer system in Canada.[23] As a consequence, electronic communications sent from computer systems located and controlled from outside of Canada may come under the jurisdiction of FISA, if a computer system located in Canada either accesses, or has routed through it, the message. This provides a wide jurisdictional scope to FISA.”

    Considering the US has previously extradited spammers, this shouldn’t be particularly welcome news to the bad folks, eh? :)

  • Adam
    26th July

    Guys… please change the font to black. It’s much easier to read than this grey one.

  • evil-Adam
    27th July

    Guys… please change the font to papyrus. It looks much better in grey.

  • Ros Hodgekiss
    27th July

    Hah, fellas please… Papyrus? Comic sans, my friends. ;) I’ll pass on your feedback to our design folks - we’ll see what can be done. Thanks for your feedback!

  • James Lamb
    29th July

    Does most BlackBerry traffic still flow through Canada?

    (agree on black font - looks great here as I type)

  • Dan Johnson
    31st January

    I’ve seen that enforcement for this law is now set to begin July 1, 2014. Assuming that means the 3-year transition period for limited exceptions ends July 1, 2017. Sounds like that gives us some time to collect affirmative permission on any questionable records.

    Any updates on how this may be enforced or any new interpretations?

  • Ros Hodgekiss
    31st January

    Hi Dan, our advice to people with questionable subscriber permission is to either a) don’t send, or b) send a re-engagement campaign first. Email service provider policies (like our anti-spam one) tend to be as strict (if not stricter) than many national spam laws, so if you’re sending, it’s advisable to be sure of your permission now, not later. :)

  • Kelly Patchet
    5th February

    Email is just the tip of the iceberg here in Canada when it comes to CASL - it goes way, way beyond that to all computer programs (including in cars and appliances). I’ve been saying for a while, the email bit is just catching up to what CM expects anyway but the rest is a huge and convoluted mess that most companies won’t be able to comply with. #absurd

  • Andrew Boardman
    26th March

    Great forward-looking post, CM, as always. If you could keep us up to date on all things CASL from your point of view, we’d appreciate it. The legislation is pretty new (or will be on July 1, 2014) and all businesses and organizations here need to comply.

  • Ros Hodgekiss
    27th March

    Thank you, Andrew. We’ll most certainly keep an eye on things here and post in our blog / update this resource if conditions change.

Got something to add?

Sign up for free.
Then send campaigns for as little as $9/month

Create an account