OTTAWA — A new anti-spam law that one business group calls “heavy handed” won’t stop the flow of all unwanted emails to your inbox, says a legal expert.
The Canadian Anti-Spam Legislation, known as CASL and coming into force July 1, will require businesses to obtain consent for sending “commercial electronic messages” to clients or prospective customers.
That’s why Canadians have seen their email accounts inundated recently with requests from companies and organizations that want to retain their contacts.
“We’re updating our contact list in accordance with Canada’s new anti-spam legislation coming into effect July 1, 2014,” Faulhaber Communications has been telling subscribers to its service in recent email messages.
“To continue receiving e-mails about our press launches, industry news and event invitations, we kindly request your consent below.”
The messages contain the mailing address and name of the business, as well as a clear unsubscribe feature, as is required by the new law.
Many people — weary of emails seeking permission to keep sending emails — are saying enough already.
“Getting spammed by Canada’s new anti-spam law emails,” computer programmer and artist T.J. Holowaychuk wrote Friday on Twitter.
“The amount of spam I’m getting because of the spammers reacting to the new anti-spam law to reduce spam is worse than any spam I got before,” added University of Waterloo political science professor Emmett Macfarlane.
Countless messages have gone out recently to people on an array of contact lists from organizations, companies and individuals who are on top of the change.
Many firms are not prepared, says lawyer Andrew Aguilar with McMillan LLP of Vancouver, who co-wrote a guidebook called “Internet Law Essentials: Canada’s Anti-Spam Law.”
But those who fail to meet the deadline won’t face immediate punishment, Aguilar said.
The fines can be enormous — up to $1,000,000 for individuals and up to ten times that amount for companies found in violation of the law.
Company directors can also be held personally liable for damages.
And despite the legislation’s name, it’s about more than just spam.
The law doesn’t define spam or mass messaging, but only refers to any message for a commercial purpose.
“It really appies to a broad range of communications,” Aguilar said.
Still, the law will be administered by the country’s telecom regulator, the Canadian Radio-television and Telecommunications Commission. And it has limited resources.
While anyone will be able to complain to the CRTC about spam via a website — http://fightspam.gc.ca — the regulator is expected to show flexibility as it sifts complaints, looking for the most egregious ones.
“They may potentially do warnings or education first and then move their way up to what’s an administrative monetary penalty,” said Aguilar.
And it helps, says the CRTC, if companies perform due dilligence by putting policies in place that are in line with the law.
Things may change in three years, however. That’s when what’s known as a “private right of action” kicks in, which would allow anyone to sue companies for transmitting excessive or unwanted electronic messages.
“That’s the big fear (for businesses) at that point,” said Aguilar. “Right now it’s just the CRTC and I think they’re going to take a much more reasonable approach.”
The Canadian Federation of Independent Business warned earlier this month that most small businesses are not ready for the law.
The CFIB is telling its members to get consent from customers in an initial email message — even if they are existing clients — and then in subsequent messages as well, just to be on the safe side.
“I think this is going to be a pretty heavy-handed legislation,” CFIB vice-president Corinne Pohlmann said in a recent interview.
“It’s going to take a lot of time before many small businesses are even aware that they have some obligations under this legislation and the regulations that go along with it.”
The law prohibits any commercial electronic messages sent without the recipient’s permission, anything that results in an Internet user being sent to a different destination without their consent, and any installation of a software program without the consent of the owner of the computer.
It also outlaws the use of any false or misleading representations to promote products or services and the collection of email addresses obtained through the use of computer programs without consent, known as address harvesting.