Membership is FREE!   Professional Designations for Business & Technology Professionals

Privacy

CASL Review: The 13 Recommendations of the ETHI Committee

11 Mins read

The ETHI Committee conducted a CASL Review between July 1, 2017 and Dec. 2017 as required by the law itself. “As a result of their deliberations, committees may make recommendations which they include in their reports for the consideration of the House of Commons or the Government.”

The 13 Recommendations related to this study are listed below, along with comments from me, the author of CASL Compliance: A Marketer’s Guide to Email Marketing to Canadians.

RECOMMENDATION 1

The Committee recommends that the Government of Canada amend An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act (the Act) in order to adopt “Electronic Commerce Protection Act” as its short title.

We believe this would add to the confusion that is already at epic levels. One of the single biggest challenges of CASL is a lack of communication (as clearly stated in the Direct Marketing Association of Canada’s submission to the INDU Committee) leaving the general public either confused or uninformed. What little awareness exists for CASL within the business community stands to be lost with a “re-branding” effort as suggested.

If the Committee believes there is a ton of negative baggage associated with the CASL brand and is attempting to distance itself from these issues, it might consider simply fixing the issues and moving forward. There is a lot of CASL that works and the general public will come to love owning their own email inboxes over the next few years.

Bottom line: A name change is a distraction and a step backwards.

 

RECOMMENDATION 2

The Committee recommends that the Government of Canada clarify the definition of “commercial electronic message” to ensure that the provisions as enacted in the Act and its regulations are clear and understandable for parties subject to the legislation and do not create unintended cost of compliance. In particular, the status of administrative and transactional messages should be clarified.

Section 1 (1) clearly defines commercial activities:

1 (1) The following definitions apply in this Act.

commercial activity means any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, whether or not the person who carries it out does so in the expectation of profit, other than any transaction, act or conduct that is carried out for the purposes of law enforcement, public safety, the protection of Canada, the conduct of international affairs or the defence of Canada. (activité commerciale)

Section (2) goes on to define the:

Meaning of commercial electronic message

(2) For the purposes of this Act, a commercial electronic message is an electronic message that, having regard to the content of the message, the hyperlinks in the message to content on a website or other database, or the contact information contained in the message, it would be reasonable to conclude has as its purpose, or one of its purposes, to encourage participation in a commercial activity, including an electronic message that

(a) offers to purchase, sell, barter or lease a product, goods, a service, land or an interest or right in land;

(b) offers to provide a business, investment or gaming opportunity;

(c) advertises or promotes anything referred to in paragraph (a) or (b); or

(d) promotes a person, including the public image of a person, as being a person who does anything referred to in any of paragraphs (a) to (c), or who intends to do so.

Other commercial electronic message

(3) An electronic message that contains a request for consent to send a message described in subsection (2) is also considered to be a commercial electronic message.

Exclusion

(4) An electronic message described in subsection (2) or (3) that is sent for the purposes of law enforcement, public safety, the protection of Canada, the conduct of international affairs or the defence of Canada is not considered to be a commercial electronic message.

Person to whom a message is sent

(5) For the purposes of this Act, a reference to the person to whom an electronic message is sent means the holder of the account associated with the electronic address to which the message is sent, as well as any person who it is reasonable to believe is or might be authorized by the account holder to use the electronic address.

For many businesses committed to respecting their prospects and customers, it is clear when a message is intended to generate business, now or down the road. Keeping CEMs and transactional messages clearly separate, not allowing commercial suggestions to statements to creep in, is fair for all. The CRTC’s position is that as soon as a suggestion of commercial message sneaks into a transactional email, it transforms that email to a CEM. Black & white and fair for all parties.

Are we looking to change this for those businesses looking to “beat the system”? Of course there will be a cost of compliance. Some of those messages will have to be distributed by advertising or direct mail the way they should be. The creation of email does not give businesses the right to save millions of dollars in promotional costs, regardless of what the marketer thinks. CASL is a step in the right direction for returning control of an individual’s email inbox back to them.

Bottom Line: CASL is quite clear on what is (and is not) a Commercial Electronic Message (CEM). If CRTC would like to offer some real market examples and some clear guidance it would be welcome.

 

RECOMMENDATION 3

The Committee recommends that the Government of Canada clarify the provisions pertaining to “implied consent” and “express consent” to ensure that the provisions as enacted in the Act and its regulations are clear and understandable for parties subject to the legislation and do not create unintended cost of compliance.

Once again the law defines these well enough that some real market examples and clear guidance on this subject from CRTC is all that is required. Section 6(1), 10 explains Express and Implied Consent very well.

The “unintended costs of compliance” are strictly a function of not having to be responsible for proving consent in the past. Now we have to and with that responsibility comes some costs. There are many cost effect ways to accomplish this should an organization be committed to it. In order to honour an individual’s consent, we must be able to track it and prove it upon request. It is the right thing to do for the consumer.

Bottom line: CRTC guidance will suffice.

 

RECOMMENDATION 4

The Committee recommends that the Government of Canada clarify the definition of “electronic address” to ensure that the provisions as enacted in the Act are clear and understandable for parties subject to the legislation and do not create unintended cost of compliance.

This can be managed by CRTC putting out a guidance document clearly defining “electronic address”. Once again we believe this is more smoke for those organizations who do not wish to comply with this law.

Bottom Line: CRTC guidance will suffice.

 

RECOMMENDATION 5

The Committee recommends that the Government of Canada clarify whether business-to-business electronic messages fall under the definition of “commercial electronic message.”

Of course they do. B2B messages are clearly a commercial electronic message as the intention of them is to conduct business. While many consider it an arduous task to build a Conspicuously Published list, there are many B2B considerations built in to CASL already. Any more dilution makes the law meaningless.

Canada committed to an opt-in regime and some people are having trouble adjusting from the free-for-all opt-out society we came from. At the end of the day these changes in practices will make it safe to open our email inboxes again. Remember the purpose of this Act:

“Purpose of Act

3 The purpose of this Act is to promote the efficiency and adaptability of the Canadian economy by regulating commercial conduct that discourages the use of electronic means to carry out commercial activities,”

Bottom Line: CRTC guidelines will suffice.

 

RECOMMENDATION 6

The Committee recommends that the Government of Canada clarify whether electronic messages listed under section 6(6) of the Act fall under the definition of “commercial electronic message.”

Exception

(6) Paragraph (1)(a) does not apply to a commercial electronic message that solely

(a) provides a quote or estimate for the supply of a product, goods, a service, land or an interest or right in land, if the quote or estimate was requested by the person to whom the message is sent;

(b) facilitates, completes or confirms a commercial transaction that the person to whom the message is sent previously agreed to enter into with the person who sent the message or the person — if different — on whose behalf it is sent;

(c) provides warranty information, product recall information or safety or security information about a product, goods or a service that the person to whom the message is sent uses, has used or has purchased;

(d) provides notification of factual information about

(i) the ongoing use or ongoing purchase by the per- son to whom the message is sent of a product, goods or a service offered under a subscription, membership, account, loan or similar relationship by the person who sent the message or the person — if different — on whose behalf it is sent, or

(ii) the ongoing subscription, membership, account, loan or similar relationship of the person to whom the message is sent;

(e) provides information directly related to an employment relationship or related benefit plan in which the person to whom the message is sent is currently involved, is currently participating or is currently en- rolled;

(f) delivers a product, goods or a service, including product updates or upgrades, that the person to whom the message is sent is entitled to receive under the terms of a transaction that they have previously entered into with the person who sent the message or the person — if different — on whose behalf it is sent; or

(g) communicates for a purpose specified in the regulations.

The CRTC can issue guidance documents with real market examples and situations for each of the exceptions in this section of the law.

Here at Newport Thomson we recommend to our clients and to the market players who inquire, to “in a case where you are not clear, look at what your customer would like you to do (honestly) and err on the side of that.” With a fully Electronic Messaging compliant process in place, your documented decisions will be considered.

Bottom Line: Once again this can be cleared up with clear guidance documents from CRTC.

 

RECOMMENDATION 7

The Committee recommends that the Government of Canada consider how to best incorporate messages sent on behalf of an authorized person with regards to section 6(2)(a) of the Act.

Contents of message

(2) The message must be in a form that conforms to the prescribed requirements and must

(a) set out prescribed information that identifies the person who sent the message and the person — if different — on whose behalf it is sent;

So a message sent on behalf of a business partner must include the prescribed information for both parties. The prescribed information in every sent email is:

  1. Clearly state your Company name and mailing address.
  2. Provide a contact name and 2 ways to reach that person.
  3. Include a working unsubscribe.

This information must remain active for a 60 day period after the message is sent.  Once again, BOTH parties (sending and those on behalf we are sending), must include those 3 points. This seems quite clear to us, but we are certain the CRTC can provide guidance and real market examples for those who wish it.

Bottom line: This can be cleared up with clear guidance documents from CRTC.

 

RECOMMENDATION 8

The Committee recommends that the Government of Canada clarify the application of the Act and its regulations to charities and non-profit organizations to ensure that the legislation is clear and understandable for these organizations and do not create unintended cost of compliance.

CASL created a 5th type of consent for this very purpose. IMPLIED CONSENT: Existing Non-Business Relationships covers charities and not-for-profits. You can read more detail in this blog article. To stand down and allow them to freely email in a consent based society flies in the face of the very law that regulates this activity. The fact that they became addicted to spamming (sending unwanted emails) for many years, does not excuse them from following this law.

Email in Canada now requires consent. There is a current exception for charities if the communication is a request for donations. Much of the resistance we are seeing to CASL is the unwillingness of businesses to change. Change can often create opportunity and a competitive edge.

Bottom line: CRTC Guidance and real market examples could help those in doubt.

 

RECOMMENDATION 9

The Committee recommends that the Canadian Radio-television and Telecommunications Commission increase efforts to educate Canadians, especially small businesses, with the goal of improving awareness and understanding of the Act and its regulations as well as increasing awareness of the technological tools available to assist in complying with the legislation.

This is very sensible. The public is simply not aware of the facts. Strong and aggressive communications is both wanted and needed. The Canadian Government must grant CRTC a significant communications budget to allow them to educate Canadians at all levels.

Bottom line: significantly increase communication budgets and develop smart strategies for communicating how CASL benefits us all.

 

RECOMMENDATION 10

The Committee recommends that the Government of Canada further investigate the impact of implementing the private right of action, once changes and clarifications have been implemented to the Act and its regulations. At the same time, it could consider if an award of damages should be based on proof of tangible harm.

We agree with the NDP Supplementary Opinion written by Brian Masse, M.P. Windsor West, NDP, Innovation, Science and Economic Development Critic (page 37/38 of the INDU Report:

Just implement it as is.

“The NDP believes that the private right of action of this legislation should be enforced, as is, and not studied further. With the proper education and training on the existing legislation from the CRTC, we feel that businesses and organizations should be prepared and confident to send their CEMs and should not fear prosecution. We do support allowing consumers this option and would be comfortable with a grace period of one year or less to allow for the proper training, education and software implementation for businesses and organizations affected.“

They are generous in the one year grace period and that should suffice. The market and the courts will sort it out. If it does become a significant problem, make adjustments. The “indefinite postponement” of the PRIMARY enforcement tool has stopped CASL dead in the water for most organizations. Businesses were afraid of the public and were scrambling to comply with CASL because of the private right of action. On June 7, 2017, the day Minister Bains indefinitely postponed the PRA, CASL fell off the priority list of most businesses in Canada.

Bottom line: Enforce the PRA immediately. The rest will sort itself out.

 

RECOMMENDATION 11

The Committee recommends that the Government of Canada consider how the Canadian Radio-television and Telecommunications Commission can share information relative to the enforcement of the Act with domestic law enforcement agencies, including the Royal Canadian Mounted Police, the Department of Public Safety, and cybersecurity partners.

This sounds responsible and likely a PIPEDA issue rather than CASL. This is included in the new Bill C-11, proposed on November 16, 2020 by Minister Bains in the House of Commons.

Bottom line: update PIPEDA and ask the Office of the Privacy Commissioner of Canada to provide guidance using real market examples.

 

RECOMMENDATION 12

The Committee recommends that the Government of Canada investigate with the Canadian Radio-television and Telecommunications Commission how to be more transparent in the methods, investigations, and determinations of penalties, as well as on the collection and dissemination of data on consumer complaints and spamming trends.

Any attempt to help organizations implement compliant programs is helpful. CRTC can certainly be more helpful in many cases, stating publicly what works and what does not under this new law. Guidance with real market examples would be very valuable when implementing compliant programs. Social media guidelines have been promised for years and have yet to be published by the CRTC.

Bottom line: issue guidance – clear, real market examples that have been encountered over the past 3 years.

 

RECOMMENDATION 13

The Committee recommends that the Government of Canada, the Canadian Radio-television and Telecommunications Commission, the Competition Bureau and the Office of the Privacy Commissioner of Canada replace the phrase “Canada’s Anti-Spam Legislation” by the short title “Electronic Commerce Protection Act” and the acronym “CASL” by the acronym “ECPA” in all guidance and enforcement materials as well as other publications on every support, including fightspam.gc.ca.

As stated in #1 Recommendation:

We believe this would add to the confusion that is already at epic levels. One of the single biggest challenges of CASL is a lack of communication (as clearly stated in the Direct Marketing Association of Canada’s submission to the INDU Committee) leaving the general public either confused or uninformed. What little awareness exists for CASL within the business community stands to be lost with a “rebranding” effort as suggested.

If the Committee believes there is a ton of negative baggage associated with the CASL brand and is attempting to distance itself from these issues, it might consider simply fixing the issues and moving forward. There is a lot of CASL that works and the general public will come to love owning their own email inboxes over the next few years.

Bottom line: A name change is a distraction and a step backwards and will results in confusion and less compliance.

Related posts
CybersecurityFancy That ConversationPrivacyWebinars

An early assessment of our proposed new Privacy Laws by Derek Lackey

1 Mins read
An early assessment of our proposed new Privacy Laws – a very informative discussion with Derek Lackey.  Derek Lackey has been on…
Privacy

Privacy Pressure Points: A Closer Look at Ten Consumer Privacy Protection Act Concerns

3 Mins read
The Canadian government yesterday introduced the Consumer Privacy Protection Act (technically Bill C-11, the Digital Charter Implementation Act), which represents a dramatic change in…
PrivacyWebinars

An Early Assessment of our Proposed New Privacy Laws

1 Mins read
With an initial impression of Bill C-11:  it is a series of 1/2 measures designed to “sort of” protect citizen’s personal information,…
Join BIZTEK

Yes, I have read and live by this Code of Ethics - https://biztek.org/code-of-ethics/. We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at info@biztek.org or call us at 647 499 2744. You can unsubscribe at any time.

 

Leave a Reply

Your email address will not be published. Required fields are marked *