This means your monthly news-letter, your referral emails, your weekly coupon messages, your SMS campaigns, and any other commercial communication to an electronic address falls under this act. The penalties for violating this act are very severe. You could be fined up to $1 million as an individual or $10 million as a company, and the public can sue you for $200 per message received (though public redress doesn’t kick in until 2017.)

Got your attention now?

In fact, in my opinion this legislation is going to affect standard commercial email messages far more than any actual spam long-term. It’s a very radical law that fundamentally changes how companies can communicate with their customer base online.

Here’s what you need to know about this act so you can stay compliant.

Commercial Electronic Messages

If your message is encouraging someone to participate in commercial activity, even if the motive of profit isn’t a part of the message, then you’re sending a commercial marketing message. The law doesn’t stop you from sending these messages, but it sets very clear guidelines on what has to be included in such a message. Commercial marketing messages must have:

• Consent
• Identification information
• An unsubscribe mechanism

Consent is the trickiest one to maintain. The onus is on you to prove that you have received consent, written or oral, that you can send a commercial marketing message to an address. This consent must be opt-in meaning you are expressly agreeing to receive messages, must be clearly labeled, and cannot be bundled in with another consent clause. To give you a flavor of how onerous this law really is, if you have a tagline in a message that promotes a product or service that encourages the recipient to purchase that product or service it would make the message a CEM. Folks, logic has left the building when we feel taglines are invading people’s privacy.

You need separate consent checkboxes for the following acts:

• The sending of commercial marketing messages
• The alteration of transmission data in electronic messages in the course of commercial activity.
• The installation of a program on another person’s computer in the course of commercial activity.

The company must record the date, time, purpose, and manner the consent was gathered as well. It’s a lot of information, and you may require outside assistance to make sure all your bases are covered, especially in B2B companies.

You also need to provide identification information with every email. The message must clearly identify the sender and include a valid mailing address. While people who send messages on behalf of another company do not need to add their information, if a message is sent on behalf of multiple people all individuals must be identified. This information can be placed on a webpage with a link in the message to the identifying information, and the address must be valid for at least 60 days after the message is sent. This information must also be in your consent forms.

Finally, you need a clear unsubscribe mechanism in your messages so that people who do not want your marketing can remove consent. This mechanism must be consumer-friendly, “readily performed”, and can be accessed without difficulty or delay. Examples given by the government include a link in an email leading to a clear webpage that gives an unsubscribe option, or having someone reply to an SMS message with the word “STOP”.

A small bit of good news

Thankfully, there is a grace period for businesses to comply. For the next 36 months, consent is assumed to be there in commercial messages where there is an existing business or non-business relationship. However, if someone does remove consent during this period then communication must cease. This gives businesses time to gather consent information from their current contact lists. After the grace period ceases, consent must be gathered.

Unfortunately, this is going to be very, very, messy. Customers are going to start receiving a ton of these consent messages from all sorts of companies, and I’m pretty sure we’ll start seeing what I like to call “consent fatigue” over the coming months. Business might find that the customers they can send a message to shrinks dramatically. No more marketing messages, no more new business. It’s really like trying to stop drunk driving by ripping up all the highways.

Unfortunately, this is the legal climate we’re operating in. That means that the time to start generating a consent database is now. . We have been preparing for this act for some time, and we have the knowledge to comply with CASL.

If you need help or for more information, contact our offices at www.smashboxconsulting.com.

Don’t miss Part 2 of this article where I paint a picture of what

digital marketing is going to look like after CASL.