Real-World Education for Modern Marketers

Join Over 600,000 Marketing Professionals

Start here!
Text:  A A

The New Anti-Spam Law in Canada: A Primer for Email Marketers

by   |    |  4,573 views

If you're a marketer for a North American company, chances are high that you send commercial email to consumer or business recipients in Canada. You may be aware, then, that new commercial email regulations are being introduced as law in Canada.

Called the Canadian Anti-Spam Law, the legislation is designed to deter spammers from targeting Canadian consumers and to provide Canadian law enforcement officials with more effective methods for combating malicious senders.

At the core of the new legislation is what Canada defines as "commercial electronic message," or CEM. So what constitutes a CEM? According to the Canadian Radio-television and Telecommunications Commission, a CEM includes any electronic message that encourages participation in a commercial activity, including, but not limited to, offering, advertising, or promoting a product, a service, or a person. The law applies to all businesses or persons sending CEMs, regardless of whether there is expectation of profit.

Regulated messages include common message formats such as email, SMS (text) messages, and instant messages (IMs). Additional regulated message formats or delivery vehicles may include Web applications, websites, blogs, voice over IP, and URLs.

In this article, we'll examine how this new legislation affects commercial messages sent via the email channel.

New Email Sender Regulations

At the highest level, the law requires email senders to be in compliance with four new requirements:

  1. Consent: You must have express or implied consent to send a CEM.
  2. Identification: You must clearly identify yourself and the business or organization sending the CEM.
  3. Unsubscribe mechanism: You must include an unsubscribe mechanism on every CEM sent.
  4. Contact information: You must provide a way for the recipient to contact you: A physical address and electronic address are required in all your CEM communications

The Complexity of Consent

Identification, unsubscription, and contact information are the more clear-cut of these four basic planks of the new legislation. Perhaps less straightforward is consent.

What is consent, in both of its forms, and how can you or your organization ensure you are in compliance with Canadian regulations around consent?

In its most basic form, consent means that the recipient has indicated a willingness to receive commercial messages from you or your business. Consent can happen only before you send an email.

There are two primary forms of consent under the new law: express and implied.

  1. Express consent requires senders to clearly and simply provide the purpose for which consent is being sought. In return, the receiver provides an email address for future communications.
  2. Implied consent applies to messages when (1) a recipient has existing business relations with you or your organization, or (2) a recipient has disclosed an address online publicly without stating an unwillingness to receive CEMs.

Implied consent can also include the following:

  • Messages sent within a business (they must be related to your business)
  • Messages sent in response to a requests
  • Quotes or estimates
  • Receipts
  • Security information (recalls, warranties, etc.)
  • Ongoing usage with your business (recurring purchases)
  • Service upgrades or updates
  • Product deliveries

Under the new regulation, if a new recipient does not become a client or customer, their implied consent remains valid for only six months after being implied. Similarly, if an existing client or customer does not purchase future products or make future subscriptions, implied consent expires after two years.

The law also permits you or your organization to gather consent via third parties. For example, you may have a partnership with a company that offers related products and services. You can remain in compliance as long as all parties follow the basic guidelines outlined earlier and as long as the recipient is directly made aware of the potential to receive third-party emails. This situation would also require all parties using an email list to unsubscribe an address at the same time.

Information Storage and Documentation

The new law also requires all CEM senders to store certain information for every recipient address, including the following:

  • The type of email opt-in (paper, landing page, signup, etc.)
  • An example of signup webpage (if applicable)
  • The date a recipient opted  in
  • The connecting IP address (if applicable)

As you or your organization makes the changes required to comply with Canadian law, it may be wise to audit you opt-in and documentation process. As a starting point, you may want to examine where and how your organization stores opt-in data, what type of opt-in data you store, where the master record is kept, and whether you make and keep back-up copies of this record.

Your organization should consider sending a campaign to Canadian receivers informing them you can email them only with express consent, which they can provide by clicking on the link you are providing in the email. This approach is similar to reconfirmation campaigns.

Compliance Timeline and Additional Information

For any organization sending to Canadian recipients, the legislation requires that businesses make these changes for all new mail recipients. For existing email subscribers, organizations have until July 1, 2017 to bring their email programs into compliance.

For more information, visit CASL's website and access the full text of the CASL.

Join over 600,000 marketing professionals, and gain access to thousands of marketing resources! Don't worry ... it's FREE!


We will never sell or rent your email address to anyone. We value your privacy. (We hate spam as much as you do.) See our privacy policy.

Sign in with one of your preferred accounts below:


Ryan Harris is manager of compliance for email delivery and transactional email service SendGrid, where he is responsible for overseeing the compliance department and ensuring that senders are upholding white-hat email practices.

LinkedIn: Ryan Harris

Rate this  

Overall rating

  • Not rated yet.

Add a Comment


  • by Sarah Fri Jul 25, 2014 via web

    Really happy to see an article about CASL on Marketing Profs. I wrote a similar piece for our company blog (our readership is comprised largely of small to medium sized business owners), and was challenged to keep it as concise and easy to understand as possible. You covered everything with great clarity - I'm impressed!

    -Sarah Bauer
    Navigator Multimedia

  • by Gary Fri Jul 25, 2014 via web

    Still some confusion that maybe you can clear up: What effect does CASL have on US-based PR agencies that as a matter of course, already send press releases, story ideas, and other mass/targeted communications to Canadian press, bloggers and broadcasters? Is there anything specific here that compels that these Canadian recipients be treated any differently than their US counterparts? Do we automatically have "implied consent" with everyone found in a media directory as well as new media outlets not yet found in directories?

  • by Dave H Fri Jul 25, 2014 via web

    Ryan, this was a really good article. My question is what legislation (or liability) is in place for US-based companies to comply with this program? Then again how can a US-based organization comply with every countries legislation dealing with e-commerce and email marketing?

MarketingProfs uses single
sign-on with Facebook, Twitter, Google and others to make subscribing and signing in easier for you. That's it, and nothing more! Rest assured that MarketingProfs: Your data is secure with MarketingProfs SocialSafe!