Frequently Asked Questions - Canada's Anti-Spam Legislation
Does CASL also apply to my business practices outside of Canada? For more information: visit the Know Your Responsibility When Managing Consent web page. you have implied consent (existing non-business relationship) as long as. Relationship management is a sales function that requires a vigilant focus on customer Many people, outside of business development and sales, often consider that PODCAST TRANSCRIPT - Social Selling and Tech - How Has CASL. May 1, As you know, the Canadian Anti-Spam Law (CASL) went into effect July 1, Any business or non-business relationship created after 1 July is if we at Return Path can help, please contact your account manager.
The pending private right of action, originally scheduled to become effective on July 1, as part of CASL 3 years after the effective date of the legislationhad struck fear among many businesses doing business in Canada. A collective sigh of relief was heard last week when the Canadian government announced a delay to the private right of action coming into force.
This decision followed a period of intense consultation with Canadians, businesses, and organizations and provides some time for the government to attempt to balance the needs of businesses and consumers.
We expect that during this period of suspension, the provisions of CASL will be further reviewed and the private right of action may be revisited. Though the private right of action is no longer an immediate threat, we continue to recommend that businesses take steps to ensure that their CASL compliance regimes are robust. This is especially relevant because the deeming provision of CASL that provided implied consent for any person with whom an organization had regular electronic communications prior to July 1, expires on July 1, This is the perfect time for businesses to roll up their sleeves to ensure their operations are fully compliant with CASL.
Investment Fund Managers IFMs and CASL Requirements IFMs, similar to other businesses, market to existing and potential clients but are subject to the requirements of securities legislation with respect to dealer registration requirements or exemptions. An electronic message will usually be considered to be a CEM under CASL if any portion of the communication encourages the recipient to participate in a commercial activity. For example, any message that contains: Under CASL, a sender must ensure that: There is a delicate dance conducted around consent.
Consent either express or implied must exist before the CEM is sent. It is also a non-starter to send an email requesting express consent as, under CASL, this email would constitutes a CEM that, paradoxically, required consent before it was sent!
Taking CASL by Storm: Compliance Tips for Investment Fund Managers
Therefore, unless the IFM has express or an implied form of consent which does not expire as of July 1, for a particular contact, such contact cannot be approached using a CEM after July 1, Obtaining or Confirming Consent As noted above, under CASL consent can be either express or implied and, in some circumstances, consent is not required. CASL has very specific rules governing the circumstances in which CEMs are exempt from the consent requirement and also where consent will be implied and navigating the limitations of implied consent can be a minefield!
As a result, IFMs should be cautious in all circumstances where they do not have express consent from a recipient. Implied Consent Consent may be implied if: These factors make the transmission of CEMs based on implied consent inherently riskier than CEMs sent on the basis of express consent. Canada's anti-spam legislation protects consumers online against spam, electronic threats and misuse of digital technology while ensuring businesses remain competitive in a global digital marketplace.
What is Phase 2 of Canada's anti-spam legislation intended to address? Phase 2 of Canada's anti-spam legislation protects Canadians against the installation of unwanted software or software updates on their electronic devices. These provisions on software installation allow Canadians to avoid unwanted and often damaging software and software updates such as malware and spyware.
Why is the Canadian government tackling spam and malware? Unsolicited commercial electronic messages, known as spam, have become a significant social and economic issue and a drain on the business and personal productivity of Canadians. Malware and related electronic threats such as botnets and identity theft have become more sophisticated and widespread, giving rise to concerns over data breaches and impeding the growth and acceptance of legitimate e-commerce.
When does CASL apply to the installation of software or computer programs?
CASL: Why It Matters To Your Company | Dyn Blog
CASL applies when a person installs software on another person's device. One example is when a website automatically installs software on a computer visiting the site without the knowledge of the computer owner. Another example may be when someone clicks on a link in an email message that causes a program to be installed on the computer.
Yet another example is when an update to a previously installed computer program is "pushed" to a device, updating the program automatically. In all of these cases, CASL applies, and the person installing the program, or causing the program to be installed, must first obtain the consent of the device's owner. CASL does not apply in situations where a person or business installs software on their own computers. For example, if you go to an app store to purchase and download an app and you install that app onto your own personal device, CASL does not apply.
Similarly, CASL does not apply when the IT department of a small business installs new software on company computers or mobile phones. If CASL applies, what action must be taken by software vendors and providers? If CASL applies, and a software provider is installing a program on another person's computer, the software provider must first obtain the consent of the owner, or authorized user.
By requiring software providers to get permission to install programs and updates, CASL helps protect consumers and businesses from hackers and other cyber criminals who steal sensitive information by installing "spyware", "malware" or other computer programs.
It also gives them control over their devices, so that programs aren't automatically updated without their knowledge and consent. Are there any other ways that CASL is helping Canadians better control what is happening on their electronic devices?Business Relationship Management – A Strategic Role Unleashed
CASL will enable Canadians to make more informed decisions about what they allow to be installed on their computers, tablets, etc. If a computer program performs one or more of the following functions, then the installer must make that clear when seeking consent: The Government recognizes that companies need to be able to update computer systems in certain instances, such as security patches or bug fixes.
These types of installations are permitted to ensure Canadians' computing devices continue to function properly. For example, CASL would allow a company to push an update to the operating system of a GPS device—for example, to fix a problem that is causing the device to crash every time a user leaves a parking garage—without first asking for the consent of each user.
Similarly, CASL would allow a telecommunications service provider to push a critical security update to computers on a network to protect users from cyberattack. Malware is short for "malicious software" and describes software that is used, predominantly by hackers or cybercriminals, to disrupt the operation of computers, gain access to private computers or computer networks, and gather sensitive information.
Does CASL mean an end to all spam and malware? The law will not eliminate all spam, but it does help deter the most damaging and deceptive actions linked to spam and malware, such as identity theft, phishing and the spread of spyware. Additionally, it allows Canadian enforcement agencies to take action against spammers and cyber criminals operating in Canada, and to work with international partners to fight spammers operating abroad.
- CASL: Why It Matters To Your Company
How is spam and malware reported? Spam and malware related violations can be reported to the enforcement agencies through the Spam Reporting Centre at Fightspam. What happens if a company violates the law?