Important Points To Note About Canada’s New Anti-Spam Legislation (CASL)

If you’re a marketer and you live in Canada, you’ve probably heard of ‘CASL’ by now. But if not, I’ll go over the main points for you so you know how it affects your business, and what you need to keep in mind especially if you are a small business owner or a freelancer that e-mails prospective client’s regularly.

As of July 1, 2014 Canada’s Anti Spam Legislation (CASL) will start to go into effect. The legislation is regulated and enforced primarily by the CRTC. It has been a long time in the making, since 2010, but most of the information and regulations came out at the end of 2013. CASL does not just apply to e-mail spam, it is much broader than that. And there are many parts to it that affect all startups and small businesses. Not only businesses are effected, it has the potential to impact any individual that sends electronic messages from a computer within Canada and also messages received within Canada.

I came across a fantastic video from the Greater Kitchener Waterloo Chamber Of Commerce presented by Jennifer Babe, a partner at Miller Thompson’s Toronto office, going through the legislation points in a very detailed way. Watch the video.


  • CASL applies to all Commercial Electronic Messages (they call them CEM’s for short). These are electronic messages sent to an electronic address. But don’t think these messages are just e-mails… CEM’s are technology neutral. They are messages that can be sent through any sort of medium or technology… tweets, social media platforms, instant messages on chat programs, etc.
  • “Commercial” refers to anything “encouraging” participation in commercial activity. Promotions, offers, etc. But it also doesn’t require there to be profit making involved, so non-profits and volunteer organizations aren’t exempt from this.
  • You can only send CEMs when you have the recipient’s express or implied consent.
  • CEM’s sent to people you know you have a “personal” or “family” relationship are exempt from the rules under CASL.
  • If you have a client that owes you money (ie. hasn’t paid their invoice), you can e-mail them about that. The client isn’t able to hide behind CASL and say they want to unsubscribe from emails from you asking for your payment that they owe you.
  • Two-way communications are EXEMPT from CASL. This includes picking up the phone and cold calling a prospective client, or calling them over Skype. Note: The ‘Do Not Call List’ still applies though, so keep that in mind.
  • Sending a quote or estimate for your services, if the recipient requested it, is exempt from CASL.


  • Express consent needs to be sought “clearly and simply”. The CRTC requires a positive or explicit indication of consent. The onus is on sender to prove consent.
  • Having a checkbox appear on a sign up form that has ‘you agree to be marketed to’ beside an already pre-checked checkbox is not permitted… the checkbox needs to be unchecked so that the user is clicking it themselves.
  • Example of a wording checkbox in a sign up form: “I agree to receive Company Inc’s newsletter containing news, updates and promotions regarding Company Inc’s products. You can withdraw your consent at any time. Please refer to our privacy policy or contact us for details”
  • Having a message in small fine print that they agree to something isn’t good enough for express consent.
  • Opt-out consent is not allowed under CASL, you can’t auto opt users into things and put the onus on the user to opt-out themselves.


  • If you are looking to contact prospective clients (ie. e-mail a local business that might be interested in your services), you can e-mail them as long as their e-mail address was “conspicuously published”. In other words, if they post their e-mail address on their company website and don’t say on that contact page that they don’t want unsolicited emails, then you can email them about your services as long as it’s relevant to their business.
  • If the recipient disclosed to you their email (ie. they are giving out their email address publicly on their business card you got at a networking even) and the message you’re sending them is relevant to their business/role/duties, then you can e-mail them a CEM.
  • If there is an “existing business relationship” or “existing non-business relationship”, but this rule is time limited. Up to 2 years. So if you sold them a product 5 years ago and now want to start e-mailing them, it’s too late. It’s only for people you’re actively in a business relationship with.


  • Identifying info for the sender or person on whose behalf the message is sent
  • A means to contact the sender (and this contact info must be active for at least 60 days)
  • A way to unsubscribe or opt-out from receiving messages


  • When someone unsubscribes they need to be removed within 10 days


  • Individuals – $1 MILLION/violation
  • Corporations – $10 MILLION/violation
  • Yes, those are very scary numbers!

  Learn more at