Transcript RBC Insurance Anti-Spam Presentation

Canada’s Anti Spam Law (CASL)
March 2014
Jason Beauchamp
RBC Insurance
22
Additional Notes
•
Following our March, 2014 meetings, the following clarifications of the
rules became available and were provided by RBC:
•
Express Consent: Express consent means that the recipient has received
clear notice including a description of the purpose for the
consent and prescribed information about the requestor. Express consent
must be obtained from non-clients prior to sending a CEM.
•
Third Party Referrals Exemption: The first CEM that is sent by a person
for the purpose of contacting the individual following a referral where the
individual making the referral has a relationship with both the sender and
the target of the referral and the message discloses the name the referrer
and states that the message is sent as a result of the referral.
33
Canada’s Anti Spam Law (CASL) Timeline
2009
May, 2010
Dec 15, 2010
Summer, 2011
Bill C-27 - Electronic Commerce Protection Act (ECPA)
Bill C-28 - Fighting Internet and Wireless Spam Act (FISA)
Bill C-28 - Canada’s Anti Spam Legislation (CASL) Finalized
Publication of CRTC Draft Regulations and Industry Canada
Draft Regulations
March 28, 2012 CRTC Final Regulations Published
Oct 10, 2012 CRTC Guidelines Published
Jan 5, 2013
Industry Canada Draft Regulations Published
Dec 4, 2013
Industry Canada Final Regulations Published
July 1, 2014
In force date for most sections of CASL, including CEMs
Jan 15, 2015 In force date for s. 8 – Installation of Computer Programs
July 1, 2017
In force date for Private Right of Action
44
Commercial Electronic Messages (CEM)
Electronic communication sent to an electronic address
• email, text, SMS, instant messages, messages sent to
an electronic address associated with a social media
site, etc.
Applies to:
- Personal and business/work electronic addresses
- Messages sent to clients and prospects
- Business to Business (subject to exemption in IC
Regulations)
- Employer to Employee (exemption has been requested)
55
Definitions
“…a commercial electronic message is an electronic message that,
having regard to the content of the message, the hyperlinks in the message
to content on a website or other database, or the contact information
contained in the message, it would be reasonable to conclude has as its
purpose, or one of its purposes, to encourage participation in a
commercial activity, including an electronic message that
(a) offers to purchase, sell, barter or lease a product, goods, a service, land
or an interest or right in land;
(b) offers to provide a business, investment or gaming opportunity;
(c) advertises or promotes anything referred to in paragraph (a) or (b); or
(d) promotes a person, including the public image of a person, as being a
person who does anything referred to in any of paragraphs (a) to (c), or
who intends to do so.”
66
Definitions
“commercial activity” means any particular transaction, act or
conduct or any regular course of conduct that is of a commercial
character, whether or not the person who carries it out does so in the
expectation of profit …
“electronic address” means an address used in connection with the
transmission of an electronic message to
(a) an electronic mail account;
(b) an instant messaging account;
(c) a telephone account; or
(d) any similar account.
“electronic message” means a message sent by any means of
telecommunication, including a text, sound, voice or image message.
77
Commercial Electronic Message (CEM)
Consent Requirements
• Need express or implied consent from the recipient
before sending a commercial electronic message
• Express consent may be oral, written or electronic
88
Commercial Electronic Message (CEM)
Form Requirements
Identify sender / person on whose behalf message is sent
•
Sender name and the name under which it carries on business (if
different)
Contact information for sender / person on whose behalf message
is sent
•
Sender mailing address, and either a telephone number, email or web
address
Unsubscribe mechanism
•
Must allow recipient to indicate the wish to no longer receive any CEMs,
or any class of such messages, from the sender
99
Commercial Electronic Message (CEM)
Unsubscribe Mechanism
–
–
–
–
–
Must be able to be "readily performed”
Allow recipient to opt-out of any commercial electronic
messages from the legal entity or any specified class of such
messages
Without cost to the recipient
Sent by the recipient using the same electronic means by which
the message was sent, or if not practicable, another electronic
method (i.e. electronic address, or link to a page on the World
Wide Web that can be accessed through a web browser)
Must remain active for 60 days after the message is sent
Must be respected within 10 business days
1010
Extraterritorial Reach of CASL
Applies to:
Commercial Electronic Messages from a sender located in Canada
to a recipient located in Canada
Commercial Electronic Messages from a sender located in
Canada to a recipient in another country
Commercial Electronic Messages from a sender located in
another country to a recipient in Canada
Does not apply to messages merely routed through Canada (as per
Industry Canada Regulations Regulatory Impact Analysis)
1111
Commercial Electronic Message (CEM) –
Implied Consent
Existing Business Relationship between sender and recipient
• Purchase or lease of a product, goods, service within 2 years
immediately preceding sending of message
• Acceptance of a business or investment opportunity within
previous 2 years
• Written contract in existence or expired within previous 2 years
Publication or Disclosure of Electronic Address
• The electronic address has been conspicuously published or
disclosed, without a statement that the person does not wish to
receive unsolicited commercial electronic messages, and
• The message is relevant to the recipient’s business, role,
functions or duties in a business or official capacity.
1212
Commercial Electronic Messages (CEM)
that are Exempt
Personal Relationship
-Messages sent by or on behalf of one individual to another individual
with whom they have a “personal relationship”, defined as
“the relationship between an individual who sends a message and the
individual to whom the message is sent, if those individuals have had
direct, voluntary, two-way communications and it would be reasonable
to conclude that they have a personal relationship, taking into
consideration any relevant factors such as the sharing of interests,
experiences, opinions and information evidenced in the
communications, the frequency of communication, the length of time
since the parties communicated or whether the parties have met in
person.”
1313
Commercial Electronic Messages (CEM)
that are Exempt
Family Relationship
-Messages sent by or on behalf of one individual to
another individual with whom they have a "family
relationship“ defined as
“the relationship between an individual who sends a
message and the individual to whom the message is sent if
those individuals are related to one another through a
marriage, common-law partnership or any legal parentchild relationship and those individuals have had direct,
voluntary, two-way communication”
1414
Commercial Electronic Messages (CEM)
that are Exempt
Submitting an Inquiry or Application
-Messages sent to a person who is engaged in a
commercial activity and consists solely of an inquiry or
application
Responding to an Inquiry or Application
-Messages that are solicited by the recipient or sent in
response to complaints, inquiries, and requests
1515
Commercial Electronic Messages (CEM) Exemptions from Consent
Business to Business Communications
Sent by one employee to another in the same organization; or sent
between organizations that already have a relationship, where the
message concerns the activities of the organization to which the
message is sent.
Messages sent to satisfy a legal obligation or enforce
a legal right
Industry stakeholders raised concerns that the Act captures nontransactional business communications that are required by law or that
are sent to enforce a legal right. For instance, in some circumstances,
businesses are required to send messages that may be seen as
commercial electronic messages, such as electronic bank statements.
1616
Commercial Electronic Messages (CEM)
that are Exempt
Platform Exemption
Closed Messaging Systems
Messages sent to recipients in Listed Foreign States
Charities
Political Parties
Third Party Referrals
1717
Penalties
Violation
Penalty/Fine
Private Right of
Action
In force July 1, 2017
Sending unsolicited
commercial electronic
messages to an
electronic address
Maximum per breach:
$1,000,000 for individuals
$10,000,000 for
corporations
$200 per day per breach,
to a maximum of
$1,000,000 per day
Altering transmission
data without express
consent
Maximum per breach:
$1,000,000 for individuals
$10,000,000 for
corporations
up to $1,000,000 per day
Installing computer
programs without
express consent
Maximum per breach:
$1,000,000 for individuals
$10,000,000 for
corporations
up to $1,000,000 per day
1818
Penalties
• An officer, director, agent or mandatory of a
corporation that commits a violation is liable for the
violation if they directed, authorized, assented to,
acquiesced in or participated in the commission of the
violation, whether or not the corporation is proceeded
against
• Violations may be publicized
• Proceeding must be commenced by CRTC within three
years of CRTC becoming aware of violation
1919
Defences
Due Diligence Defence
• A person will not be found liable by CRTC if they exercised
due diligence to prevent the commission of the offence
Undertakings
• Avoid a Notice of Violation and Private Right of Action if
sender voluntarily reports contraventions to the CRTC
• Undertaking may be publicized
2020
Next Steps – Things you should consider
Commercial Electronic Messages
• Identify electronic communications sent to clients, prospects
and employees
• Determine consent status for each type of electronic
communication
• Build databases to record consent / unsubscribe requests
• Create compliant unsubscribe mechanism and templates for
electronic communication
2121
Next Steps – Things you should consider
• Consider obtaining express consent from prospects and even
existing clients.
• Review and Update Referral Process
• Review practices for obtaining email marketing lists
• For more detail about how CASL may
affect Advisors, we encourage you to
contact your respective associations such
as Advocis and/or IFB.
2222