On July 1, 2014, Bill C-28 – Canada’s Anti-Spam Legislation will come into effect and if you are sending Commercial Electronic Messages (CEMs) as part of your marketing or professional development programs you need to prepare for compliance. Are you ready? If you’re not quite there yet, or haven’t started at all, don’t feel so bad. There are many firms out there whose lawyers have been writing client alerts and blog pieces literally for years about the impending Bill, and what it means to be compliant, whose marketing departments are scrambling to ensure that they are in fact compliant themselves!
You see there’s a difference between understanding the legal technicalities of the Bill, and what it means on paper to be in compliance, and the real world implementation of the necessary steps as it relates to your relationship management, business development, marketing and professional development activities. It doesn’t help that it’s not just those firms that have large marketing teams with active e-marketing strategies that are affected, even smaller firms that may only use spreadsheets of client and prospect names and send them event invitations still need to be in compliance.And even the lawyers aren’t totally sure which way the CRTC will rule in case of a complaint. I recently spoke with Eloise Gratton, Co-Chair of the Privacy Practice at McMillan, and an expert in CASL, about the practicalities of implementing CASL on a daily basis. When I asked Eloise specifically about the Implied Consent provision in relation to B2B marketing, a provision that many will look to rely upon during the transition period, she answered as follows:
”It’s very grey so I think it’s kind of on a case by case basis. We still don’t have guidance (from the CRTC) on how they’re going to interpret this wording so it’s grey. Again if you’re a law firm you’re going to have to be a little more careful than if you’re a new online marketing business.“
And on a practical level Eloise pointed out one of the fundamental contact related tasks that a law firm will need to complete in order to ensure compliance.
“From July 2014 it’s going to be very important to say that’s a current client and that’s someone who hired us two years ago so we were entitled to use the three year period to contact them using the implied consent. All of the dates of your mandates, of your hiring, and contact are going to have to be entered into the database, so that’s going to change how people market.”
So what do you need to worry about leading up to July 1st, over the three year transition period, and on an on-going basis in relation to the three main compliance areas of Consent, Identification and Unsubscribe?A lot of things, but a few key practical points that need to be addressed include the following:
- How will you decide if you will contact someone once CASL comes into effect? What is your risk tolerance in this regard?
- How will you collect the information needed to ensure compliance (e.g. Contacts with Express or Implied Consent)?
- How will you store the data, and documentation, needed to prove compliance in case of an audit situation?
- Have you amended all materials used in relation to the contacting of clients and prospects to ensure compliance such as Clients Newsletters, Event or Seminar Registration forms, and even electronic holiday cards?
- Have you made allowances for jurisdictional issues related to your digital strategy?
- Have you a plan in place to convert those with Implied Consent to Express Consent within the transition period allowed?
If you have addressed each of these issues then you’re good and ready for CASL. If not, that’s ok – you’ve still got 50 days left to go.
If you have any thoughts about CASL, including how your firm is working to be compliant share them in the comments below or if you have any questions drop me an e-mail to firstname.lastname@example.org.