Legal Compliance

Legal Compliance: CASL and CAN-SPAM Act

CAN – SPAM Act of 2003


CAN-SPAM Act was signed into law by President George W. Bush on December 16, 2003. Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act sets the rules for the regulation of spam emails in the United States.

The CAN-SPAM law covers all commercial messages and does not just apply to emails. It provides customers with the right to request that messages are not delivered to them and outlines the penalties incurred for those who violate the law.

What messages are covered under CAN – SPAM Act?

The law states that “any electronic message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service, ' including email that promotes content on commercial websites.

The law makes no exception for b2b emails. "However, it does exempt transactional and relationship messages.

Why should you care about CAN-SPAM Act?

For every commercial message that violates the CAN-SPAM Act, the Federal Trade Commission (FTC) can fine you anywhere from $16,000 to $40,000. So, if your message is not in compliance with a list of, say 1000 customers, the sum amounts to a hefty penalty.

There are 7 key requirements for senders to achieve CAN-SPAM compliance:

  • Do not use deceptive or false header information
  • Do not use dishonest subject lines
  • Identify the message as an advertisement/promotion
  • Notify recipients of where you are located
  • Inform addressees of how to opt-out of receiving future messages
  • Honor opt-out requests promptly
  • Monitor messages that are sent on your behalf

Push Notifications are different!

Browser push notifications comply with the basic doctrines of the act. It is a strictly permission-based communication channel. Users must first provide their permission to receive browser or website push notifications.

Moreover, opt-out is a dead easy, single click process. Thus, websites leveraging web push notifications need not be concerned about CAN-SPAM Act compliance issues.

Canadian Anti-Spam Legislation (CASL)

Canadian anti-spam legislation (CASL) came into effect on July 1, 2014, to protect Canadian citizens from spam messages and ensure that businesses continue to compete in the global marketplace.

If you use electronic mediums to endorse or market your organization, products/services, Canada's new anti-spam law may affect you.

What is a Commercial Electronic Message (CEM)?

According to the website of Canadian Anti-Spam Legislation- any electronic message that encourages participation in a commercial activity, regardless of whether there is an expectation of profit.

Types of CEMs

Any means of digital or electronic communication, including, SMS, Social Networking Channels, Websites, Mobile Applications, blogs and other internet and wireless telecommunication.

Core Rules

This law can affect anyone. Here are the few core rules, set by the CASL for businesses that aims to promote and communicate with their customers through electronic or digital mediums

As per the law, consent is compulsory before sending a CEM. Remember, a message sent to obtain customer consent to deliver a message for commercial purposes is also considered as CEM.

Express or Implied Consent

  • Express consent means the customer has actively given you permission to send a CEM.
  • Implied consent you have customer’s permission to send a CEM based on prior relationships.

For express consent, you must:

  • Clearly, mention the purpose of requesting permission
  • Provide the name of the person seeking consent and identify on whose behalf permission is sought
  • Indicate that the recipient of CEM can unsubscribe whenever they want