People are still confused about CASL. For starters, it’s pronounced like “castle,” but there’s nothing medieval about this law governing electronic communication. You need to know the details and take action if you’re in IT, membership, or marketing at an association with membership open to Canadians. I’ll walk you through what CASL is, how you can comply, and why it’s an opportunity and not a threat for marketing.
What is CASL?
Canada’s Anti-Spam Legislation (CASL) was passed by parliament in December 2010 and entered initially into force on July 1, 2014. On July 1, 2017, the provisions of the law allowing individuals to sue senders of unsolicited electronic communication enter into force. Fines can rise as high as $10 million for organizations. That news means now is a great time to evaluate your own compliance!
CASL is much more strict than the United States’ CAN-SPAM Act and fundamentally hinges on the idea of consent. In the United States, you can legally email someone until they ask you to stop (“unsubscribe”). Under Canada’s new law, generally you cannot email someone until they ask you to start emailing them (“double opt-in”). Using bots to “scrape” the web for email addresses, buying email lists, and surreptitiously subscribing people after a download on your website are all examples of tactics now illegal in Canada.
You need consent to email someone and Canada makes a distinction between implied consent and expressed consent. Generally, implied consent means the recipient is a current paying customer of your organization. Express consent means the recipient has confirmed they want to receive email from you. Businesses are required to maintain information on how and when recipients expressed consent and the consumer needs to be clearly told they are signing up to receive email. Those requirements mean CASL compliance most often happens through “double-opt-in”—however you get an email address, immediately send an email redirecting the new contact to your CASL compliance page and ask her to give express consent. Then record that in your database.
For all the details, here’s three great resources on what CASL will cover out of your membership and marketing activities in Canada.
- The Government of Canada has an official website to inform the public about CASL.
- MailChimp has a helpful step-by-step list of tips to understand what electronic messages you send are covered by CASL.
- RealMagnet has a video that gives you all the details to compliance questions.
How to Comply
If you’re sending emails through a marketing automation platform, you need to configure it to comply with Canadian law. You could do that in two ways:
- Universal double-opt-in: Every new contact on your website receives an email asking them to give expressed consent and they don’t receive any further email until they complete that expressed consent form. Standard email platforms such as MailChimp, Hubspot, and others include an ability to automatically configure this in your settings.
- Canada-specific double-opt-in: Program your marketing automation to recognize Canadian contacts and send an email asking them to give expressed consent—they don’t receive any further email until they complete that expressed consent form.
Common objections to double-opt-in we hear fall into two categories: “We’ll not get as many new email addresses if people have to confirm” and “We’ll lose some current leads in our pipeline if we ask current contacts to reconfirm expressed consent!” Actually, we heard those concerns inside our own marketing team. How did Aptify storm the CASL?
How Aptify Became CASL-Compliant
We chose to begin by instituting double-opt-in for Canadians only. That would make us CASL-compliant and also give us the ability to evaluate double-opt-in’s impact on our marketing performance. Canada-specific meant more programming, but we could also target our consent message.
We built a CASL compliance page that is legally correct and aesthetically pleasing. Our landing page is quick and to the point. Recipients understand our ask, can cleanly check the box, and submit the consent. Our text focuses on combating the “buyers remorse” psychology by encouraging recipients our emails will be helpful. That’s reinforced again with social proof from a Canadian customer.
Even though CASL is a law, it isn’t depressing, eh? So we wrote both landing page and associated emails in a fun way. Rather than bureaucratic drudgery, we wanted to communicate the value of our communication and good corporate citizenship. (Membership software consultant Wes Trochlil recently reminded us constituents “get it”—so don’t act like it’s a pain.)
Once our CASL compliance content was ready, we needed to identify all our Canadian contacts and future Canadian contacts. I created a dynamic list that pulled in all company and contact records that:
- Country = Canada or CA
- IP address country = Canada
- IP address country code = CA
- Website URL contains “.ca”
- Email domain contains “.ca”
- Company name contains Canada
I decided, out of an abundance of caution, to include any contact employed by a company that met the criteria above as well.
Every new contact is screened automatically inside our marketing automation and, if Canadian, receives emails one hour and 24 hours later, directing them to our CASL page to give express consent they’d like to receive email from us.
We have a contact property on each individual record for CASL express consent with Yes / No value options. Every contact begins with that property as blank and if she expressed consent on our CASL page, her record is marked “Yes” and a workflow timestamps another contact property we use to record the time of expressed consent. If she selects “No” on our CASL page, we immediately write that to the contact property. If there’s no response to either of our emails within 48 hours of the contact giving us their email address, our CASL workflow automatically marks her express consent property to “No.” Any contact with a “No” on CASL expressed consent is automatically added to our master global suppression list and won’t receive further email from Aptify. (Unless she submits her email address again on our website in the future and is redirected back to that CASL page to give express consent.)
With new incoming email addresses addressed, we turned toward our existing Canadian contacts. Since employees of current, paid clients met the definitions for implied consent, we only included contacts without an existing business relationship with Aptify. We ran that list through our CASL workflows described above.
First off, we’re good corporate citizens following the law.
In terms of effect on new contacts to communicate with, our CASL LP has a 33% expressed consent rate since launch. While that means we’re “losing” contacts to future marketing, those are people who likely had little to no further interest in our product anyway. CASL expressed consent has become just another way we can quantify new leads’ actual level of interest in our product. CASL had a similar effect on our existing pipeline: we “lost” half-a-dozen “leads,” but those were people who did not want to talk to us anyway. Rather than hurt our marketing, CASL has shown us who to focus our marketing efforts upon.
That’s the basic conclusion I’d draw and use to respond to objections for adopting CASL compliance. CASL is not a bunch of ridiculous hoops intended to crush your association marketing—it’s protecting consumers but also helping you to apply best practice marketing principles. If you do inbound marketing, the people you want to market to are those who really want to hear from you anyway, right? Ultimately, that’s the type of marketing that will successfully get Canadians to buy your products or join your association.
Disclaimer: This article is not legal advice and Tony is not a lawyer. But if you’d like him to play one on TV, message him on LinkedIn, eh?His Canadian relatives also approved his ability to say “eh.”