The Complete Guide to Email Disclaimer Laws in Canada

Canada’s Anti-Spam Law

Canada’s Anti-Spam Law (CASL) came into effect on July 1, 2014. It requires businesses to obtain either express „opt-in“ or implied consent to send commercial electronic messages (CEMs) to any recipient. This can be anything from email to SMS and social media messages.

In addition, all electronic marketing messages need to clearly identify the sender, include the sender’s contact information, and provide an unsubscribe mechanism unless fully exempted from the Act. As a result, this legislation is far broader than others such as CAN-SPAM, which are just targeted at emails.

In addition, all electronic marketing messages need to:

• Clearly identify the sender

• Include the sender’s contact information

• Provide an unsubscribe mechanism unless fully exempted from the Act (usually through an email disclaimer)

Why is this important?

Canada’s Anti-Spam Law is designed with consumers in mind, giving them complete control over their email messages. It allows anyone to stop any email marketing communications they have not explicitly opted into receiving.

Organizations must amend their electronic marketing databases and update their customer relationship management (CRM) databases to comply with CASL’s stricter model.

Implied consent only applies under very limited circumstances such as:

• Information or a quote requested explicitly by a customer

• Part of an existing commercial transaction, i.e., warranties, safety information, or other factual information about memberships, loans, accounts, etc.

• Employment information or benefit plans

What happens if an organization ignores CASL?

Three Canadian government agencies are responsible for this law. If you breach its regulations, you can receive a fine of up to $10 million and face criminal charges. These fines are imposed per violation daily.

What steps should be taken to comply with CASL?

Some recommended steps to take are:

• Reviewing current databases and ascertain how you got your existing contacts

• Finding out if email lists use implied or express consent

• Creating or updating forms to clearly document when someone has given express permission

• Discovering how and why you send commercial electronic messages (CEMs)

• Recording all consents and refusals to receive CEMs

• Making sure your whole organization is aware of the implications of not following this

• Archiving all CEMS sent to prove that they are CASL-compliant

• Providing an easy-to-find unsubscribe mechanism via an email disclaimer

The need for an email disclaimer

CASL mandates that ALL companies obtain consent before emailing any recipient. However, the larger your organization is, the harder it is to enforce a CASL email policy for all messages.

It is the responsibility of all organizations to ensure that each employee has a compliant email disclaimer added to their signature. You must also ensure that a Canadian email disclaimer contains appropriate opt-out hyperlinks for unsubscribing. The best way to do this is via central email signature management.

The sender must provide the following in all emails:

• Their name

• Company name

• Mailing address

• Phone number

• An online address like an email or website

An unsubscribe mechanism built into the email disclaimer (requests must be actioned within ten days)

The unsubscribe link needs to be included with a compliant email disclaimer. This is so the recipient can let you know if they no longer wish to hear from you. The best way to do this is via centralized email signature management.

Companies can use a third-party solution to ensure a compliant email disclaimer is included in all corporate mail.

Here are some Canadian email disclaimer examples you can use in your company:

• You have received this email because you have subscribed to marketing communications from [YOUR COMPANY]. If you no longer wish to hear from us, you can unsubscribe from our mailing list by clicking here. Alternatively, reply to this message with Unsubscribe in the subject line.

• You have received this message as your email address is on our subscriber list. If you are no longer interested in receiving emails from us, click here to unsubscribe.

• Thank you for subscribing to receive email communications from [your company]. However, if you no longer want to receive emails from us, click here to unsubscribe.

Further information

Canadian Anti-Spam Legislation (full text)

About Canada’s Anti-Spam Legislation

Managing the message: Canada’s new anti-spam law sets a high bar

Canadian Privacy Act

Applicable to anyone storing personal data, the Canadian Privacy Act was established to protect personal information collected by the Canadian government. It gives individuals the right to access information about themselves. It also governs how private sector organizations collect, use, and disclose personal details during commercial business.

An email disclaimer helps ensure recipients are clear about how their personal data is collected and decreases liability if private information is made public.

Further information

Privacy Legislation in Canada

Privacy Act – Government of Canada

PIPEDA (Personal Information Protection and Electronic Documents Act)

The Personal Information Protection and Electronic Documents Act is a Canadian law designed to ensure that personal information collected by businesses is kept securely. It also ensures that this data will only ever be collected, used, and given out under a strict set of circumstances. An email disclaimer helps highlight that your organization conforms to the highest data privacy and security standards.

In addition, the Act contains various provisions to facilitate the use of electronic documents. PIPEDA incorporates and makes mandatory provisions of the Canadian Standards Association’s Model Code for the Protection of Personal Information, developed in 1995.

Further information

Personal Information Protection and Electronic Documents Act – Government of Canada