Final regulations made by the CRTC under Canada’s Anti-Spam Law (CASL) include a number of revisions that respond to concerns raised by Canadian businesses; but while some additional flexibility has been provided, the Commission appears to have left a number of other concerns unanswered.
On 7 March 2012, the CRTC registered its Electronic Commerce Protection Regulations (CRTC), a final version of draft regulations that were originally proposed in June 2011. Those regulations, and the related Electronic Commerce Protection Regulations that were proposed by Industry Canada, attracted significant criticism from the business community, which expressed concern that the regulations omitted some important clarifications of the requirements of the law, failed to provide exemptions for certain business and behaviours that should not be caught by the legislation and imposed unworkable and unnecessary requirements that may have had a disproportionate impact on technologies such as text messaging.
Those hoping for significant additions to the CRTC Regulations will be disappointed, as the revised Regulations remain in the same form, and appear intended to accomplish the same end, as the earlier version: namely clarifying the sender identity and contact information that must be included in commercial electronic messages and requests for consent to send such messages. However, to be fair to the CRTC, this narrow focus is consistent with the scope of the regulation-making power provided to the Commission under CASL.
The final Regulations include the following changes from those originally proposed:
- Clarification that persons sending a message, or persons on whose behalf a message is sent, must identify themselves by the name by which they carry on business.
- Greater choice with respect to the contact information to be provided. Senders, and those seeking consent to send messages, may now provide either a telephone number providing access to an agent or a voice messaging system, an email address or a web address. The original proposal seemed to require the provision of all of these, as well as a physical address.
- Revised requirements that web-based information be “readily accessible” and that the required unsubscribe mechanism must “be able to be readily performed.” The original proposed Regulations specified these requirements with reference to a maximum number of “clicks.”
- The revised Regulations now indicate that consent for the receipt of a commercial electronic message may be obtained orally, as well as in writing, as the original proposed regulations provided; however, the Regulations do not provide certainty as to whether electronic forms of consent will be considered to be “in writing,” which was the chief concern of many stakeholders with this requirement. See our earlier post for a discussion of this issue.
- The Regulations still require that when seeking consent, requestors must include a statement indicating that consent can be withdrawn, but no longer requires the requestor to specify through which avenues such a withdrawal of consent could be made.
The publishing of the CRTC Regulations puts the country one step closer to CASL being proclaimed in force. The other shoes to drop include finalization of the Industry Canada Regulations (a revised version of which is expected to be published in the near future) and the selection of a vendor to run the Spam Reporting Centre contemplated by the Act.