Is Canada’s Anti-Spam Law a joke?

spam spam

Yes. Yes it is.

Let me explain.

Is spam a problem? Well, I’ll get to that in a minute. But the government certainly thinks so, as back in December of 2010 it passed what has been come to called the CASL, or Canada’s Anti-Spam Law. The full title of the law is really quite something, and I think it even needs its own blockquote:

An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act

Whew, that’s a mouthful. We’ll just call it the CASL. The CASL, in its original form, was perhaps the harshest anti-spam law anywhere. As I’ve never written about this before, here’s a quick rundown of some of the highlights of what it does:

  1. You need to have “prior consent” to send someone a Commercial Electronic Message (“CEM”). These CEMs include not just emails, but text messages, Facebook messages, and the like. A CEM is a message that offers “commercial activity”, and that commercial activity doesn’t even have to have profit as its goal.
  2. Your CEM must include all sorts of information about the sender, and have an opt-out option.
  3. Organizations can be fined up to $10 million per violation, and individuals up to $1 million. Yikes!

Those are the basics of what it does. The law is also about preventing people from installing nefarious computer programs on people’s computers (i.e. malware or spyware), but let’s just ignore that for now. The key to those points above is the “prior consent” business. Basically, you need to have asked for permission to send someone a CEM, though there are ways that the consent can be implied. Compare this prior consent requirement to the American CAN-SPAM Act, which only requires some opt-out mechanism.

So the law received royal assent back in 2010, but it is still not in force. The law was held back while Industry Canada and the CRTC published regulations to clarify the stuff in the CASL. Industry Canada published some regulations first, and asked for comments. Then the CRTC published theirs. Then, earlier this month, Industry Canada presented their revised regulations based on those first comments. Ahh, lawmaking. Takes a while.

Reaction to the newest regulations has been mixed. Michael Geist wrote earlier this week that the new regulations water down the CASL by providing too many exceptions from the express consent requirement. He’s right. Barry Sookman has been looking at the regulations in a series of posts this week, and his position is that the new exceptions in the regulations were needed. He claims that the CASL’s “ban all” approach was limiting commercial speech. He’s right too.

Me? I don’t give a crap. Why? Because the CASL, the entire concept of it, is a joke. Now, finally, I will explain.

What do you think of when you think of spam? You think of emails with the subtle subject lines like “ENLARGE YOUR PENIS NOW” or “CANADIAN DRUGS!!” or “MEET HOT SEXY LOCAL WOMEN TONIGHT!!!” You think of spam as the type of email I screencapped for you at the top of this post. I guarantee you that every single Canadian thinks of these types of emails as spam. That’s the spam that’s taking over the internet. That’s the spam that various estimates put at 70-90% of all email sent.

And the CASL will do absolutely nothing about that type of spam. That’s the joke.

The spam you and I think of as spam most likely did not come from Canada. It came from India, or Russia, or China, or the USA. Even the “CANADIAN DRUGS” one came from somewhere besides Canada. Now, technically, the CASL has some of what we in the law biz call “extra-territorial effects,” meaning that the law should technically apply to people outside of Canada who send spam to Canadians. The CASL says that as long as a Canadian computer is used to “access” the CEM, that’s enough for the CASL to apply. Here’s what the CRTC’s chief compliance and enforcement officer Andrea Rosen said about that:

“If the spammer is offshore, we have the ability under the law to co-operate with foreign governments, to share information and to bring proceedings together against individuals that are offshore”

“Cooperating” and “sharing information” are totally useless and will do nothing about that bank of computers in a warehouse in Vladivostok sending spam. As for the ability “to bring proceedings” to people not in Canada, good fucking luck with that. First, you have to find them. Sure, because spammers on the internet make it easy for you to find them. Then, you have to serve them. Then, you have to get them to a Canadian court. Even if you manage to get a judgment against them, or impose some sort of fine, good luck trying to get that enforced. National laws that have international effects are almost always impossible to enforce. To truly tackle an international legal problem, you need an international law or treaty.

Also, here’s another issue I have with the government’s approach to spam. When was the last time you actually got spam (well, the spam you and I are talking about) in your inbox? Me? I can’t even think of how long it’s been. And I don’t even do anything special. I have at least 5 different email accounts running from 5 different services or hosts. Gmail does an amazing job filtering out all spam. All of my hosting companies do a decent job blocking spam at the server level. Even if something slips through the server, even stupid old Outlook 2007 manages to block what’s left, diverting it to a Junk folder. Technology has, for the most part, triumphed over spam, better than any law ever could.

So here we have a government wasting years of time and effort to tackle a problem that 1. barely exists any more thanks to technology and 2. will do nothing to stem the tide of Lose Weight Now! emails that you ignore (or never see) anyway.

The only people or organizations who will work hard to comply with the CASL are legitimate marketing and PR companies like Elite Lawyer Management for example. That might even be the best example, they work with the law, they’d know how to comply with it the most. Big companies as well would know how to work wihtin the law. Sure, the Bells and Krafts of this country have the resources to ensure maximum compliance. But that small start-up company that could be the next Facebook which uses email as their only marketing tool? They’re screwed. And that’s messed up. The stated purpose of the CASL is to “promote the efficiency and adaptability of the Canadian economy”. It will have the opposite effect on that start-up. The real spammers, the guys running bots and banks of computers from their basements, have no interest in complying. Sure, put a law on the books that targets these guys with large penalties. But the onerous nature of the CASL on legitimate businesses is a joke.

And here’s the thing about legitimate Canadian businesses who send CEMs – virtually all of them already have some opt-out mechanism. I’ve used them, and they work just fine thankyouverymuch. It’s good business practice to do so. Legitimate businesses don’t want to piss of their customers or potential customers by spamming them. Legitimate businesses aren’t the ones sending the spam that’s the problem (such as it is), but they’re the ones who will bear the burden of the CASL. That’s a joke.

Lawyers and government regulators are spending weeks and months and now years (mmm, billable hours) debating the intricacies and minutiae of the CASL and the regulations, and advising their clients on how to comply (when the time comes). I am doing it too. But we shouldn’t have to be. True spam can only be stopped by technology, and some international cooperative effort that includes the governments of all the countries who are most responsible. In all our discussion about the details, no one has really asked if the CASL is even a good idea or a joke. I guess until now.

Speaking of jokes, we end with a word from our sponsor:

20 Comments

steve

We need to take a spam filter to our laws. If it does not hurt someone, it should be legal. Email spam would fit this description.

Reply
Litigation Lawyer

As part of its draft regulations, the CRTC proposed for public comment that consent cannot be requested orally but must done ‘in writing’. The CRTC is currently examining this proposed requirement in light of the comments received prior to finalizing the regulations. Regardless of the outcome, the legislation stipulates that the person who alleges that they have the necessary consent has the onus of proving such consent.

Reply
daveon

Governments are a joke. They think that writing a law will solve problems. How can these brain dead morons think of all the consequences with their peon sized brains?

Reply
Roger

If I am an American company sending US citizens CEMs, but my data center is in Canada, and mesages route through Canada, am I subject to CASL?

Reply
allen

Roger that’s a good question, but I would have to say no. The law applies to Canadians receiving emails in Canada. So as your recipients are not people in Canada, even though the emails come through here, I don’t think it applies.

I feel I must add a CYI disclaimer that this is not official legal advice :)

Reply
RYAN

I don,t like when my email get full of ‘spams’. It is extremely difficult to find how to unsubscribe to unwanted emails. Why isn’t this easiier for consumers?

Reply
Stephen

As a Canadian small business owner who just got learned about this upcoming law, I can say that I am very worried about it to say the least. CEM’s are my main marketing tool, which have brought me good success and growth. This law, if they are going to actively enforce it, may very well ruin my legitimate and honest business.

Reply
Taylor

I am one of those legitimate businesspeople who will be affected by CASL. I am also formerly a network engineer, and understand the nature of spam.

There are, as I have found over the years using e-mail as a marketing tool, two types of spam. I call them “good spam” and “bad spam”. I have never engaged in “bad spam” which is of the penis enlargement type as you describe. “Good spam” I describe as a legitimate business with legitimate contact information selling a legitimate service, providing legitimate contact information of the sender.

There are what I call “anti-spam zealots” who I have encountered over the years. These people are absolutely insane. Prior to CASL, there was no legal recourse for sending UCBE. These people would threaten to sue you, would go to the extent of contacting your internet service provider to report you for abuse, try to publish your name even try to turn the tables and flood your inbox with bogus messages in an attempt to stop you from receiving any legitimate response to your e-mail.

In short they are insane because it takes a tenth of a second to press the delete key on your keyboard, and instead they spend hours or days threatening you and trying to subvert you because you sent them a single e-mail message.

Those are the people that CASL appeases. The whole “if I didn’t ask you to send me something then you should not send me anything” types. These people, ironically, seem to have absolutely no problem with marketers chopping down trees to fill their mailbox with junk mail that they are only going to place in the recycle bin, which takes much longer than pressing the delete key on their keyboard.

In effect, CASL has only one impact- more trees will get chopped down and Canada Post’s commercial bulk mail service will go into overdrive as marketers seek to avoid potential problems and fines under CASL.

Prior to the “anti-spam” zealot, these people had another cause to champion: unsolicited commercial bulk faxing. I used to do that too. I actually had one guy who came into the office on Saturday to read his faxes call me and spend an hour on the phone berating me for sending him a single fax offering my services. He cited that it was his paper I was using and how it was unscrupulous of me to market to him using his own paper. He was such a jerk that I told him fine, I’d send him a cheque for the paper. I sent him a cheque for one cent. The guy actually cleared the cheque.

There are people out there who are totally insane. This legislation was obviously written by and for them. Somehow these people believe that legitimate businesses can survive merely by existing, and people who want their products and services will beat down their door. These are obviously people who have never built a business, and if they have built a business they are extraordinarily hypocritical.

Reply
binith

what could implications if an advertising firm outside canada , with computer located outside canada sends an unsolicited cem message of a canadian company to a customer ?

Reply
allen

The only thing that matters is the nationality of the recipient. If the CEM is being sent to Canadians, the law applies no matter where the message comes form

Reply
Kevin

I would sure love to know the total amount of taxpaying dollars they have wasted on such a pathetic piece of legislation that has done nothing to keep garbage from every other country in the world out of my inboxes?

Way to go Canada. Our government has once again managed to piss away our tax dollars on nothing that helps us, but can possibly hurt us.

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *