The House of Commons Standing Committee on Industry, Science and Technology (INDU) review of Canada’s Anti-Spam Legislation (CASL) is coming to a close. On Tuesday of this week, committee members gave INDU analysts instructions on drafting a report during an in-camera meeting, meaning that the next step is a report with recommendations on how Innovation, Science and Economic Development Canada (ISED) should (or should not) revise the law.
The Canadian Radio-television and Telecommunications Commission (CRTC) appeared as the final witness on November 9, with representatives stating that the law has been “largely effective”, and pleading with INDU members to exercise patience and allow CASL to achieve its goals before recommending significant changes. CRTC representatives were, not surprisingly, especially concerned about stakeholder proposals that would prescribe limits on the CRTC’s discretion to impose penalties (currently there are none).
In total, 41 witnesses appeared, and 28 briefs were submitted. The majority of stakeholders were businesses and industry associations, most of which expressed concerns about various aspects of the law. The following are just some of the recommendations that were made by stakeholders:
- Narrow the definition of a commercial electronic message (CEM);
- Narrow the scope of the Act to apply to “bad actors”;
- Introduce a de-minimis threshold on the CEM rules (e.g., so that CASL does not apply to a single message);
- Remove subsection 6(6);
- Introduce a true “implied consent” provision based on reasonableness;
- Eliminate time limits on implied consent;
- Clarify that cookies are not captured by CASL computer program rules;
- Broaden the exemptions under the computer program rules to allow for updates and efforts to prevent cyber attacks;
- Prescribe concrete limits on the imposition of penalties; and
- Remove or revise the private right of action.
Of course, other stakeholders, including anti-spam and privacy advocates, the Direct Marketing Association of Canada, and some vendors of CASL compliance tools advocated that CASL remain as stringent as possible, including bringing the private right of action into effect.
Many of the most important concerns with CASL have been expressed throughout the review. This issue of PrivacyScan considers a problem that is less well-known, yet potentially affects any business using email marketing in Canada: uncertainty about what it means to “send” under CASL, and, therefore, who needs to be identified as the sender in a CEM.