Canada’s neighbors to the south should pay attention to its anti-spam laws despite  the early criticism.

“[Canada’s new spam law] is deeply stupid. Because the law applies only to Canadian companies, it will reduce spam by just about 2 percent for the typical citizen,” writes Mark Joseph Stern, who rails against the anti-spam law that went into effect Tuesday, for Slate.

Well, not exactly.

Photo Credit: freezelight
Photo Credit: freezelight

While there have been some early flaws in Canada’s Anti-Spam Legislation (like a pre-law flood of spam and it being called “heavy handed”), the law actually does apply to emails coming from outside of Canada, according to Barry Sookman and Puneet Soni of snIP/ITs.

CASL is the toughest law of its kind in the world and Canadian organizations are awakening to many major challenges they will face when trying to comply with this legislation. However, non-Canadian organizations should not overlook the Act’s extra-territorial application and its effect on their respective operations. …

CASL’s anti-spam provisions apply to any commercial electronic message (CEM) where a computer system located “in Canada is used to send or access the electronic message”.  It applies to emails, instant messages, SMS messages and messages sent to “similar accounts”. This means that the form, content and unsubscribe requirements established by CASL apply (i) to foreign messages including those sent by foreign organizations to Canadian recipients (whether customers, or proposed customers or otherwise), and (ii) to messages that are stored on foreign servers and accessed from Canada.

CASL is supposed to be the strictest law of its kind because it attempts to not only reduce email spam, but also spam on social media networks and unwanted downloads. Breaking the law could mean a $10 million CAD ($9.4 million USD) fine or $1 million CAD a day in punitive fines.

If they haven’t already, US companies with Canadian customers need to take notice of the new restrictions – especially when it comes to consent. Federal anti-spam laws have been on the books in the US since 2003, but there are some fundamental differences between the CAN-SPAM legislation and the CASL, according to Cynthia Larose for Privacy & Security Matters.

There are some very important differences between CAN-SPAM and CASL and CASL’s sweep is very broad. The biggest difference:  CASL imposes an “opt-in” scheme — express consent must be given by the recipient of the commercial electronic message.  Consent cannot be implied or “read in” and recipients must take action to express consent.   Prefilled “tick boxes” giving “permission” to send marketing emails will not be compliant.

Before American companies begin worrying that they’re too late to ask for consent and that Mounties will be at their  door any minute, Canada is pretty loose on what is defined as consent.  The law includes “implied consent,” which means emails and texts can be sent to someone who purchased your product until they unsubscribe.

The law’s implied consent clause runs until 2017, which is when legitimate marketers will have received express consent.

So while Canada’s law is already in place, it seems unlikely that country is currently extraditing Nigerian princes.  When it comes to international violators, according to Gigaom,

[w]hat Canada will do is try and work with other governments to go after the worst of the worst, which is what it does when it comes to telemarketers. In Canada’s own words: “[We will ] share information with the government of a foreign state if the information is relevant to an investigation or proceeding in respect of a contravention of the laws of a foreign state that is substantially similar to the conduct prohibited by this Canadian law.”