WASHINGTON (7/3/14)--Canada's anti-spam law took effect Tuesday, and while the statute is a Canadian law, it affects any commercial electronic message (CEM) sent to Canadian recipients. A CEM can be defined as any electronic message sent with the purpose of encouraging participation in a commercial activity.
Valerie Moss, senior director of compliance analysis for regulatory affairs for the Credit Union National Association, writes on CUNA's
that a CEM can include e-mails, text messages and some social media messaging.
"We have been asked whether Canada's new anti-spam requirements will affect U.S. credit unions that send marketing messages to members who reside in Canada. The answer appears to be yes," she wrote. However, there is a grandfather clause for existing credit union members and a safe harbor for emails that comply with the U.S. CAN-SPAM Act that should help limit compliance burdens on U.S. credit unions.
Moss lists three general requirements for sending a CEM to an electronic address (defined as an email account, a telephone account, an instant messaging account and any other similar account) in Canada: the recipient's consent to receive CEMs; the sender's identification and contact information; and an unsubscribe mechanism that can be "readily performed."
Consent to send CEMs is implied for a period of at least 36 months following the law's implementation where there has previously been an existing business relationship.
Significantly for credit unions, the "implied consent" period likely extends beyond 36 months in the case of a person who is a member of the credit union on July 1, 2014, until he or she leaves the credit union's membership, because the existing business relationship remains continuous so long as the member maintains his or her membership share.
The law also contains a safe harbor if the sender is located outside of Canada, the sender reasonably believed that the recipient would access the commercial electronic message outside of Canada in a jurisdiction on the
ECPR List of Foreign States
schedule, which includes the United States, and the CEM was in compliance with that jurisdiction's "substantially similar" anti-spam law, that is, the CAN-SPAM Act in the case of a U.S. credit union.
The law and its implementing regulations generally prohibit:
- Sending of commercial electronic messages without the recipient's consent;
- Alteration of transmission data in an electronic message resulting in the message being delivered to a different destination without consent;
- Installation of computer programs without the express consent of the owner of the computer system or its agent;
- Use of false or misleading representations while promoting products or services;
- Collection of personal information through accessing a computer in violation of Canadian law; and
- Collection of electronic addresses by the use of computer programs or the use of such addresses, without permission.
Use the resource link below to access CUNA's
entry on the new law.
Also, the World Council of Credit Unions has produced an extenstive summary of Canada's Anti-Spam Legislation (CASL) for non-Canadian credit unions. Use the resource link for access.