The federal government’s anti-spam law, known as Canada’s Anti-Spam Legislation (CASL) came into effect on July 1, 2014.
CASL is a spam-fighting Act that regulates the types of electronic messaging that can be sent (and under what circumstances) from people, businesses, and organizations. Called the toughest of its kind in the world, the law is fairly complicated for both for-profit businesses and nonprofit organizations alike.
It’s been three years since the initial three-year grace period ended, and still, some organizations are not aware of the significant implication CASL has on the sector, including how you’re legally allowed to interact with donors and stakeholders. While harsh, CASL actually exempts charities and nonprofits from many of the law’s restrictions - as long as organizations know where and how to tread.
Main Compliance Requirements
CASL covers a broad range of activities which can be boiled down to three key requirements relevant to charities and nonprofits, which are detailed on the Canadian Radio-television and Telecommunications Commission (CRTC) website.
- Consent of the recipient to receive the email and proof of that consent;
- Disclosure in every email of the identity and contact information of the sender; and
- Inclusion within an email of a readily-accessible unsubscribe mechanism.
Essentially, it’s to stop you from sending spam, malware, spyware, phishing, or fraudulent information to the Canadian public through Commercial Electronic Messages (CEMs). This applies to all forms of electronic engagement such as emails, text messages, and social media. It does not include phone calls or the ever-dwindling-in-popularity fax machine.
Spam, as defined by the government, includes any unsolicited communications that encompass the unauthorized transmission of data, installation of computer programs without consent, electronic promotion of false or misleading information (including websites), harvesting of addresses - electronic or otherwise - without permission, or the collection of other personal information illegally.
How CASL Applies to Your Organization
Any charity or nonprofit in Canada that sends messages electronically will need to comply with this legislation.
Emails for ‘commercial’ gain (commercial meaning anything which involves payment of money or an exchange of something of value) are subjected to CASL requirements. This is the case even for registered charities and nonprofit organizations if the ask is in a CEM which also contains a promotion for a product or a service.
Sound confusing? Let’s look at an example.
If you’re asking for a donation to your ocean clean-up charity, but in the same email are selling ocean plastic-converted bracelets, then you’re going to need to uphold the email to CASL requirements, as it’s not clear whether the sale of merchandise constitutes fundraising in this case. If your CEM contains only photos of your efforts to clean up the ocean, and the only Call to Action is to get involved, then you’re scot-free.
If you’d like to avoid CASL all together, be prepared to isolate your communications that have no ‘commercial’ purpose from those that do.
While it sounds simple, if you forget, or make a mistake, your organization could be liable for potentially severe penalties of up to $10,000,000 for each violation.
Better safe than sorry, right?
The challenge then lies in knowing what is exempt for nonprofits and charities and what is not.
What Types of CEM’s are Charities Allowed to Send Under CASL?
There are several exemptions from CASL that are helpful to charities and nonprofits.
If your message’s primary purpose is to raise funds for your charity (as laid out above) then rest assured, you don’t need to worry about CASL restrictions. This includes electronic messages that are sent on behalf of registered charities. Types of fundraising emails you send can include selling tickets to a fundraising event like a tournament or a gala, as well as your newsletter, which while the main purpose is about the goings-on at your organization, also may contain a section asking for donations.
This would include any CEMs between members of the team or representatives of organizations that have a relationship with one another. Essentially in your mundane, day-to-day communication, you can live without fear of needing to meet CASL requirements.
You’re also allowed to reply to individual or organization-based inquiries, meaning you’re allowed to respond directly to a request, complaint, comment, etc. However, again it is quite limited, so it’s always good to err on the side of caution.
How do you do that? By ensuring you meet CASL requirements regardless of the type of CEM you send - just to be safe!
Besides, CASL is the law and puts forward only the bare minimum for registered charities and nonprofit organizations to abide by.
If you want to build your brand image, and build trust with your donors, it’s imperative that you follow best practices. By not following CASL - where you are exempt from it - your organization will stand out like a sore thumb in an inbox among others that do comply.
How Do You Meet CASL Requirements
As mentioned above, there are three components to CASL regulations: consent, identification, and the option to unsubscribe.
The main crux of CASL is obtaining the consent of your readers before you send them communications. There are two types of consent categories.
Express Consent is consent that is actively given, either in writing or through checking a toggle box which opts someone into your communications. This type of consent is valid until the recipient withdraws it.
Important: The subscriber must actively click this toggle box themselves. If you provide pre-loaded boxes, then this is in violation of CASL.
Express consent is the most straightforward of the two categories, leaving little to no room for mistakes or misunderstandings. As such, it should make up the base of your consent strategy.
Implied Consent, on the other hand, is a little more complex. This category encompasses existing relationships within the previous two years where express consent is not required.
Existing business relationships under CASL are specifically-defined commercial relationships mostly pertaining to the for-profit sector.
It’s existing non-business relationships that nonprofits and charities need to be aware of. These relationships focus on contributions - whether monetary, gifts in kind, memberships, and even volunteer work occurring within the past two years.
For example, if you’re a registered charity and your recipient gave a donation to your cause, then this recipient has given implied consent for up to two years from the day of the donation (i.e. the start of the relationship). If you’re a club or association, the same logic applies to memberships but with one crucial difference. Your member is giving you implied consent for the duration of their membership as well as two years after the membership ends.
The challenge for organizations is being able to keep up with a growing database of subscribers who have given implied consent. Are you confident everyone is tagged and segmented appropriately? Would you risk CASL fines?
This is why a strategy of receiving express consent, even if the contact has given implied, is always best practice.
When you send a CEM, you must expressly identify yourself and include all relevant contact information. Usually, this is the name of the sender, email address, name of the business, website, phone number, and physical address. Most of this information is contained in the footer of emails, or in your email signature. But if you feel it’s too much to include within the copy of your short-form CEM (social media, text message, etc), you can provide a link to a webpage which leads to this information. Just make sure it’s clearly displayed.
Option to Unsubscribe
Your CEM must include an option to unsubscribe that is both visible and easily accessible. Most often, this again is found in the footer of your email (the most common type of CEM) with a link that says “unsubscribe by clicking here”.
6 CASL Best Practices
CASL is intimidating, especially to charities and nonprofit organizations that may have been operating blissfully unaware. While it’s not meant to be malicious, if you fall off the wagon, you risk hefty financial fines.
Follow these six tips for peace of mind. Bonus! It will help create a better experience for your recipients as well as streamline your workflows!
- Always, always seek out express consent
As mentioned above, there will be a lot of instances where you’ll have implied consent. However, in the long run, you’re setting yourself up for hours of scrubbing your database to ensure everyone who is outside of that two-year grace period is no longer receiving your emails.
Alternatively, express consent is a ‘set and forget’ model until the recipient unsubscribes. So instead of focusing on people who may be expiring or don’t want to be on your list, set up an easy opt-in system on your website or your donation forms to receive email communications.
- Make it as easy as possible for people to unsubscribe from your emails
Even if the CEMs you’re sending are not regulated under CASL, you should still have a prominent unsubscribe button for your readers. While it seems counterintuitive to make it easy for people to cut ties with your charity, if you have a large mailing list with few people opening or engaging with them, you will hurt your sender’s authority and your emails have a higher chance of being flagged as spam. Plus, if you make it hard for your readers to unsubscribe, you risk breaking their trust and souring their view of your organization.
- Segment your mailing lists
While some loyal supporters love receiving daily updates about your organization’s activities, others do not. If you’re sending the same emails to everyone in your database, you’re going to notice a spike in unsubscribes which, again, damages your reputation. Do a deep dive into your email analytics, identify trends of who is opening what, and begin to create specific groups based on their communication preferences. The larger your organization, the more segments you should have as the more insights into your donor database you’ll be able to gather.
- Honour communication preferences and frequency
In addition to collecting express consent, you can seek out preferences on both the frequency and method of connection. A practice required of any charity or nonprofit accredited by Imagine Canada (Standard C1), organizations should ask and track whether donors prefer telephone, mail, or email communications, and how often they’d like to be contacted (i.e., weekly, monthly). This way you'll avoid opt-outs, but also show your donors that you care about their needs and preferences.
- Use your personal email for personal communications
Encourage your staff, volunteers, board members - whoever uses an organization email address - to also set up a personal email address if they don’t already have one. This will help to avoid sending out unnecessary emails as well as avoid having someone’s personal emails being sent from your organization and potentially flouting CASL.
- Continually educate yourself on CASL compliance
A large part of trying to be compliant is education. Not just for yourself, but your team as well. Make sure everyone is up to speed on the processes you’ve put in place to obtain consent and knows the limitations on which emails your charity or nonprofit can send. Finally, stay up to date on the legislation to ensure that any changes affecting you haven’t slipped under your radar.
If you have any more questions about CASL and how it applies to your organization, please refer to guidelines provided by the CRTC.
Guest contributions represent the personal opinions and insights of the authors and may not reflect the views or opinions of Imagine Canada.
A storyteller by nature and an organizer by inheritance, Sam enjoys crafting meaningful content equally as much as colour coding spreadsheets. As the Marketing Director at Keela, a Canadian Donor Management Software (CRM), she is always on the hunt for new and innovative ways to educate nonprofits and help them maximize their impact.