CakeMail Logo

CakeMail Blog

Email marketing for small businesses

CASL: Examples of Express and Implied Consent

Posted on June 2, 2014
Mireille Tessier

Written by

  • Kirsten Meyer

    Hi, I like the infographic but when I try to download it says failed to download. Not sure if that’s my end or yours?

  • cakemail_mireille

    Hi Kirsten! It was on our end – thanks for notifying us :)

    The download link has been fixed so you can go ahead and grab it. Glad you liked the infographic!

  • Mark Kuiack

    Hi there. Great CASL resources here. One question — there seems to be a discrepancy between your timelines around implied consent. It was my understanding that a whitepaper download or tradewshow business card contact would be ‘prospects’ and expire after six months. This is confirmed in the text of your main CASL overview, but the above graphic says the expiry for prospects is 24 months? What’s your take?

  • Kirsten Meyer

    Thanks Mireille!

  • cakemail_mireille

    Hi Mark!

    Glad you like the resources.

    Regarding the differences in information around implied consent:

    Our understanding is that 6 month expiration applies to “prospects” that enter your system with no intent of receiving emails from you, i.e.: when people are doing something else at the time of opt-in, not dedicated to signing up to the list.

    If someone gives you a business card at a trade show (with no mention of a contest, or subscribing to your list), they’re giving you the card with the expectation of receiving some sort of communication on your behalf, providing you with a 24 month window.

    Thanks again for stopping by!

  • mrcanada976

    This CASL legislation is insane and will do little to stop the worst messages. Political parties are exempt, and despite agreing with their ideologies I receive loads of spam from them on a daily basis at times. Then there are the Nigerian fraud schemes, fake viagra sales, etc., for which nobody will realistically be able to take action against because these are the actual spammers everyone wants to stop – so they are very hard to identify.
    Finally, what this legislation will do is take those anti-spam zealots – we all know of a few – and get them to kick it up a notch to attempt to profit against legitimate companies. These are the type of people who will threaten to sue you because they received a single email from you.
    This legislation is rediculous.

  • Matt

    Hi! I’m confused about that 24 month window you mention resulting from a business card hand-to-hand. Where is that outlined in the legislation?

    I think giving a business card with an email address would be an example of section 10(9)(c).

    The two year window mentioned in section 10(10) only applies to existing relationships (business, or otherwise). I don’t think 10(9)(b) (“conspicuously published”) or 10(9)(c) (“business card”) fall under this.

    From what I can see, there is no expiry date for implied consent resulting from a business card or a published email address.

  • cakemail_mireille

    Thanks Matt!

    We decided to err on the side of caution with this one – plus, I don’t know about you, but I wouldn’t be too happy receiving an email more than 2 years after an event saying how pleased they were to meet me. ;)

    The CRTC has made it clear (http://www.crtc.gc.ca/eng/com500/infograph3.htm) that Implied consent is “time limited” and that is generally for a period of 2 years. This includes business/non-business relationships and email addresses which are conspicuously published or sent to you.

  • Matt

    Thanks for the clarification. I can understand why you might err on the side of caution and impose the two year limit on disclosed email addresses, even though the legislation is specifically vague on this point.

  • carlos

    Anyone know if I can say “If we don’t hear from you, we’ll assume you want to stay part of the newsletter”? Thank you

  • cakemail_mireille

    Hi Carlos!

    It’s the other way around: as a sender, you need to be able to prove that every person on your list has given you their permission to be on your list.

    Permission that stems from an existing business relationship will eventually expire, so it’s best to have express consent for all the people on your list.

    Express consent is defined by having people take an affirmative action (clicked on a button, typed in their email, sent you a request) with the specific purpose of being added to your list – it never expires unless the person unsubscribes.

    If you didn’t have an existing relationship with the people currently on your list, what you’re talking about is an opt-out method – which isn’t allowed under CASL legislation.

    Makes sense?

  • carlos

    Yes it does… thanks Mireille… However I am sending out an email to get consent from people… I’m just wondering if I can add the users to my list if they don’t confirm by saying in my consent email “If we don’t hear from you, we’ll assume you want to stay in our newsletter”

  • cakemail_mireille

    Here’s a great quote from the CRTC in regards to consent ( http://www.crtc.gc.ca/eng/com500/faq500.htm ):

    “The manner in which you request express consent cannot presume consent on the part of the end-user. Silence or inaction on the part of the end-user also cannot be construed as providing express consent. For example, a pre-checked box cannot be used, as it assumes consent.”

    This would extend to literally assuming consent from inaction.

  • clavenov

    Remember, section 66 provides you 3 years (until June 30, 2017) to get express consent. The 6 month and 2 year limits do not apply if you get implied consent prior to July 1, 2014. It doesn’t matter if the last purchase or inquiry they made was 8 years ago, their implied consent will be good for the 3 year transitional period. Same with if they gave you a business card.

  • clavenov

    While it’s not going to stop spammers in general, and it does hinder some legitimate small businesses (as it eliminates the email cold-call) legitimate companies have 3 years to get themselves in order before any ‘zealots’ can take any action. This should give them time to get their act together. Plus the legislation does have room for a company to argue that they were diligent in their process in the event a rogue employee screws up. It’s not perfect, but no new law is. After 3 years though I’ll have little sympathy for non-compliant companies.

  • clavenov

    One could argue that if you downloaded a whitepaper from someone, you’ve then received a good from them and that would constitute a “transaction”, not an “inquiry”, and therefore you’d be open to them for 2 years (or until June 30 2017 if it happened prior to July 1, 2014).

  • clavenov

    As Mireille mentions, this is specifically included in the legislation. Negative confirmation is not permitted. The opt in must be a conscious, deliberate action on the part of the individual. Assumptions are not allowed.

    If you search up any CASL resources they will specifically indicate what you have to have in your email, and what is expressly forbidden.

  • Lynda

    Hi there – I wonder if you have any input on my emailing situation……my company offers a free 30 day trial of a software as a service (SaaS), where they receive automated drip emails throughout their trial period. If the Lead provides their email address to sign up for the 30 day trial, does this fall under the “implied” consent where we would be ok to send emails for 6 months?

  • cakemail_mireille

    As I understand your situation, it’s a case of implied consent where you’d be able to contact them for 24 months. See infographic above.

    Option 1) Use the 24 month window to obtain express consent before the time expires.

    Option 2) Add an un-checked checkbox to ask people permission to send them marketing emails when they sign up for the 30 day trial, which would give you express consent, which never expires (unless they unsubscribe).

    Option 2 is by far the best alternative.

  • Candyce

    I would love input on my situation, I know you can’t give legal advice but curious about your thoughts. I have a small online business. I use mailchimp and it says on our website if you sign up for our newsletter you will receive info on deals, promotions etc. We also have a newsletter sign up when we attend tradeshows that has the same information and the person must include their first and last name as well as email. To my understanding all the people on my email list have given express consent so I shouldn’t have to ask them to re-subscribe should I?

  • cakemail_mireille

    Hey Candyce!

    So long as you have **proof** that the people signed up (the online form on your website should provide you with the timestamp when people submit their email, and copies of those times you’ve collected the emails at Trade Show), looks like you’re all set! You have express consent – and I’m willing to bet that you have great open rates as a result.

    Cheers!