I continue to regularly receive commercial business solicitations to my Return Path assigned email address. I’ve written before on my personal blog about handling these sales pitches from people I don’t know.
Since 2003 when the CAN-SPAM Act went into effect in the United States, these messages have been regulated as a form of commercial email which must comply with the law. I find that even today, eight years later, I still commonly receive solicitations from businesses that do not comply.
Because these messages are commercial – e.g. they are solicitations either to directly sell a product or service or to effectuate a business relationship or negotiation – they must comply with the basic tenets of CAN-SPAM, here are a few:
The solicitations I get most often violate CAN-SPAM in these ways:
Honestly I’m amazed sometimes at the deception that plays out. Senders try lines like “following up on my phone call…” Really? What phone call and when? Or in the subject line they use a “FW:” or “RE:” designation, implying the message is somehow more personal or expected as part of prior correspondence. This is clearly deception in play.
I’m the guy that writes back to these folks and points out their violation – requesting to be opted out and educating them on CAN-SPAM.
One of the most common rebuttals I get when I do this is that since it was a one-to-one message, and not one sent in bulk to an email list, it is not in scope of CAN-SPAM. This is not true, the CAN-SPAM Act defines commercial messages as those for which “the primary purpose is to advertise or promote a commercial product or service.” It says nothing about one-to-one or bulk mailing, which doesn’t at all affect a messages purpose.
Since Canada recently passed a new national anti-spam law (which I’ll refer to as CASL – Canada’s Anti-Spam Law) I’ve been thinking about how this may affect lead generation and business prospecting by email. Honestly the CAN-SPAM Act is not hard to comply with, and still folks fail to meet the standard – and CASL appears to me to make things a bit tougher.
Why would I think about CASL relative to commercial email in the United States? A few reasons. The way the law in Canada is defined, it applies to any message sent from or accessed by a computer located in Canada. There is no way for someone to know if I’m accessing my mail while in my Toronto office, or say if Return Path chose to operate our Exchange server in our Toronto office, then all email to (and from) me would be covered. Senders have no idea, really, where any user at a Hotmail, Yahoo, or Gmail address may be when they access an email message. Combine that with a private right of action and Canadian enforcement agencies that will reach over borders, American companies should very clearly evaluate their email operations against the CASL regulations.
So, curious about this issue, I asked Shaun Brown Counsel at nNovation LLP and co-author of “A Complete Guide to e-Marketing under Canada’s Anti-Spam Legislation” what he thought about CASL and business prospecting by email. Here’s what he said:
There is no doubt that CASL will make things even more challenging. As Tom points out, the requirement for prior consent is the biggest difference between CASL and CAN-SPAM. And, anyone who doesn’t understand how to comply with CAN-SPAM likely isn’t going to meet the requirements under CASL.
This begs the question though (which I hear quite often): how can you prospect under CASL? Is prospecting by email for legitimate businesses dead? There are at least two ways to prospect in compliance with CASL:
Implied consent – conspicuous publication of an electronic address
The implied consent provisions under CASL are key for the online prospector. Most important is that CASL implies consent to send a commercial electronic message (“CEM”) where the recipient’s electronic address has been conspicuously published. According to paragraph 10(9)(b), consent is implied where 1) an electronic address is conspicuously published; 2) the address is not accompanied by a statement that the person does not wish to receive unsolicited commercial electronic messages; and, 3) the message is related to the person’s business or official capacity.
There are a few important considerations. First, the address must be published by the person, or published with the authorization of the person. Examples would be a business or organization website, or a legitimate business directory, or Linkedin (assuming the address is public). This would probably not include a directory compiled by a company that crawls the web and publishes electronic addresses without knowledge or consent.
Another requirement is that the CEM be related to the person’s professional capacity. Exactly what this means, and how closely the message must be related is unclear, and will likely be subject to interpretation both by the CRTC and the courts. A commonly cited example is as follows: although it may be acceptable to send an email to a law professor advertising a legal publication, it would not be reasonable to send an email advertising football tickets (this was actually the subject of a complaint under the Personal Information Protection and Electronic Documents Act, or “PIPEDA”). There are countless examples that fall in between and are much less obvious however – for example, it is unclear whether it might be acceptable to send a message to a law professor advertising office supplies. While a professor may need office supplies, there may be a better-suited person within a university who actually makes purchasing decisions about those types of products.
Finally, it is important to be aware that address harvesting is expressly prohibited under PIPEDA. Thus, businesses cannot use programs designed to collect electronic addresses from the web, i.e., addresses must be collected manually.
Renting a properly compiled list is another way to prospect under CASL. Let’s be clear, however, what is meant by ‘list rental.’ First, the list owner must be able to provide assurance that they have obtained express consent to send CEM’s on behalf of third parties. Thus, the subscribers on the list should be expecting messages from parties with whom they have no prior relationship. Second, the list owner sends to their own list, on behalf of the advertiser. The list owner should never share the actual electronic addresses with you. If they do offer to share the addresses, the list owner most likely does not have consent, so avoid sending to that list altogether. Finally, the list owner must comply with the identification and unsubscribe requirements under CASL.
A properly compiled, express consent-based list is a valuable asset, so sending to such a list is not cheap. And list owners would not want to undermine their asset by sending messages that advertise dubious products, or look ‘spammy.’ In most cases I would bet that either or both of these conditions would rule out most of the advertisers who seem to enjoy spamming Tom.
Note that these are only the two most obvious techniques for generating business under CASL. I have no doubt that there we will see creative senders pushing the boundaries of CASL in developing other methods for legal prospecting.
So, there you go – prospecting is not dead – however, there are new requirements for which any sender mailing from or to Canada will want to be aware of and ensure they comply with. If you need help, I recommend this handy guide, “The Marketer’s Guide to Applying CASL,” compiled in partnership by Shaun’s firm, nNovation, Return Path, Transcontinental Interactive, and CAUCE. Shaun advises on all aspects of e-marketing regarding compliance with Canadian law, which includes the ability to draw on the technical expertise of Neil Schwartzman, Chief Practices Specialist, CASL Consulting. Go forth and prospect – correctly!