This week, the Canadian Radio-television and Telecommunications Commission (CRTC) issued an enforcement advisory1 directing businesses and individuals to consider the importance of record-keeping pursuant to Canada’s anti-spam legislation (CASL).
Under CASL, the onus remains on the sender of commercial electronic messages (CEMs) to demonstrate that it had the proper consents in place to send CEMs (whether implied or explicit). This onus of proving consent is applicable even where the sender is relying on an existing business or non-business relationship, regardless of whether this relationship was established prior to or following the implementation of CASL.
Good record-keeping practices not only ensure compliance with CASL, but can assist a business to: (i) identify potential non-compliance issues; (ii) investigate and respond to consumer complaints; (iii) respond to questions about the business' practices and procedures; (iv) monitor its corporate compliance program; (v) identify the need for corrective actions and demonstrate that these actions were implemented; and (vi) establish a due diligence defence in the event of complaints submitted to the CRTC.2
To achieve the benefits of record-keeping listed above, businesses should endeavour to keep hardcopy and electronic records of the following:
Although the CRTC’s guidance on record-keeping for the purposes of CASL has been well established, this recent advisory suggests that documentation proving consent is becoming an enforcement focus. As a result, businesses should revisit their CASL compliance policies and ensure that their staff are trained to promptly and adequately obtain – and maintain – records of customers consenting to receive CEMs. For example, if a business obtains verbal consent from a customer to receive CEMS at a point-of-sale, based on this recent advisory, such verbal consent may not be effective without further proof of opt-in consent such as an electronic form.