The SPAM legislation

Starting July 1st, the C-28 law on the legislation for SPAM elimination will come into effect. This new law has been established to protect e-commerce in Canada. It aims to:

•    Fight against unsolicited commercial email (spam) by prohibiting the sending of unsolicited commercial electronic messages;

  • Prohibit harmful e-commerce practices, protect the integrity of data transmission and prohibit the unwanted installation of computer programs in the course of commercial activities;
  • Prohibit false or misleading representations of online business;
  • Prohibit the collection of personal information by illegal access to computer systems and compilation or distribution of unauthorized lists of electronic addresses;
  • Provide businesses and consumers with a private right of action;
  • Enhance third party liability (to find the funds);
  • Allow the Competition Tribunal of Canada, the Canadian Radio-television and Telecommunications Commission (CRTC) to impose administrative monetary penalties for those who are breaking the law;
  • Enable the sharing of evidence and information with our partners overseas in order to take action against spammers who are operating outside of Canada.

Anti-Spam Legislation in three points

When the anti-spam law coming into effect, you must:

  • Obtain “express and voluntary” consent for every person (consumer, purchaser, or otherwise) that you are going to send an e-mail of a commercial nature, including email, text messaging, instant messaging, or messages on social networks;
  • Carefully keep the evidence of all the consent;
  • Include your full contact details and the option to unsubscribe (opt-out) in any commercial electronic message.

How do I prepare to this new legislation?

  • Create a list of your various commercial electronic messages. You must be able to determine which messages require consent.
  • Determine if an email addresses can be used when the legislation comes into effect and cleanup your databases or obtain the necessary consents. Which were obtained tacitly? Is the validity of the consent has expired?
  • Update the process in regard to the request for consent. Make sure to use a (opt-in) subscription option separate from other applications.
  • Make sure that the systems in place are adequate in order for the consent to be obtained and kept in a detailed document. Do you need to adapt your mailing list tool to collect this information?
  • Create fields in the database to record the date of consent to be regarded as implied. Can you manually add the dates of implied consent for new entries?
  • Update emails templates. Include contact information of the sender, postal address and a link to the exclusion mechanism.
  • Update unsubscribes mechanism and processes to ensure an easy processing of these applications.

To obtain additional information, please consult the C-28 legislation via this link directly: