Q&A: DMAC’s Derek Lackey Shares the Two Questions He Asks to Determine if a Business is CASL Compliant

Read our interview to clear up the myths surrounding CASL and find out why the suspension of private right of action has caused so much confusion.

Derek Lackey, president of the Direct Marketing Association of Canada, CEO of -30-Strategic Communications—a division of Newport Thomson—and author of “CASL Compliance: A Marketer’s Guide to Email Marketing to Canadians,” explains who is impacted by Canadian Anti-Spam Legislation (CASL), why businesses need to be more strategic with their email communications and how the suspension of private right of action (PRA) may impact you.
AAM: How did you become the face of CASL compliance?
Derek Lackey: Five years ago when Direct Marketing Association of Canada came to recruit me as president, CASL came up immediately so I started looking into it. I noticed that the lawyers and the CRTC officials were more than willing to tell marketers what they couldn’t do but all the marketers were asking is what can I do? And no one was answering that so I decided to be their voice. For the last three years, I have immersed myself in all things CASL. I have spoken to dozens of attorneys, I’ve read the law over and over, I’ve read every bulletin the CRTC has issued, and I’ve reviewed every fine. Marketers are busy and they just want someone to explain the law in simple terms and tell them what they can do. I do that.
AAM: Who is impacted by CASL?
Derek Lackey: Anybody that sends a commercial electronic message to a Canadian. It doesn’t matter the size of the company; the CRTC can and has fined a single individual. More recently, they even fined a CEO personally.
There is some confusion about what is an electronic message. It’s any message sent to an electronic address. If someone sends you a direct one-to one email on LinkedIn, that falls under CASL. If someone sends you a text message, they need to have your permission to send that text.
It doesn’t matter where the message is coming from either. If you’re an individual or organization sending promotional or commercial messages targeted to Canadians, you fall under CASL.
AAM: How has CASL impacted email marketing so far?
Derek Lackey: According to a survey by Industry Canada of email service providers, SPAM is down as much as 25 percent in Canada. But most of our SPAM comes from the U.S., not Canadian sources, so we’re still getting inundated with SPAM.
For legitimate marketers, CASL has taken email marketing for new customer acquisition off the table. A lot of businesses are only using email marketing to communicate with current customers in a more cost-effective manner.
AAM: What is one thing you wished more businesses understood about the implications of CASL?
Derek Lackey: It’s not optional. A lot of organizations are treating it like it’s optional. It’s the law. If you’re a business owner selling goods and services to Canadians, you must obey CASL. Businesses are either choosing to ignore it or self-select. They’re saying, I’ll take care of the unsubscribe portion but this consent thing is silly. These people are making a conscious decision to take a chance.

Just because you have a working unsubscribe in every email does not make you compliant. That is like saying I have a fingernail, therefore I am a person. It is such a small piece of the picture.
AAM: What’s the difference between obeying the law and being compliant?
Derek Lackey: Obeying the law is getting consent, only sending emails if you have consent, having a working unsubscribe function and making it clear who you are. That’s one part of following the actual law of CASL.
But the CRTC has introduced a further level of compliance. It’s not good enough to just obey the law; you must have policies and procedures around your email marketing program. You need to know how people got on your list and why they’re there. You need to train your staff so they’re not breaking the law on your behalf. You need technology to track it all. That’s compliance.
Let’s say an employee accidently sends an email to 10,000 people on your unsubscribe list. The CRTC is going to come in and look at your program. If you can prove you’ve trained your staff, you’ve got a manual, you’ve done the checklist, then the CRTC is going to say, “Okay, we buy that this was just a one-time mistake.” They’ll tell you to be careful and put controls in place so that it doesn’t happen again. But if that same mistake happens and you don’t have any of that back up in place? You’re going to get charged.
AAM: Why are so many businesses convinced they’re CASL compliant when they’re not?
Derek Lackey: Pure lack of communication. There are a lot of myths about CASL because of the $10 million fines. The teeth of the law have scared everybody and now they’re afraid of the boogeyman. Businesses think if you send an email to anyone without permission, you’re getting a $10 million fine. That’s not true. There are circumstances where you can email someone without their consent. These are nuances that people don’t understand because they haven’t read the law.
AAM: How long does it take you to figure out if a business is CASL compliant?
Derek Lackey: I can do it in one question, sometimes two:
Can you show me your policies and procedures manual?
Do you know how every single individual on your email list got there and what your current consent relationship is?
Almost no one can answer the consent question. That is CASL. And as of July 1, it became black and white. You either have consent or you don’t.
AAM: What is the CRTC’s role in CASL? What should businesses do if they’re contacted by the CRTC about their email programs?
Derek Lackey: The CRTC is the main enforcement body.
If the CRTC called me, I would answer their questions. Don’t resist and meet their timelines. Of all the cases where we’ve seen any kind of resistance, the fines are 10 times more. The CRTC will get the information they need—the easy way or the hard way. If you make it hard or avoid them completely, you’re going to get a bigger fine than if you worked with them.

The CRTC doesn’t want to penalize people. They want them to come into compliance. The best way they have found to do that is to rap them on the knuckles severe enough that it hurts but not so that it breaks their knuckles. The CRTC has made it clear that they're not here to put a company out of business; they want to bring them into compliance and the fine reflects that.

I really think compliance has been made out to be a bigger deal than it is. Make a set of email marketing best practices that respects the consumer and that gets you 90 percent CASL compliant. We've let email marketing slide down in the gutter with telemarketing. The only thing that is going to save it from that death is if we legislate it.
AAM: How do AAM’s new CASL compliance audits help these businesses?
Derek Lackey: It clears up all the myths....

Read The Full Article


0 Comments Write your comment

    1. Loading...