There are significant differences between Canada's anti-spam law, CASL, and the U.S. CAN-SPAM. Key differences include:<p>1. CASL is opt-in, while CAN-SPAM is opt out;<p>2. Canada has an opt-in exception for existing business relationships that must be renewed every two years; and<p>3. CASL applies not only to email but to any electronic message, including a message sent via an installed program.<p>For more information, see: <a href="http://www.mcmillan.ca/Files/172403_Key%20Differences%20between%20US%20and%20Canadian%20Anti-Spam%20Laws.pdf" rel="nofollow">http://www.mcmillan.ca/Files/172403_Key%20Differences%20betw...</a>
I believe it only applies to messages originating from a server located in Canada, in case anyone was wondering.<p>EDIT: I am indeed wrong! A non-Canadian company could hypothetically get in trouble for violating these rules. I wouldn't expect that to happen often.<p>Also, thankfully, the Canadian rules seem pretty reasonable. Everyone probably should have to get explicit (more than a prechecked box) permission before adding you to a mailing list.
This law has been a giant PITA for me, only because there are a bunch of businesses running around trying to sell "compliance" services to my clients (who don't need them, because why would I set them up with email marketing tools that aren't opt-in only). Truth is that CASL isn't very different from CAN-SPAM and so anyone who was already doing email marketing in the US is probably fine, but there seems to be a whole new cottage industry in Canada around scaring people into paying for protection from this (more or less completely sensible) new law.
Like most anti-spam legislation, this will both hurt legitimate businesses trying to send email to people they've done business with in the past, as well as do nothing to stop spam. Spammers are still going to spam. They don't care about Canadian laws.
Seems like lead generation services are up shit creek. Glad I got out of that long ago. Is there any way for them to legally transfer the ability to email someone to another company?<p>If not, I assume users filling out the wrong country (so you can filter out Canadians from your lists, except those who put in the wrong country) doesn't protect you either.
These new rules seem reasonable and no different from what businesses are/should already be doing.<p>Does "consent" apply to websites which add an "opt in" checkbox but check it off by default and hope that nobody sees it?<p>This really irritates me and I would argue does <i>not</i> constitute my having given my consent to receive emails. That said, I don't see an easy way to distinguish this kind of practice from a legitimate opt-in checkbox.