Tomorrow is July 1, and today Chief Privacy Officer James Koons offers his final post in the Countdown to CASL series:
As the countdown enters its last hours, a peaceful calm spreads across the offices of the Listrak Privacy & Compliance Team. The last few months leading up to the enforcement date of Canada’s new anti-SPAM legislation have been filled with calls, webinars, events and meetings.
Now, it’s time to move education to ongoing compliance, and I think a great way to close out this series would be with a small collection of tips on how to maintain compliance. We’ve all seen the tips and suggestions on how to become compliant with CASL, but how do we maintain that? Here are 5 easy ways:
1. Segment your lists – Keep track of those recipients who have opted in or for whom you have consent for already. Keep track of the type of consent as well as where and when they consented. Add segments as necessary to track this information and make sure you are sending the correct messages to the correct segments.
2. Make sure that all your communications include:
a. clear unsubscribe links
b. your name, company name and address (phone number or URL are also acceptable)
c. an explanation of why they are receiving your communication
d. a statement that the subscriber may withdraw consent at any time
- 3. If you add an email address acquisition point or modal to your website, make sure it has the correct verbiage so that subscribers know exactly what they are consenting to. Follow the CRTC’s guidance on this.
4. If you are collecting email addresses verbally at the point of sale (in-store), make sure you have the customer confirm consent by using an acknowledgement mechanism available on most POS systems. If this is not possible, have the customer fill out a form that has a spot for his/her email address and includes valid consent verbiage. Make sure these paper forms are stored and available if you ever need to prove consent.
- 5. It’s a good idea to document what you’ve done to become CASL- compliant. Having a documented and audit-able process in place would most likely prove very favorable in the event of an enforcement action. Once you’ve documented your process, audit it as if you were a subscriber. You might want to do this on a regular basis (annually, bi-annually). As you maintain your process, stay on top of what’s going on. Pay attention to any enforcement actions that are happening, as they will begin to set precedent, providing email marketers with valuable information and insight as to how the future of enforcement will look.
Compliance with CASL may seem like an arduous task, but if approached it with a logical plan and thorough consideration of your existing data processes, it is a manageable one. Much of what CASL prescribes is considered email marketing best practices already; the new legislation is simply making those practices a requirement. Don’t let your guard down after tomorrow. Stay on top of CASL happenings and potential changes to the legislation!