Documente Academic
Documente Profesional
Documente Cultură
Share of respondents
49.1%
businesses can collect it to positively impact customer 50.0%
experience. However, it could be misused or stolen, leading to 38.9%
40.0%
the fact that consumers are concerned about whether 30.0%
companies are doing enough to use and protect them properly.
20.0%
10.0%
Why Canada’s Anti-Spam Legislation (CASL)?
0.0%
To protect Canadian citizens from SPAM, phishing, identity Unsolicited calls Spam e-mails Misleading
theft and from malware by introducing strict law into advertising
commercial electronic messages (CEM) since according to (1) Leading forms of spam considered as offensive according to consumers in Canada as of August
2016
Statista consumer survey, the leading forms of spam as
considered as offensive are unsolicited call, spam email, etc. Concerned Somewhat concerned Not concerned
1 Source: (1), Leading forms of spam considered as offensive according to consumers in Canada as of August 2015, Statista Canada
(2) Cyber crime in Canada, Statista Canada
Background information
CASL is more descriptive but GDPR is the most pervasive.
CASL GDPR
Scope unsolicited commercial collection, storage, usage and
There are some similarities between advertising by email and management of personal data.
CASL and GDPR at basic level. text, phishing and unwanted
To promote transparency and choice software installation.
through explicit consent between the
companies and consumers. Application senders and recipients of businesses based inside the EU,
To require thoughtful internal CEM in Canada businesses based outside the EU that
processes to make sure that the offer goods and services to, or that
request will be processed quickly monitor, individuals in the EU
To come with huge penalties. For
Consent Senders must obtain explicit Businesses must obtain explicit consent
example, Flybe and Honda Motor
consent from recipients from recipients through opt-in
Europe fined £70,000 and £13,000
through opt-in mechanism. mechanism.
respectively
Recipients can revoke Recipients can revoke consent through
To clear on who’s accountable. Even
consent through opt-out opt-out mechanism at any time.
if businesses are outsourcing data
mechanism at any time. Businesses only use data for the specific
processing, they are still be liable for
purpose that recipients give consent to. If
any breach.
for another purpose, businesses must
However, they still have some big
obtain recipients’ consent again.
differences as the table shown.
Comparatively speaking, GDPR is more Exceptions various cases: CASL-exempt compliance with legal obligations and for
stringent and far-reaching than CASL. to Consent country, product updates, the performance of official duties.
warranties, membership,
subscription, etc.
Data focus
Businesses should avoid collecting unnecessary
Data
permission data and focus on the basics.
For example, if marketers want know a visitors
shoe size, and can prove why they need it, then
•Even though the emailing list may reduce, the open and click-through rates would be increased since companies only send
marketing emails to contacts that they are mostly likely to find them relevant.
Improved
metrics
•In CRM database, duplicate is a very common problem. However, consent could be a solution to reduce a significant
number of duplicates. In other words, if companies have more than record for a contact, the contact could receive mailings
Control of for which they had not give consent to. That means companies would be more responsible for regular updating the
duplicates database if they don’t want to violate the regulations.
•Under regulations, records with only email address without mailing address may not be archived. It also means the contact
Fewer records would be more complete. This is clearly beneficial for sending event invitations based on guests’ location.
incomplete
records
•The key to the success of CRM is high-quality data. Besides, poor data costs companies more than data cost as fines for
Better non-compliance are huge under the regulations, about 4% of a company’s annual revenue. Now companies have a very
CRM good reason to improve data.
adoption
7 Source: JD Supra
Recommendation
What businesses need to prepare for CASL?
9 Source: Engines
Future landscape
GDPR’s impacts for Canadian businesses next years
11