The Canadian Anti-Spam Legislation (CASL) applies to the majority of organizations in Canada, including York University. CASL, which came into effect on July 1, 2014, is designed to more carefully control spam – unwanted Commercial Electronic Messages (CEMs) in electronic messaging. York faculty and staff are expected to comply with CASL. The penalties for failing to comply are significant, for both organizations and individuals.
The IPO provides resources to assist York University units and individuals to comply with CASL. In addition, a CASL PowerPoint presentation by the Office of the Counsel is available to York employees on YU Link (Passport York login required).
Important Note: This FAQ is intended to assist York University staff and faculty to understand their obligations under CASL. It summarizes and simplifies the complex requirements of CASL and is not intended to be a substitute for detailed advice, including legal advice. If you have specific questions about CASL, contact the Information and Privacy Office.
Top 5 Frequently Asked Questions
An “electronic message” is any message sent to an electronic account, e.g. an email, a text message, or a message using social media such as Facebook. Interactive two-way voice communications, fax messages or voice recordings sent to a telephone account are not considered to be electronic messages. If you’re telephoning a person to offer a product or service, that’s not an electronic message. (However, promotional phone calls may be regulated by the federal Do-Not-Call List. See https://www.lnnte-dncl.gc.ca/index-eng for more information about the Do-Not-Call List).
A “commercial activity” is broadly defined as “any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, whether or not the person who carries it out does so in the expectation of profit”. Examples of commercial activities include purchasing, selling, bartering or leasing products, goods or services, or land; providing a business, investment or gaming opportunity; or advertising or promoting any of these activities.
So, a CEM must meet both definitions of “electronic message” and “commercial activity” for CASL to apply. If you are in any doubt about whether an electronic message is subject to CASL, contact the Information and Privacy Office.
(a) Messages sent by or on behalf of a registered charity such as York University, which have as their primary purpose raising funds;
(b) Messages sent by or on behalf of an individual to another individual with whom they have a personal or family relationship;
(c) Messages sent to a person who is engaged in a commercial activity and consist solely of an inquiry or application related to that activity;
(d) Messages sent within the University that concern the activities of the University;
(e) Messages sent between organizations with a relationship that concern the activities of the receiving organization;
(f) Messages sent in response to requests, inquiries or complaints, or otherwise solicited by the recipient;
(g) Messages sent to satisfy, provide notice of, or enforce a right, legal or juridical obligation;
(h) Messages sent on an electronic messaging service if the required information and unsubscribe mechanism are readily available on the user interface, and the recipient has consented to receive the message;
(i) Messages sent to a limited-access secure and confidential account to which messages can only be sent by the person who provides the account;
(j) Messages that a sender reasonably believes will be accessed in a listed foreign state, and conform to the anti-spam laws of such foreign state.
The penalty for noncompliance with CASL is a fine of up to $10 million for the institution. Also, beginning July 1, 2017, a person who receives a CEM without having given his/her prior consent has a private right of action against the organization sending the CEM, and may be entitled to receive up to $200 per violation (class actions are possible, too). Officers, directors and agents can be held personally liable for their organization’s failure to comply with CASL.
CASL Flow Chart
- Requirements for Commercial Electronic Messages
- Consent Requirements
- Unsubscribe Mechanisms
- Other CASL Prohibitions
To determine whether you are compliant with the CASL requirements related to CEMs, complete the Compliance Checklist. (PDF)
See the Model Language (PDF) to ensure that your CEM-related messages are compliant with the legal requirements.
Portions of CASL webpages adapted from McMaster University, with permission.