In 2010 Canada unveiled some of the toughest anti-spam legislation in the world. While now on the law books, the legislation has not yet come into full effect, pending the development of detailed regulations. This gives web developers time to adjust to the new provisions: a vital opportunity, as the law influences not just Canadian businesses, but the transmission of all pertinent information that touches servers in Canada, with fines up to 10 million dollars for non-compliance.

The Canadian Anti-Spam Legislation prohibits spamming, hacking, malware, online fraud, eMail harvesting and invasions of privacy. The most pertinent area for front-end developers is gaining consent for commercial electronic messages (CEMs).

While I am not a lawyer (and this article does not constitute legal advice) I would suggest that, pending detailed legal regulations, most front-end developers would do well to follow a few simple steps to ensure CASL compliance:

  • ensure that website forms make it clear why the information is being requested, who gains from it, and how the information will be used.
  • never use implied consent or “opt-out” forms. Ensure that agreements require explicit, “opt-in” action from users. For example: if you desire users to sign up for a newsletter, leave an open checkbox for them to click, rather than a pre-checked form element that assumes their consent.
Make form checkboxes that require user agreement like this:
NOT pre-filled:
  • provide easily accessible options for users to unsubscribe or remove themselves from databases.
  • provide clearly visible contact information for consumers as an avenue for questions.

CASL means to codify “fair dealing” with consumers and users: rather than trying to trick or trap them, by using honest and straightforward communication. It’s unfortunate that legislation is required to enforce common sense, but web developers who lack ethical considerations have made it necessary.

Enjoy this piece? I invite you to follow me at twitter.com/dudleystorey to learn more.