I was lucky enough to get to hang out with one of the world’s leading authorities on email legislation and deliverability, Dennis Dayman (@ddayman) last week.
What we discussed:
- Recent changes to the Canadian laws on e-marketing, and how similar the law in Canada now is to the UK and the rest of Europe.
- The future of email marketing legislation.
- The global impact of C-28 on Marketers and on consumers, and how long it’s expected to take before we see an impact on SPAM originating in Canada.
- How the rise of email campaign opens on mobiles will impact deliverability and legislation.
LBA: Can you briefly summarize the changes to the Canadian laws on email marketing?
DD: CASL has had a lot of changes since its inception in 2008 / 2009 which happened because of changes in the government in Canada. Most recent comments are clarifications that we’ve asked for rather than changes from the CRTC (Canadian Radio Television Commission). These answered some questions. We had concerns about whether certain things had to happen.
How you obtain consent, under the legislation originally there needed to be vocal consent which was odd in an email digital world to call up etc and save that for the next 10 years. A non pre check box would be considered consent by the user or another way is when you have the email submission box forcing a user to type that information and when the user submits information it gives permission to add to emails which is also consent.
Good news for us and was already best practice. Pre check boxes are not the best way to do business. For our customers they always use the email fill it box because they need to get that information to the user.
There was also confusion whether an ESP had to be identified as the sender of the message. We read it as ESP would have to put their name along with the brand which would put some responsibility back onto the ESP.
The clarification came back from the CRTC that that was not the case because that doesn’t make sense as the sender however if the ESP drives and creates the content and are obtaining the list for the brand then they should be part of that postal address identifier of who is sending the message.
They’re not the primary sender but they should be listed somewhere to identify that this message content was powered by ‘X’ ESP at that time.
See blog deliverability.com for more detail that DD has written about.
LBA: Do the changes bring the law closer to the law in the EU and the UK?
DD: Yes and no. We’re talking about email regulation not privacy regulation. Most countries use the idea of data processing which would include sending an email to somebody as part of the privacy law. Canada has always had privacy laws called PIPEDA and each province also has its own privacy laws as well.
Now Canada is putting in some ability to fine those that are egregiously spamming. The biggest news case was a Facebook spammer ‘Adam’ who spammed a lot of people on Facebook. In the US they won close to a billion dollar judgement but can’t touch Adam because he’s in Canada.
Hopefully under this regulation there’ll be some cross border enforcements with the CRTC, the FCC maybe the FTC here in the US that will help with lawsuits. What we’ve seen under privacy law is you have to have permission to process that information usually on the B2C side.
There are some exemptions on the B2B side which could be changing in the next 18-24 months with the EU reforms which are being discussed. How does this law apply to someone in Africa? That will be difficult to apply that law across the water. Where it’s going to be a lot easier would be in US and EU because of the way our governments are set up and how our governments work together in these scenarios.
LBA: Are the laws in the EU and Canada tighter than in the US?
DD: Yes, in the US we’ve had CAN-SPAM since 2003. We had an update which was more of a clarification in 2008 and it’s an opt out legislation. I jokingly refer to it as we’re a buy one get one free country – we’ll give any information away to get some sort of email coupon. Everywhere else it’s an affirmative opt in, in Canada and the EU.
I definitely would say this is a lot tighter than most regulations because it’s specifically targeted at email, social media and voicemail systems and any way that you can digitally send out commercial information. We’ve had a couple of organizations in the US that have tried to enforce CAN-SPAM which can only be enforced by Attorney Generals and internet service providers. There’s no private right of action.
An individual can’t sue in the US but in Canada an individual could sue if they felt that their rights were violated. The same happens in UK and EU. Looking at the history of enforcement of email regulations, Australia followed by NZ are the more stringent countries that use their email regulations to stop spammers in their tracks.
LBA: What do you think the future is in terms of email legislation in the US?
DD: I’ve had the opportunity to sit down with Chairman Leibowitz of the Federal Trade Commission two years ago and asked him that question. At the time in the US we had a lot of draft bills targeting privacy due to social media changes.
They weren’t planning to change CAN-SPAM because the commission has a lot of other things they’re focusing on right now. I believe they’re trying to push self regulation which does work. There are some that cause problems but in the US the Federal Trade Commission goes after them pretty swiftly and gets what they need out of that.
I think in the US we will see some regulation hopefully at federal level rather than having some states create their own regulation. I think it will happen and is not a bad thing. It’s just part of a progression especially of technology.
I’d like to hold off as long as possible. For now I think self regulation works so there’s no changes that are going to be coming from them.
LBA: Who would you say has the tightest laws surrounding email right now?
DD: Canada once it actually gets implemented which was supposed to be last year, then this year but might come in in 2014 will probably be the more stringent regulation. Australia and New Zealand seem to have some of the more stringent regulations. The US will always be behind due to the way we have been as a culture over the last couple of decades.
LBA: How much of an impact globally will C-28 have on Marketers and on Consumers?
DD: That question is yet to be defined or seen with numbers. We have no idea how it’s going to be enforced. Will they go after every problem or just the egregious spammers? There’s also questions regarding how regulations will apply to email that passes through Canada. If servers are in Canada but sending to Hong Kong for example I’d venture to say no they won’t be prosecuted.
That could have an effect in next 10 years once this goes into effect. I’ve been telling our customers that once the regulations go into effect, they’ll have two years to comply with express consent they had prior where they need affirmative consent they’ll have two years to do that so now might be the time to start that and get that done without necessarily killing their list management from the last 5-10 years.
LBA: Now that the C-28 has been passed, how long would you expect it to take before we see an impact on SPAM originating in Canada?
DD: It depends on budgets and the support that organizations enforcing this get. Organizations in Canada will be working together to enforce this. This is also very new to Canada in terms of email regulations and what their standards will be. I think in the first 2-5 years they’ll go after the most egregious spammers.
The organizations are also creating similar functions to the US Federal Trade Commission’s SPAM fridge whereby you can send SPAM to a big rack of servers, SPAM@ftc.gov. Once the FTC sees a lot piling up they’ll investigate and find the person and go after them.
It’ll probably be similar in Canada. It could take 6 months to a year to get evidence to indicate there’s a problem with somebody. It depends on budgets and timings. There’s a lot of unknowns in this regulation and the timing. I’m telling marketers to take advantage of this time and start now.
LBA: What impact do you think the rise of email campaign opens on mobiles will have on deliverability and legislation?
DD: If you look at CASL itself, most regulations whether email or privacy based they touch on the digital realm, not just email. If you look at mobile, we are doing email, the pure definition of what you do on your Apple device, whether you get email on your phone or computer or both places, the regulation will apply.
CASL already covers SMS. In the US, CAN-SPAM and the Telephone Consumer Protection Act apply to SMS and the same exists in the EU. There are regulations that apply to SMS. They’re typically affirmative opt in with a cost to the individual. Yes, I see these impacting on that.
In your campaigns, you shouldn’t be breaking them out in social media versus marketing versus mobile and where your legality should be tested should be across the board. I’m an anti spammer, I came from the anti SPAM side of the business and I believe that privacy is the ultimate right to the individuals online and offline. Even in my mailbox you have to ask to send me information.
Read more like this at our blog.