Start updating your e-marketing policy now: After considerable delay, the final regulation to Canada’s anti-spam law is finally known. The measure prohibits sending unsolicited electronic messages as well as installing unauthorized of computer programs without the recipient’s permission.

The government announced recently that the electronic messages part of the law will go into effect starting July 1, 2014, with the sections relating to the installation of computer programs coming into force January 15, 2015.

As we wrote previously, the law was in legislative limbo for nearly three years. Industry Canada held fairly extensive public hearings and reviewed many written comments before releasing the final regulations last month. The regulation clarifies and completes several portions of the law.

Unsolicited Electronic Messages

Generally speaking, it will be illegal to send an electronic message of any kind unless the recipient has consented to receive it, either explicitly or implicitly. This requires opting-in, requiring companies to get permission before sending out marketing e-mails.

The regulation clarifies the law:

  • Registered charities, political parties or fraternal organizations may send unsolicited electronic messages.
  • Individuals may send unsolicited messages to their family members and individuals with whom they have a personal relationship. But “family” only means there is a link through marriage, common-law partnership, or a parent-child relationship. “Personal relationship” is defined much more broadly, including anyone it is reasonable to conclude the sender has a personal relationship with such as a neighbor or members of a club.
  • Employees, consultants or franchisees may send unsolicited messages to other employees, consultants, or franchisees in the same organization.
  • Similarly, it is alright for someone in an organization to send unsolicited electronic messages to a person in another organization if the two groups have a relationship and the message concerns the group’s activities.
  • Unsolicited electronic messages may be sent to recipients in foreign countries if the message complies with the laws of that country.
  • There is an exception for referrals. If the sender is referred to another person, then the sender may send a single unsolicited e-message if they disclose who referred them.
  • The regulation assumes there is an existing, non-business relationship between members of the same club, association or volunteer organization. These must be non-profits set up exclusively for social welfare, civic improvement, pleasure or recreation, or any other purpose other than personal profit such as an amateur athletic league.
  • Court-ordered messages, those required by law, or to enforce a legal right or obligation are permitted.

Spyware Barred

Besides targeting unsolicited e-messages, the law also contains provisions designed to stop companies from using spyware, malware and other malicious software to spread spam and steal personal information. Professional spammers are known to use networks of computers infected with viruses – known as “botnets” –  to proliferate spam messages on a broad scale.

The new regulations make a few additional clarifications about this, too:

  • Telecommunications service providers such as Rogers and Bell are permitted to install security computer programs on a personal computer to protect its network from threats.
  • Telecommunications companies may install computer programs on personal computers to upgrade or update its network.
  • A program to correct an operating system failure as long as the program is installed solely for that purpose.

The exemptions above are not exhaustive — these are merely the exemptions added in the new regulation. My earlier blog post on the law discusses other exemptions.

If your business relies on mailing lists and e-marketing, chances are good that the law applies to you. You risk incurring large fines if you do not update how you do e-marketing. Even if you have the consent from the people you are sending electronic messages to, you must ensure they have the opportunity to opt-out. Similarly, if your business installs software or software updates on people’s computers, the law most likely applies and you will need to ensure you are  in compliance.

Intellectual property lawyer Stuart Freen may be reached by phone at 416.977.0007, and you have his consent to contact him by email at