The Email Delivery Guru

A client asked me an interesting question the other day. He wrote, "I have a question about a clause in Canada's new anti-spam law, CASL. Specifically, about the clause that states that marketers need to include the identity of the person who is sending the email message. If the email is being sent on someone's behalf other than the sender, the name of that person needs to be included. How will this affect an agency that is sending on behalf of one of our clients? Do we have to include our name in the email campaigns?"

The new law governing spam in Canada, Canada's Online Protection Legislation, often abbreviated to COPL or CASL (Canada's Anti-Spam Legislation) is pretty new to the scene, I don't yet have the expertise to answer this question on my own. In my ongoing research and learning to further my understanding of CASL, I reached out to Shaun Brown, lawyer with Ottawa law firm nNovation LLP. He kindly offered to help me better understand the specific labeling requirements in this scenario. He writes:

This is a great question that touches on an issue that is relevant to many stakeholders in the email marketing business. It comes up often.

Canada's Anti-Spam Legislation (CASL) requires the person who sends a Commercial Electronic Message (or, CEM) to clearly identify themselves. If the CEM is sent on behalf of another person, that other person must be identified as well. I refer to this as multi-party identification.

It may sound simple in theory, but can be more complicated in practice. There can be many people involved in the process of sending of a single message - the advertiser, ad agencies, email service providers, etcetera.

Your question is really about when a CEM is considered to be "sent on behalf" of another person for the purposes of the legislation, and subsequently when any person other than the advertiser needs to be identified. In other words, 'does an ad agency or ESP need to be identified in a message, and if so, under what circumstances and manner?'

To begin with, the multi-party identification requirement is really about transparency and accountability. It is, in my view, intended to ensure that recipients are able to understand where a given CEM came from, and why it was sent to them. It is not intended to provide recipients with a detailed history of how the message came to be. Too much information can be just as bad as not enough.

The focus here is really on consent and list ownership. If an advertiser is sending only their own content to their own list, then I would argue that the multi-party identification requirements do not apply. (If the advertiser's content is being delivered to someone else's list as in a third-party marketing situation, then it is being sent by someone else on their behalf, and the multi-party identification requirements would apply.)

It is my personal view that ESP's, ad agencies, etc. do not need to identify themselves in the body of every message. I don't believe this was the intention of the multi-party identification requirements - including all of this information could even be seen as clutter and potentially confusing for the recipient. Of course, there is nothing to say that an ESP (or ad agency, for that matter) cannot be identified in the message if they want to be, and the client agrees.

It is also important to remember that in most cases an ESP is going to be identified in some way in the header information of the message, both by way of their IP and when they sign the message with DKIM/ADSP (as all good ESPs should!). Header information must be neither false nor misleading, under the new law.

Please note, this is not legal advice. This is based on my own common sense interpretation of the law and how it should apply; there is always the possibility that someone with much more influence than I (e.g., the Canadian Radio-telecommunications Commissioner, or a judge) will disagree.

Shaun, thank you so much for taking the time to answer this question! If you'd like to learn more about Shaun Brown or his law firm, click here to visit the nNovation website.

Shaun is able to offer comprehensive audit services by partnering with ex-Return Path compliance master Neil Schwartzman, who runs a CASL Compliance consultancy. For more information, visit http://caslconsulting.com