Canada’s Anti-Spam Legislation (CASL)
We are committed to reducing the harmful effects of spam and related threats. Our goal is to help create a safer and more secure online marketplace. To that end, we help enforce what we call Canada’s Anti-Spam Legislation.
In partnership with Canada’s Competition Bureau and the Office of the Privacy Commissioner, we work together to enforce this legislation.
We have the primary enforcement responsibility, including powers to investigate and take action against violators, and set administrative monetary penalties. We target those who send commercial electronic messages without the recipient’s consent or install programs on computers or networks without express consent. This includes malware, spyware and viruses in computer programs, in spam messages, or downloaded through infected Web links.
We also work to promote compliance among organisations and individuals, ensuring that businesses have the information they need to compete in the global marketplace.
Services and information
Frequently asked questions
Sending messages, consent, identification, unsubscribing, installing computer programs, registered charities, enforcement approach.
Guidance on implied Consent
Expressed versus implied consent, existing business relationships, existing non-business relationship, commercial electronic messages (CEM), proving consent, record-keeping.
Compliance tips
Consent, contact lists, internal do not call list, corporate compliance programs, accurate records.
Guidelines on the Commission’s approach to section 9 of CASL
Compliance guidelines, best practices, who it applies to, potentials for violation, managing risks for compliance, due diligence, preventions and safeguards, potential enforcement actions (Information Bulletin CRTC 2018-415).
Developing corporate compliance programs
Components of a program, senior management involvement, risk assessment, policy, records, training, monitoring, corrective action (Information Bulletin CRTC 2014-326).
Using toggling to obtain express consent
Commercial electronic messages (CEMs), opt-out consent mechanism, pre-checked boxes, explicit consent (Information Bulletin CRTC 2012-549).
Keeping records of consent (external link)
Record-keeping practices, electronic and hard copies of evidence.
Requirements for installing computer programs
Self-installed software, causing software installs, offline installations (CD/DVDs purchased at a store), get consent, consent for cookies, consent for operating systems, upgrades, updates.
Interpreting the Electronic Commerce Protection regulations
Unsubscribe mechanisms, info in a request for consent, written consent, oral consent (Information Bulletin CRTC 2012-548).
Guide for businesses doing e-marketing (PIPEDA) (external link)
Harvesting addresses, hired suppliers, collecting and selling email addresses.
Most requested
- Report Spam (external link)
- Snapshot of CASL enforcement activities
Period: October 1, 2021 and March 31, 2022 - Enforcement actions
- Public proceedings and part 1 applications
- COVID-19 scams
Partners
- Innovation, Science and Economic Development Canada
Fight Spam (external link) - Competition Bureau (external link)
- Office of the Privacy Commissioner (external link)
- Memorandums of understanding with other organizations
More information
- Canada's Anti-Spam Legislation (The Act) (external link)
- We help protect Canadians interests
- Collecting customer data with in-store WiFi
2019-08-13 - Advisory - Web hosting service industry
2018-11-22 – Advisory - Collaborating to eliminate spam and nuisance communications
2016-10-11 - Report
Features
Canada’s anti-spam legislation’s main goal is to protect you and make spammers think twice about sending spam to Canadians.
Scammers use many fraudulent techniques to gain access to your personal accounts through your computer and electronic devices.
Follow the adventures of Kim, the owner of Tiny Cakes, in three delicious videos that will show you how small businesses can succeed while complying with Canada's anti-spam law and telemarketing rules!
- Date modified: