Canada’s Anti-Spam Legislation (CASL)
We are committed to reducing the harmful effects of spam and related threats. Our goal is to help create a safer and more secure online marketplace. To that end, we help enforce what we call Canada’s Anti-Spam Legislation (external link).
In partnership with Canada’s Competition Bureau and the Office of the Privacy Commissioner, we work together to enforce this legislation.
We have the primary enforcement responsibility, including powers to investigate and take action against violators, and set administrative monetary penalties. We target those who send commercial electronic messages without the recipient’s consent or install programs on computers or networks without express consent. This includes malware, spyware and viruses in computer programs, in spam messages, or downloaded through infected Web links.
We also work to promote compliance among organisations and individuals, ensuring that businesses have the information they need to compete in the global marketplace.
More on how the CRTC helps protect Canadians.
Working together to Fight Spam (Transcript)
Services and information for businesses
Frequently asked questions
Sending messages, consent, identification, unsubscribing, installing computer programs, registered charities, enforcement approach.
Guidance on Implied Consent
Expressed versus implied consent, existing business relationships, existing non-business relationship, commercial electronic messages (CEM), proving consent, record-keeping.
Compliance tips
Consent, contact lists, internal do not call list, corporate compliance programs, accurate records.
Guidelines on the Commission’s approach to section 9 of CASL
Compliance guidelines, best practices, who it applies to, potentials for violation, managing risks for compliance, due diligence, preventions and safeguards, potential enforcement actions (Information Bulletin CRTC 2018-415).
Developing corporate compliance programs
Components of a program, senior management involvement, risk assessment, policy, records, training, monitoring, corrective action (Information Bulletin CRTC 2014-326).
Using toggling to obtain expressed consent
Commercial electronic messages (CEMs), opt-out consent mechanism, pre-checked boxes, explicit consent (Information Bulletin CRTC 2012-549).
Keeping records of consent (external link)
Record-keeping practices, electronic and hard copies of evidence.
Requirements for installing computer programs
Self-installed software, causing software installs, offline installations (CD/DVDs purchased at a store), get consent, consent for cookies, consent for operating systems, upgrades, updates.
Interpreting the Electronic Commerce Protection regulations
Unsubscribe mechanisms, info in a request for consent, written consent, oral consent (Information Bulletin CRTC 2012-548).
Guide for businesses doing e-marketing (PIPEDA) (external link)
Harvesting addresses, hired suppliers, collecting and selling email addresses.
Memorandums of understanding
List of memorandums of understanding with organizations and countries.
Most requested
- Snapshot of CASL enforcement activities
Period: April 1, 2019 to September 30, 2019 - Undertakings and notices of violation
- Report Spam (external link) at FightSpam.gc.ca
Partners
- Fight Spam (external link)
- Competition Bureau (external link)
- Office of the Privacy Commissioner (external link)
- Many other organizations and countries as stated in our memorandums of understanding
Enforcement advisories
- Notice for businesses collecting customer data with in-store WiFi
2019-08-13 - Advisory - Notice for Web Hosting Service Industry
2018-11-22 - Advisory
What we are doing
Publications
- Collaborating to Eliminate Spam and Nuisance Communications
2016-10-11 - Report
Policy and guidance
- CASL (Canada's Anti-Spam Legislation) (external link)
- Guidelines on the Commission’s approach to section 9 of CASL
Information Bulletin CRTC 2018-415 - Using toggling to obtain expressed consent
Information Bulletin CRTC 2012-549 - Developing corporate compliance programs
Information Bulletin CRTC 2014-326 - Interpreting the electronic commerce protection regulations
Information Bulletin CRTC 2012-548 - Electronic commerce protection regulations
Telecom Regulatory Policy CRTC 2012-183
Consultations and events
- Public proceedings and part 1 applications for compliance and enforcement activities (telemarketing rules, National Do Not Call List, and Anti-Spam)
- Date modified: