Canada’s Anti-Spam Legislation (CASL)
We are committed to reducing the harmful effects of spam and related threats. Our goal is to help create a safer and more secure online marketplace. To that end, we help enforce what we call Canada’s Anti-Spam Legislation (external link).
In partnership with Canada’s Competition Bureau and the Office of the Privacy Commissioner, we work together to enforce this legislation.
We have the primary enforcement responsibility, including powers to investigate and take action against violators, and set administrative monetary penalties. We target those who send commercial electronic messages without the recipient’s consent or install programs on computers or networks without express consent. This includes malware, spyware and viruses in computer programs, in spam messages, or downloaded through infected Web links.
We also work to promote compliance among organisations and individuals, ensuring that businesses have the information they need to compete in the global marketplace.
More on how the CRTC helps protect Canadians.
Services and information for businesses
Sending messages, consent, identification, unsubscribing, installing computer programs, registered charities, enforcement approach.
Expressed versus implied consent, existing business relationships, existing non-business relationship, commercial electronic messages (CEM), proving consent, record-keeping.
Consent, contact lists, internal do not call list, corporate compliance programs, accurate records.
Compliance guidelines, best practices, who it applies to, potentials for violation, managing risks for compliance, due diligence, preventions and safeguards, potential enforcement actions (Information Bulletin CRTC 2018-415).
Components of a program, senior management involvement, risk assessment, policy, records, training, monitoring, corrective action (Information Bulletin CRTC 2014-326).
Commercial electronic messages (CEMs), opt-out consent mechanism, pre-checked boxes, explicit consent (Information Bulletin CRTC 2012-549).
Record-keeping practices, electronic and hard copies of evidence.
Self-installed software, causing software installs, offline installations (CD/DVDs purchased at a store), get consent, consent for cookies, consent for operating systems, upgrades, updates.
Unsubscribe mechanisms, info in a request for consent, written consent, oral consent (Information Bulletin CRTC 2012-548).
Harvesting addresses, hired suppliers, collecting and selling email addresses.
List of memorandums of understanding with organizations and countries.
- Snapshot of CASL enforcement activities
Period: October 1, 2019 and March 31, 2020
- Enforcement actions
- Report Spam (external link) at FightSpam.gc.ca
- COVID-19 scams
- Fight Spam (external link)
- Competition Bureau (external link)
- Office of the Privacy Commissioner (external link)
- Many other organizations and countries as stated in our memorandums of understanding
- Notice for businesses collecting customer data with in-store WiFi
2019-08-13 - Advisory
- Notice for Web Hosting Service Industry
2018-11-22 - Advisory
What we are doing
- Collaborating to Eliminate Spam and Nuisance Communications
2016-10-11 - Report
Policy and guidance
- CASL (Canada's Anti-Spam Legislation) (external link)
- Guidelines on the Commission’s approach to section 9 of CASL
Information Bulletin CRTC 2018-415
- Using toggling to obtain expressed consent
Information Bulletin CRTC 2012-549
- Developing corporate compliance programs
Information Bulletin CRTC 2014-326
- Interpreting the electronic commerce protection regulations
Information Bulletin CRTC 2012-548
- Electronic commerce protection regulations
Telecom Regulatory Policy CRTC 2012-183
- Date modified: