MSPs Get Busy Helping Customers As Canadian Antispam Law Set To Take Effect


A Canadian law intended to cut down on unsolicited email messages could have a major impact on service providers when it takes effect next week, but security experts don't believe it will have a tremendous impact on spam.

Adjustments must be made to messaging systems to meet the new restrictions or businesses risk lapses that could lead to serious repercussions, according to service provider experts helping clients address the issue. Under the new restrictions beginning July 1, businesses must gain permission before sending electronic messages to customers located in Canada. Violation of the law could result in a maximum fine of $10 million, according to the new law.

[Related: Security Expert: Industry Is Failing Miserably At Fixing Underlying Dangers]

Some managed service providers told CRN they have been advising clients on ways to apply measures to meet the new law, including modifications to databases and CRM systems to control the volume and quality of messages being sent. Unlike the U.S. CAN-SPAM Act of 2003, which addressed marketing communication, the Canadian law applies to all messages, regardless of their intention, said Jeremy MacBean, director of business development at IT Weapons, a Brampton, Ontario-based solution provider. The U.S. law allows e-mail marketers to send unsolicited messages to users provided each message contains an "opt-out" mechanism.

The Canada Anti-SPAM law requires a similar "opt-out" function in messages and applies to email, SMS text messages, instant messages and any other electronic communication sent to Canadian citizens. Messages also must clearly identify the sender, have a valid mailing address and contact information, under the law. A provision provides some wiggle room for certain message types, such as legal notices or confirmation of a purchase of goods and services. Those exemptions are granted to personal messages, business-to-business, legal, referral business practices, and telecommunications services.

The biggest issue for service providers will be to work with smaller companies that don't have a centralized CRM or email management system in place, MacBean said. Anyone who maintains contact lists should be aware of the law. After July 1 businesses are prohibited from contacting customers to gain permission, he said.

"IT is directly involved because new software and auditing tools are now required for everyone to stay compliant," MacBean said.

NEXT: Spam Out Of Control, Despite U.S. Law