Prospecting for clients using electronic communications is about to get a lot more complicated for financial advisors and their firms, according to lawyers. That’s because the government’s long-awaited anti-spam legislation kicks in on July 1, 2014. “It’s an incredible mess,” David Fraser, a lawyer with McInnes Cooper LLP in Halifax, says of Canada’s new anti-spam law, known as CASL.

Adrian Liu, a lawyer with Borden Ladner Gervais LLP in Toronto, whose firm works closely with financial services institutions, says CASL is a, “very hot topic” and is creating “varying levels of panic” among investment firms.

The federal government estimates that spam accounts for 80% of emails in Canada and costs the Canadian economy $3 billion annually. In 2004, the government set out to tackle the problem. After kicking around legislation in various parliamentary committees, Ottawa passed the CASL in 2010, then announced the July 2014 launch earlier this year.

The new regime prevents advisors from sending a “commercial electronic message” (CEM) without the consent of the person receiving the CEM.

This blanket prohibition has created major problems for financial advisors, lawyers say, because it captures virtually every communication an advisor may have with clients. Although there are a host of exemptions, the CASL is exceedingly complex, making it very difficult to discern what is and isn’t a permissible communication under different scenarios. The law also is murky about what constitutes “consent” – the single most important exception to the general prohibition.

“[The CASL] will change the way that most businesses operate in the online environment,” predicts Tricia Kuhl, a lawyer at Blake Cassels & Graydon LLP in Montreal.

The CASL, which will be enforced by the CRTC, will make prospecting using electronic messages much more difficult. Businesses will have to put systems into place that track electronic communications and provide recipients with the ability to “unsubscribe.”

And advisors could face shockingly high fines for sending unsolicited email – as much as $1 million per occurrence for an individual and up to $10 million for a company. There also is a liability clause pertaining to company directors and officers for the actions of employees, and class actions are a possibility.

The first thing advisors need to know, warns Fraser, is that “‘electronic communications’ is all-encompassing.” The term includes items such as texts, emails, podcasts and videocasts. In Fraser’s view, the law casts too wide a net and may cause issues for businesses, especially small ones, without dealing effectively with genuine spam. Instead of focusing on email scams and frauds, Fraser says, the CASL is “hitting a fly with a sledgehammer – and may miss the fly.”

Specifically, Kuhl notes the definition of a CEM is very broad: it is an electronic message whose purpose is to “encourage participation in a commercial activity.” The law takes a very tough stance on what constitutes commercial activity, she adds, noting that the CEM doesn’t have to be a for-profit activity – thus, the definition is broader than that used in the U.S.’s anti-spam law.

For example, a CEM could include items that generally might be considered innocuous, such as newsletters and information about new mutual funds and investment products. Even an invitation to a seminar might be considered to be a CEM.

CEM is so broadly defined, says Liu, that it includes “anything that promotes your firm, even though you don’t charge people.”

The lawyers say the critical issue in complying with the CASL is in obtaining either express or implied consent from CEM recipients. “Express” consent is obtained when you ask for permission to send a CEM and the person agrees. In order to fulfil the legal obligation for consent, you must explain why you are asking for consent and include certain critical pieces of information: your name, company name and address, website URL, phone number and a method for the recipient to unsubscribe from future communications.

“Implied” consent is inferred from actions. For example, you can respond to a request for information or send information to people who provide you with a business card or who conspicuously post their email on their website (subject to some limitations). Existing business relationships also imply consent, provided the recipient has used your services in the two years prior to you sending the CEM.

Some communications are exempt from the CASL. You may email family and friends without their consent, and you can email co-workers within your organization or between organizations that already have a relationship.

There is also a third-party referral exemption. If a client recommends that you contact a colleague, you can send that colleague one email; however, if that person doesn’t respond, that’s it. You will have to resort to the telephone or a snail-mail letter. However, beware of the National Do Not Call List if you are phoning your prospect, Fraser warns. That person might be registered and wish not to be contacted.

“Soliciting is the area everybody really needs to worry about,” Liu says. “The basic rule is: don’t send unsolicited emails. It’s an area you really need to think about developing a policy around and start training people. People can’t sit on their hands.”

Adds Fraser: “It is important for businesses to ask, ‘How do we communicate, and under what circumstances do we communicate with our customers electronically?’ And then put policies in place.”

Tracking and monitoring consents is critical, he adds, since senders must prove they obtained the recipient’s permission.

Another concern, Kuhl says, is when an advisor buys a book of business from a competitor. The sale agreement should include a provision specifically transferring the consents. And if you rent or buy a prospect or marketing list, make sure the company you deal with has obtained consent to contact the people on that list.

The CRTC is taking the law seriously, says Fraser: “They seem to be, from Day 1, strapping on the gun and badge.” He is doubtful that enforcers will take a “light-touch approach” to violations.

Starting in January 2017, Canadians also will be able to sue violators of the CASL, so expect to be subject to class-action lawsuits for any mass emailing breaches.

© 2014 Investment Executive. All rights reserved.