Your Go-To Guide to CAN-SPAM, CASL and GDPR

Your Go-To Guide to CAN-SPAM, CASL and GDPR

Everyone knows and loves CAN-SPAM, right? You know, the laws that say you have to make sure you never provide misleading header information (like sender name and email address) and that there’s always an unsubscribe link in your messages?

Well, there are other commercial communication regulations that are already in effect or will be instated in the next year that may affect the way your organization communicates with your audience.

What are those laws? CASL (Canadian Anti-Spam Law) and GDPR (General Data Protection Regulation). CASL has been in full effect since 2016 and covers all messages sent into or out of Canada, but does not include messages simply routed through Canada. The GDPR has not yet been enforced, but regulation will begin on May 25, 2018 and will cover any messages sent to or received from the European Union. It will also create a uniform regulation on electronic messages across all EU member states.

As far as anti-spam laws go, CAN-SPAM is the most lenient of the three and the only one that is an opt-out law, which doesn’t require prior consent from recipients to be sent commercial messages. But all three do have provisions in common, including guidelines for how you can make it easy for recipients to opt out of further communications (usually by providing the link to a one-click subscription center or a reply-to address you check regularly), a hard rule that opt-out requests must be honored quickly, and instruction that you are responsible for monitoring communications sent from other organizations on the recipient’s behalf.

Now that you know the main similarities of CAN-SPAM, CASL, and GDPR, it’s time to talk about their differences. Take a look at the table below to see how each law handles consent, opt-out duration, penalties, and age restrictions.


There are plenty more resources available to make sure you are complying with all communications laws. To look further into CAN-SPAM and search FAQs, visit the Federal Trade Commission’s website.

CASL information and regulations are listed on the Canadian Radio-television and Telecommunications Commission page. For quick overviews, a questions guide is available here.

To get a complete review of GDPR including FAQs, key changes to previous laws the regulation will supersede, the timeline for enforcement, and a history of how the GDPR came into being, visit

Stay tuned for a full industry brief on CAN-SPAM, CASL and GDPR, coming soon!

By | 2018-07-18T13:49:20+00:00 December 1st, 2017|Data Management, Email Marketing, Plan|0 Comments

About the Author:

Leah joined Relationship One in September of 2017 and is excited about working at an agency for the first time! She has been working with Oracle Eloqua and Marketo for two years and can't wait to get even more in-depth experience. Outside of work you'll most likely find her playing Ultimate Frisbee with her club team, Snap, or spending time with her rescue dog, Pepper.

Thank you for subscribing!
Subscribe to our Thought Leadership Today