Why Mailchimp is Far From Ideal for CASL Compliance

Canada’s Anti-Spam Legislation (CASL) is a very hot topic at the moment, and we better get used to it because it’s here to stay. We have to buckle down and play by the rules. CASL applies to any electronic message sent for commercial purposes, including, of course, email marketing. As a Canadian company or organization you are required to comply.

Mailchimp the most popular US-based email marketing platform, is not the best tool if you want to comply with CASL.

Here are the 3 main reasons:

Complete consent history

The CRTC requires you to save complete consent history for each of your subscribers.

Before we get any further, it’s important to understand the difference between implied and express consents. When the person has given you his / her consent to receive your communications (eg subscribed to your newsletter from your website), this is an express consent. When you can demonstrate a business relationship with a person without having their consent to send communications, then it is an implied consent.

Let’s look at a common scenario. You add an active client to your subscription list. Which gives you an implied consent. A year later, this same person fills out a form on your website to sign up to your newsletter. At this point, Mailchimp updates the contact profile and replaces the proof and date of consent with the new express consent. Which causes you to lose any prior proof of consent.

In other words, Mailchimp updates (or overwrites) the consent of a contact without keeping the complete history. This becomes problematic when you have to prove consent going back one, two, or even three years!

Cyberimpact on the other hand was made to help you comply with CASL efficiently. Contact consent history is thus preserved in its entirety, even if the person unsubscribes, re-registers, passes from an implied consent to an express consent, etc.

Contact and consent management executed according to list type

When it comes to importing a contact list into Mailchimp, it may seem very simple, you import your Excel or CSV and you’re done. But remember, if that’s the case, there are very important components missing for CASL compliance.
Contrary to Mailchimp, Cyberimpact applies the necessary information needed for CASL compliance, depending on the type of consent.

To ensure the seamless management of consents, Cyberimpact will also send you a monthly consent expiry report, which will allow you to take action.

Transforming implied consents into express consents

In addition, Cyberimpact has an automated way help you turn implied consents into express consents. The consent block! When you add a consent block to your emails, only people who haven’t yet subscribed will see a link they can click to confirm their consent (express). Once they click on it, they will stop receiving it. You add this block to your campaigns with a few clicks, and the system does the rest of the work for you!

Why not use a custom-made tool

Don’t get me wrong Mailchimp is a great tool. Obviously, the company would not be so successful if it wasn’t. However, the fact is that Cyberimpact has developed a tool with CASL compliance in mind every step of the way. Therefore makes it the best tool to address the specific needs of small businesses and organizations in Canada.

Not a Cyberimpact user yet? Give it a shot.


  1. Hi, I’m volunteering for a non-profit and we’re trying to understand CASL. You said “The CRTC requires you to save complete consent history for each of your subscribers.” but I can’t find that requirement anywhere in the FAQ (https://www.fightspam.gc.ca/eic/site/cb-bc.nsf/eng/03765.html) or full text of the CASL act (https://laws-lois.justice.gc.ca/eng/acts/E-1.6/page-2.html#docCont). Can you point me to where that requirement is specified?


Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *