CASL compliance, double opt-in and the MailChimp audit trail

CASL compliance, double opt-in and the MailChimp audit trail

I wrote about CASL two days ago. The act comes in to effect on Tuesday (July 1) which means you have two business days to take advantage of the way “things were” before the way things will be kicks in.

It’s a confusing mess, to be sure. Several of my clients are impacted by CASL, each in unique ways. So, it’s hard to say there’s a cookie-cutter approach.

Having said that, using double opt-in and keeping your audit trail is a very safe bet. Double opt-in means potential members complete a form to sign-up for your mailing list, then have to respond in the affirmative to an unbundled confirmation request (e.g. a separate email message to the requestors address to confirm their desire to join the mailing list).

Most mailing list services offer double opt-in. If you haven’t used double opt-in for your mailing list to this point, now is the time to turn it on. And, for your own protection, keep your audit trail of double opt-in sign ups.

I use MailChimp for my own lists and, yesterday, downloaded the audit trail for my own local records. Doing so was simple. Here’s the procedure to capture your audit trail and determine if you’re indeed using double opt-in:

  1. Log in to your MailChimp account in your favourite browser.
  2. Access your Lists from the main administration page (left column).
  3. Select one of your lists by clicking on the list name (right column of the administration page). You will be presented with a table of subscribers for the selected list.
  4. Click the Export List button that appears on the top right, just above the table of subscribers. This is where MailChimp begins to add extraneous steps to the process, making it more complicated than it needs to be.
  5. Open your email client of choice because MailChimp is now going to email you a link to download the exported list of subscribers.
  6. When the email titled MailChimp List Export Complete arrives in your inbox, open it and click on the link prefaced by the text Download the list data. This will kick back to your browser and will automatically begin downloading the file — a zip file.

The zip file will download to your default (or specified) folder. Locate the file and KEEP IT.

The zip file contains a csv file which you can open in any spreadsheet program. Notice one column of the csv is titled OPTIN_TIME. This identifies when the subscription form was initially submitted as complete by the user. Another column is titled CONFIRM_TIME. This identifies when the user clicked on the link in the confirmation email, thus accepting their subscription. That’s two conscious actions… double opt-in.

If you don’t have those two columns, or unique values in each, you’re less likely to be CASL compliant.

  • Pingback: What the Canadian Anti-Spam Legislation Means for You | Email Rebel()

  • Salima

    mark, thanks for this. i have yet to send an express consent campaign, but thanks to your post i may only have to send it to the folks who have blanks in the OPTIN_TIME and CONFIRM_TIME fields? Also Mailchimp is really awful about how they recommend an express consent email. They offer no template (Unlike Constant Contact for example) and when I follow Mailchimp’s tutorial, the link in the email takes the subscriber to a profile update page where they have to re-enter all their info (email address, name, etc) and way down, click a tiny check box that says they give their consent to be emailed. It’s a long process for someone to stay on a list

    Reference link:

    Do you have any easier solutions?
    Thank you.

  • Mark

    Sadly, no. For all the work they did to explain CASL, I expected MailChimp would have provided a streamlined process with draft text template to make CASL compliance easier for its Canadian users. Opportunity lost, I suppose. My suggestion would be, if the number of list subscribers without double opt-in records is small, email them individually requesting their consent. If they agree, you can keep them on the list. In fact, a personalized email sent directly from you might provice a greater “Return on Consent-Keeping” or ROCK for short. :)

  • Salima

    Thank you, Mark. Not that small (just over 100) but small enough for me to scan for VIPs to email personally, and still send the remainder a personalized express consent campaign email. Love the ROCK acronym!

  • Pingback: What the Canadian Anti-Spam Legislation Means for You | Jose A. Casanova()

  • Pingback: What the Canadian Anti-Spam Legislation Means for You | Digital Marketing News()

Share This

Share This

Share this post with your friends!