alt="Tip"/> If you want to see a comprehensive list of spam legislation by country, start with the Wikipedia website article at https://en.wikipedia.org/wiki/Email_spam:legislation_by_country. From there, you should be able to find the legislation that applies to your country.
The European Union
You may have heard a lot about the General Data Protection Regulation, better known by its abbreviation, GDPR. The GDPR is a regulation touted by the GDPR website at https://gdpr.eu (see Figure 2-6) as being the toughest privacy-and-security law in the world.
FIGURE 2-6: The GDPR has a comprehensive website to answer your questions.
Like similar laws in the US, the GDPR lays out seven principles for protecting data:
Your processes must be lawful, fair, and transparent.
You must process data for legitimate purposes directly related to the subject of that data.
You should collect and process only as much data as you need for your purposes and not one bit more.
You must keep personal data accurate and updated.
You should store personally identifiable data only as long as you need for your specified purpose.Any data processing you carry out must ensure security, integrity, and confidentiality, such as by using strong encryption.
The person responsible for managing the data — the data controller, in GDPR terminology — must be able to demonstrate GDPR compliance.
What we list here only scratches the surface. You can view the latest news about GDPR and get all your questions answered (and then some) on the GDPR website at https://gdpr.eu.
The United Kingdom
Brexit may be a reality, but data protection knows no borders, and so it’s no surprise that UK laws are modeled closely on the GDPR. The people who put together the UK policy decided to make things easy and just refer to their policy as UK GDPR.
The Information Commissioner’s Office, or ICO, is an independent body that contains information about the UK GDPR for businesses and individuals. For businesses, that means you can't just learn what the UK GDPR requires; you also need to take a self-assessment test to see whether your business is ready to adhere to the UK GDPR — no matter whether you’re in the UK or you want to do business in the UK.
For consumers, this means you can learn what your rights are under the UK GDPR, including your rights to be informed, to get your data deleted, to limit how organizations use your data, and more.
All this information, as well as a complaint form, is available on the ICO at https://ico.org.uk, as shown in Figure 2-7.
FIGURE 2-7: The Information Commissioner’s Office website offers news, advice, and common topics.
Canada
Though Canada is a country that still recognizes the UK monarch as the head of state, Canada makes its own rules — including antispam laws. Canada is straightforward, as is its wont, and calls its antispam law Canada’s Anti-Spam Legislation (CASL).
The Canadian Radio-Television and Telecommunications website has a page about the CASL that you can find at https://crtc.gc.ca/eng/internet/anti.htm, as shown in Figure 2-8.
Like similar antispam laws, CASL regulates all electronic messages — including email and texts within, from, and to Canada — that organizations send with what the law calls commercial activity.
FIGURE 2-8: You can find plenty of helpful links and information on the CASL home page.
The website has not only a lot of frequently asked questions and other helpful links but also a list of five compliance tips to follow — including a phone number you can call to ask for help. (We haven’t called it ourselves, but we expect that you’ll talk to a real person because it’s Canada.)
Honoring Boundaries
The COVID-19 pandemic accelerated talk about setting boundaries in all communication, but especially with online communication. Health officials helped guide people in moderating their physical boundaries to keep themselves safe, such as by physically touching with a fist bump. Others suggest not touching at all because using the Vulcan hand salute from Star Trek as a greeting is clearly healthier (and hipper).
The most discussion about boundaries centered on understanding everyone’s mental boundaries, especially with the mental stress of many people forced to change their lives and daily structure. Though the boundaries we talk about in this section have no legal force (at least here in the US, where we are), understanding and setting boundaries are helpful goals if you want to avoid any legal misadventures.
You may have read in Chapter 1 about how to communicate with people, and that’s fine. In this chapter, we review some of that material, in case you don’t want to go back (but you always can).
Then we talk about setting boundaries, talking with your team to set policies in your business that work for everyone (or at least reasonably so), and why you should consider centralizing your communication online. Finally, we talk about using the right medium for the message you want to send.
Communicating with people during work hours
There are plenty of rules, stated and not, that you should follow when communicating with your employees during work hours. This advice doesn’t change when you connect online just because people work in different parts of the country and/or the world or because pandemic safety requires that everyone work from home.
With that said, let’s quickly review the basics
