When you're sued or audited, "we had consent" means nothing without proof. Proper consent management is your legal shield.
Burden of proof is on the sender
Source: Legal Standard
Maximum time to process opt-outs (most laws)
Source: CAN-SPAM/CASL
Why Consent Documentation Matters
- • Burden of proof: You must prove consent exists, not the recipient
- • Class action defense: Documentation is your primary evidence
- • Regulatory audits: Regulators expect records
- • Statute of limitations: Claims can come years later
Types of Consent
Express Written Consent (Highest)
Documented written agreement. Required for TCPA marketing calls/texts.
Express Verbal Consent
Spoken agreement. Requires call recording to prove.
Implied Consent (Limited)
Inferred from relationship. Time-bound under CASL (6 months - 2 years).
What Valid Consent Looks Like
- • Clear and conspicuous: Not buried in fine print
- • Specific purpose: States what they're consenting to
- • Unchecked boxes: User must actively check
- • Separate from other consents: Not bundled
- • Freely given: Not required to complete transaction
Pro Tip
Documentation Requirements
Record for every consent:
- • Timestamp (date and time)
- • IP address (for web forms)
- • Exact language shown at time of consent
- • Method of collection (form, checkbox, verbal)
- • Version of consent language (if updated over time)
Consent Storage & Retention
- • Keep records for at least 4 years (longer is safer)
- • Store in accessible, auditable format
- • Maintain backup copies
- • Be able to produce records within days if challenged
Opt-Out Processing
Processing Time
- • CAN-SPAM: 10 business days
- • CASL: 10 business days
- • Best practice: Immediate
Cross-Channel Sync
- • Sync suppression lists across all platforms
- • Email, phone, SMS unified
- • Real-time updates preferred
Consent Management Checklist
- Clear, specific consent language on forms
- Unchecked boxes (no pre-checked)
- Timestamp and IP captured
- Exact consent language version stored
- Records retained 4+ years
- Opt-out processing within 10 days
- Cross-channel suppression sync
- Audit trail accessible
Legal Disclaimer
This content is provided for educational purposes only and does not constitute legal advice. Regulations vary by jurisdiction and change frequently. We strongly recommend consulting with a qualified attorney or compliance professional regarding your specific situation before implementing any outreach program. Pipeline Engine is designed with compliance in mind, but ultimate responsibility for legal compliance remains with the business.