Digital Brain
digital brain
digital brain

CRTC Imposes $1.1 Million Penalty for Alleged CASL Violation

March 2015 Privacy Bulletin 2 minutes read

In its first real enforcement action since Canada’s Anti-Spam Law (“CASL“) came into force on July 1, 2014, the Canadian Radio Television and Telecommunications Commission (the “CRTC“), announced on March 5, 2015 that it had issued a Notice of Violation under CASL to Compu-Finder, a business providing executive and management training services.

The CRTC alleges that Compu-Finder violated CASL by promoting its training courses through commercial electronic messages (“CEMs“) sent to recipients without consent, some of which were additionally non-compliant by failing to provide properly functioning unsubscribe mechanisms. In analyzing complaints made to the Spam Reporting Centre, the CRTC found that Compu-Finder accounted for 26% of all complaints submitted within its industry sector.

The CRTC imposed a penalty of $1.1 million against Compu-Finder for the four alleged violations that it investigated, and Compu-Finder now has 30 days to provide written representations to the CRTC in its defence, pay the fine or request an undertaking (which is basically a negotiated settlement and may still involve a fine). The release states that Compu-Finder “…flagrantly violated the basic principles of the law…” by continuing to send unsolicited CEMs after the law came into force to e-mail addresses it located by “scouring websites” and notes that “[c]omplaints submitted to the Spam Reporting Centre clearly indicate that consumers didn’t find Compu-Finder’s offerings relevant to them.”

Every company that does business in Canada should have CASL compliance on its radar, and ensuring that one has express or implied consent, or an exemption, prior to sending out a CEM is essential. In addition, there is required content that must be included in every CEM such as properly identifying the sender, and providing a functioning, no-cost, easily usable unsubscribe mechanism.

There is a government-run website containing tips for compliance, frequently asked questions and more (including the Spam Reporting Centre that led to this notice of violation). The CRTC has also published guidance in its Compliance and Enforcement Information Bulletin CRTC 2014-326, dated June 19, 2014, entitled “Guidelines to help businesses develop corporate compliance programs” containing practical steps that companies can take to develop, foster and implement a CASL-compliant culture.

A particular lesson from this instance relates to what is known under CASL as the “business card rule”, where a sender is granted implied consent to send some messages if the recipient has made known his or her electronic address (such as by putting it on a website or a business card). By stating that “consumers didn’t find Compu-Finder’s offerings relevant to them”, the CRTC’s press release anticipates this defence. It is important to remember that the “business card rule” is not an unfettered exception opening up the inboxes of recipients who give out their email addresses; instead, it can only be used where the message is relevant to the recipient or his or her duties, roles or functions (also, it does not exempt a sender from informational or unsubscribe requirements).

The digital landscape has changed for conducting business in Canada. With the CRTC clearly demonstrating that it will not hesitate to seek fines that are meant to deter continued non-compliance, businesses must a adopt CASL-compliant practices or risk CRTC sanction.

For more on CASL and compliance tips, see previous guidance here and here. Ryan J. Black is also the co-author of Internet Law Essentials: Canada’s Anti-Spam Law, available from Specialty Technical Publishers.

by Ryan J. Black, Janine MacNeil, Sharon E. Groom and Sasa Pudar, Student-at-Law

A Cautionary Note

The foregoing provides only an overview and does not constitute legal advice. Readers are cautioned against making any decisions based on this material alone. Rather, specific legal advice should be obtained.

© McMillan LLP 2015

Related Publications (5 Posts)

Featured Insight

Bill 64 Enacted: Québec’s Modern Privacy Regime

An in-depth analysis of Quebec's 2021 modernization of its private-sector privacy legislation.

Read More
Oct 15, 2021
Featured Insight

China’s Arduous Path to CPTPP Accession – A Myriad of Obstacles with an Improbable Outcome

On September 16, 2021, China submitted its request to accede to the Comprehensive and Progressive Trans-Pacific Partnership (“CPTPP”).

Read More
Oct 13, 2021
Featured Insight

Privacy Implications of an Open Banking System in Canada

Canada’s Advisory Committee on Open Banking's final report- the privacy and data security implications of an open banking system in Canada.

Read More
Oct 12, 2021
Featured Insight

Vaccination Mandates in the Construction Industry – What You Need to Know

An overview of vaccination mandates in the Construction industry and what you need to know.

Read More
Oct 12, 2021
Featured Insight

Mandatory Vaccinations for Public Service and Health Care Visitors

Mandatory vaccinations for public service and health care visitors in British Columbia.

Read More
Oct 8, 2021