Canadian authorities issue first ever anti-spam fine ($1.1 million)
Canada’s first ever anti-spam fine is a reminder of the need to comply with recently passed anti-spam legislation prohibiting the sending of non-exempted or unsolicited commercial electronic messages (CEM).
On 5 March 2015, the Canadian Radio-television and Telecommunications Commission (CRTC) issued a Notice of Violation under Canada’s Anti-Spam Legislation (CASL), alleging that Compu-Finder, a Quebec-based corporate training company, had sent CEM without the consent and failed to honour requests to unsubscribe. Compu-Finder faces a penalty of $1.1 million.
Reports indicate that, since CASL’s inception on 1 July 2014, the CRTC’s Spam Reporting Center has received upwards of 245,000 complaints. The CRTC confirmed that multiple investigations are currently under way under CASL. Given this, the number of enforcement actions is expected to grow over the short to medium-term, affecting all sectors of the economy including insurance.
CASL prohibits the sending of a CEM to an electronic address unless the message is exempt or the intended recipient has previously consented to receiving it.
Exemptions available to senders of CEM may include the following:
- CEMs sent between family and friends.
- CEMs sent within or between organisations with an existing relationship (B2B).
- CEMs solicited or sent in response to complaints, enquiries, requests.
- CEMs sent due to a legal obligation or to enforce a right.
Given that the burden of proof of consent or exemption rests on the individual or organisation sending a CEM, clear records of all business relationships may prove key to proving that an exemption applies. Comprehensive records should be kept of all transactions, negotiations, investments and enquiries of a commercial nature, in addition to implementing strict controls on all outgoing CEM. It is also imperative that an unsubscribe option is easily accessible and immediately enforced. To ensure CASL guidelines are adhered to, companies should maintain a robust database tracking consent and the subscription status of all external commercial stakeholders.
Note that as of 15 January 2015 new requirements specifically address the installation of software on other people’s computers or networks. CASL requires that businesses obtain express consent from the owner or authorised user of any computing device before installing a computer programme or software in the course of commercial activity on said device.
For more information, visit the Canadian Radio-television and Telecommunications Commission website.