CRTC issues $1.1 million penalty for 4 spamming violations under CASL
Date: March 6, 2015
On March 5, 2015, the Chief Compliance and Enforcement Officer (“Officer”) at the Canadian Radio-television and Telecommunications Commission (“CRTC”) issued a Notice of Violation – including a $1.1 million penalty – to Compu-Finder for contravening Canada’s new anti-spam legislation, CASL.
Compu-Finder was responsible for 26% of all complaints submitted to the industry sector’s Spam Reporting Centre (“SRC”). Upon investigation, the Officer determined that four violations had occurred between July 2, 2014 and September 16, 2014. Specifically, Compu-Finder had sent:
- commercial electronic messages (“CEMs”) without the recipient’s consent; and
- emails in which the unsubscribe mechanisms did not function properly.
The communications at issue promoted various training courses to businesses on management, social media and professional development topics.
In an official news release, the Officer stated that Compu-Finder “flagrantly violated the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force to email addresses it found by scouring websites.” The Notice of Violation was intended to “encourage a change of behaviour” by Compu-Finder, such that it “adapts its business practices to the modern reality of electronic commerce and the requirements of the anti-spam law.”
As we previously reported, CASL restricts the sending of CEMs and imposes three primary prohibitions (subject to certain exceptions and limitations):
- a prohibition on sending, or causing or permitting to be sent, CEMs without the express or implied consent of the recipient and in compliance with prescribed form and content;
- a prohibition on altering transmission data in an electronic message so that it is delivered to an alternate address without express consent, unless the alteration is in accordance with a court order; and
- a prohibition on installing a computer program on another’s computer, or causing an electronic message to be sent from such a computer, again without express consent, unless this is done in compliance with a court order.
The CRTC is given broad powers of enforcement. CASL provides for severe penalties for non-compliance, with the maximum penalty per violation set at $1 million for an individual and $10 million for a corporation. CASL also creates a private cause of action for individuals alleging a violation of CASL. This will allow an individual to rely on an unsolicited CEM as the foundation for a civil action.