First CASL Violation Filed
As you might recall, Canada’s Anti-Spam Legislation (CASL) establishes rules for the sending of commercial electronic messages (CEMs) to recipients in Canada. The 9-month old law requires that consent must be obtained from the recipient, before the sender or company sends the recipient any emails or texts, or before the installation of any computer programs. CASL also prohibits the unauthorized alteration of transmission data. The rules that apply to CEMs came into force on July 1, 2014 while the rules governing computer programs took effect recently on Jan. 15, 2015. The private right of action is set to take effect on July 1, 2017.
The latest news come from last week in that the Chief Compliance and Enforcement Officer of the Canadian Radio-television and Telecommunication Commission (CRTC) issued the first CASL penalty of $1.1 million to a Quebec-based management trainer company called Compu-Finder for spamming this week. Per the filing, Compu-Finder sent commercial electronic messages without the recipient’s’ consent as well as emails in which the unsubscribe mechanisms did not function properly. The emails sent by Compu-Finder promoted various training courses to businesses, often related to topics such as management, social media and professional development. The four alleged violations occurred between July 2, 2014 and September 16, 2014.
Furthermore, an analysis of the complaints made to the Spam Reporting Centre of this industry sector shows that Compu-Finder accounts for 26% of all complaints submitted. “Compu-Finder flagrantly violated the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force to email addresses it found by scouring websites,” said Manon Bombardier, CRTC’s chief compliance and enforcement officer, in a press release. “Complaints submitted to the Spam Reporting Centre clearly indicate that consumers didn’t find Compu-Finder’s offerings relevant to them.”
So for this first case the violations appear to be about two things:
1) Have clear consent before sending a CEM.
- If you’re sending email to Canada, make certain that you have consent. Must be Opt-In!
2) Have an easy to find, functional unsubscribe mechanism.
- Make certain that you have a working unsubscribe process.
- Make it easy for recipients to find.
To our understanding, several other filings have yet to be announced, and more filings will be announced soon. However, this case demonstrates that the CRTC is aware of companies – even in Canada – flagrantly violating the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force. While the CRTC is currently going after the flagrant violators, that doesn’t mean, though, you’re in the clear. Once the private right of action comes into play in 2017, it will only take one wrong email to run into trouble, and CASL applies to any sender sending to Canadian users. Being outside of Canada does not prevent authorities from pursuing entities residing elsewhere and or working with other regulators in your country. Take a look at your programs and ensure you’re subscriptions are opt-in, and regularly test your messages for working unsubscribe mechanisms.
About Dennis Dayman
Dennis Dayman has more than 20 years of experience combating spam, security/privacy issues, data governance issues, and improving email delivery through industry policy, ISP relations and technical solutions. As Return Path’s chief privacy and security officer, Dayman leverages his experience and key relationships to provide best practices to Return Path, its customers, and ensures the compliance of their communications data flows. He is also responsible for coordinating and managing Return Path’s international electronic commerce, privacy and Internet related policy issues.