This post was written prior to our January 2017 merger, under our previous firm name, MacPherson Leslie & Tyerman LLP.
The CRTC has issued its first Notice of Violation under Canada’s Anti-Spam Law (“CASL”). The Notice of Violation includes a significant penalty of $1.1 million for four alleged violations of CASL by a Quebec-based training company called Compu-Finder. This is the first time the CRTC has imposed a financial penalty under CASL.
The CRTC has alleged that Compu-Finder sent emails without consent and after recipients had attempted to unsubscribe. The CRTC has received more than 245,000 complaints since the first phase of CASL came into effect and Compu-Finder was identified for investigation as it accounted for 26% of the complaints received that were related to online training companies. The CRTC’s Chief Compliance and Enforcement Officer, Manon Bombardier, commented on the nature of Compu-Finder’s conduct:
Despite the CRTC’s efforts, Compu-Finder flagrantly violated the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force to email addresses it found by scouring websites. Complaints submitted to the Spam Reporting Centre clearly indicate that consumers didn’t find Compu-Finder’s offerings relevant to them.
Unless it chooses to pay the fine, Compu-Finder has 30 days to persuade the CRTC that either: (a) the violation did not occur, (b) it was not as severe as alleged in the notice of violation and/or (c) the penalty should be reduced or waived. If Compu-Finder is unsuccessful, it can appeal the CRTC’s decision to the Federal Court of Appeal. Alternatively, Compu-Finder can enter into an undertaking to take corrective action, but the approval of the CRTC will be required.
What This Means Going Forward
Aside from sending a clear message that CASL will be enforced – particularly against serious offenders – the notice of violation alone provides little guidance on how CASL will be interpreted and applied.
However, Ms. Bombardier’s statement does provide a warning to those who might place too much reliance on the so-called “business card implied consent”. This form of implied consent applies where: (a) a recipient discloses their electronic address to the sender (e.g. by giving the sender a business card) without an indication that they do not wish to receive commercial electronic messages, and (b) the message is relevant to the recipient’s “business, role, functions or duties in a business or official capacity.” As Ms. Bombardier stated “consumers didn’t find Compu-Finder’s offerings relevant to them”. This should serve as a reminder that, when relying on business card implied consent, senders should be careful to ensure that they have a reasonable basis for believing the message is relevant to the recipient.
The CRTC has indicated that several more investigations are on-going.