Eight months after Canada’s Anti-Spam Law (CASL) came into force, the Canadian Radio-television and Telecommunications Commission (CRTC) has made public its first ever finding of non-compliance with the Act, issuing an administrative monetary penalty of $1.1 million against Compu-Finder, a firm that provides training and consulting services.
Surprisingly, this much anticipated enforcement action was not against a firm targeting consumers, as many had suspected, but rather was directed at a firm sending email messages to businesses to promote various training courses related to topics such as management, social media and professional development. It had been believed by many that the overwhelmingy majority of the more than 250,000 complaints received by the CRTC since the law came into force have been from consumers; however, the CRTC indicated that over one quarter of all complaints received by the Spam Reporting Centre related to Compu-Finder.
Following an investigation, the CRTC’s Chief Compliance and Enforcement Officer found that Compu-Finder sent commercial electronic messages without the recipient’s consent, as required by law, as well as sending commercial electronic messages in which the required unsubscribe mechanisms did not function properly.
The CRTC’s media release also indicates that the messages in question were sent to electronic addresses the company found by scouring websites. To the extent that these addresses were collected by a computer system, such collection and use may also be contrary to the Personal Information Protection and Electronic Documents Act, pursuant to consequential amendments to that law that were made by CASL, meaning that the company’s behaviour could also be the subject of complaints to the Privacy Commissioner of Canada.
While well below the maximum $10 million per violation that the CRTC may impose, the size of the penalty is considerably higher than the vast majority of penalties the CRTC has issued under the Unsolicited Telecommunications Rules, which apply to unsolicited voice and fax communications, and which carry maximum penalties of only $15,000 per violation.
The penalty imposed against Compu-Finder is also notable for two other reasons: first, because it apparently relates to just four violations, suggesting a somewhat aggressive approach to determining appropriate penalty amounts. Second, each of these violations occurred between July 2, 2014 (the day after the Act came into force) and September 16, 2014, suggesting that, contrary to the expectations of some, it would appear that the CRTC is showing little leniency in the early days after the law came into force.
The CRTC has indicated that a number of other investigations under CASL are currently underway, but no other Notices of Violation have been made public to date. The Commission has also noted that it is working with its international partners with respect to enforcement of the Act, suggesting that non-Canadian senders of electronic messages may also be the subject of future enforcement action.