Two companies in the online advertising sector are the subject of the first penalties issued by the Canadian Radio-television and Telecommunications Commission (CRTC) for alleged contraventions of the installation of computer program provisions under Canada's anti-spam law (CASL). Notices of Violation, including penalties totaling $250,000, were issued against two companies that allegedly aided in the installation of malware through the distribution of online advertising. The companies now have 30 days to provide written representations or pay the penalties. The alleged violations of CASL include:
- accepting unverified, anonymous clients who used their services to distribute malware;
- providing clients with the necessary infrastructure and software to compete in real-time for the placement of their ads, which contained malware;
- not implementing basic safeguards, which are well known to the industry, such as having:
- written contracts in place with their clients that would bind them to comply with CASL,
- monitoring measures in place governing how their clients use their service, or
- written corporate compliance policies or procedures in place to ensure compliance with CASL.