November 20, 2015 the CRTC announced that Rogers Media Inc had paid $200,000 as part of an undertaking to resolve alleged violations of Canada’s anti-spam legislation (CASL).
It was alleged that between the coming into force of CASL, in July 2014, and through July 2015, Rogers sent commercial emails containing an unsubscribe mechanism that could not be readily performed by the recipient or did not function properly. As well it was alleged that the address to which unsubscribe mechanisms were sent was not maintained for the minimum required 60 days following the sending of the message. Lastly, it was also alleged that Rogers did not honour requests of some subscribers to unsubscribe from future commercial messages with 10 business days.
The lessons from this case are that organizations need to pay close attention to their unsubscribe processes and procedures. These are technical matters but may result in enforcement action. Key tips for compliance include:
- There must be an unsubscribe mechanism on every commercial messages that are subject to CASL,
- The unsubscribe mechanism must be able to be readily performed,
- The unsubscribe mechanism must work,
- The address to which unsubscribe requests are directed must remain in force for 60 days from the sending of the message, and
- The sender must honour requests to unsubscribe from commercial messages caught by CASL within 10 business days.
The CRTC’s enforcement actions show a willingness to extract substantial payments in undertakings for non-compliance with CASL. Undertakings, including a commitment to improve compliance programs, such as in this case, have been a common method of seeking to respond to CRTC enforcement action.
Organizations facing enforcement action under CASL should take such action seriously. Some preliminary guidance has been identified earlier. For more information on how an organization can respond to enforcement action under CASL, visit other blog posts in the series “Defending Enforcement Under CASL.”
Organizations should remember that due diligence remains a defense to enforcement action under CASL. It is not too late to build that compliance program. You may find some background at our Anti-Spam Learning Centre.