Cautionary tales highlight importance of CASL compliance
By AdvocateDaily.com Staff
Recent enforcement actions related to Canada’s anti-spam legislation (CASL) contain a number of cautionary tales for businesses, and more are likely on the way — underscoring the need for companies to ensure any communications they send out comply with the law, says Toronto business lawyer Inga Andriessen.
Introduced in mid-2014, CASL prohibits the sending of commercial electronic messages without the recipient’s consent, the use of false or misleading representations online in the promotion of products or services, as well as the collection or use of personal information or email addresses without permission.
According to the Canadian Radio-television and Telecommunications Commission (CRTC) — which helps enforce CASL — since the legislation came into force in 2014, enforcement efforts have resulted in penalties totalling more than $1.75 million.
Most recently, between Oct. 1, 2018 and March 31, 2019, the CRTC initiated a pilot project aimed at promoting compliance with CASL and reducing spam. The commission sent out 43 warning letters to companies associated with a higher volume of complaints to inform them of their responsibilities under CASL and warn them that non-compliance could result in further enforcement action.
Nearly half of complaints are triggered by lack of consent, with sources of spam evenly split between emails and text messages, says the CRTC.
While there was moderate enforcement of the legislation in the year or so after its introduction, Andriessen, principal of Andriessen & Associates, says this activity picked up noticeably in 2018, when the commission began to issue compliance and enforcement decisions against different types of offenders, seemingly as cautionary tales for CASL compliance.
For example, she tells AdvocateDaily.com one case in which a company was fined $100,000 for sending text messages related to deals on upcoming events without consent, made the point that CASL doesn’t just apply to email.
“People seem to have forgotten that CASL applies to all commercial electronic messages (CEMs),” says Andriessen.
Directors’ liability was another area in focus recently via two enforcement actions where directors were fined $10,000 and $100,000 respectively for CASL violations.
Through its recent enforcement initiatives, the CRTC has also made it clear that it will go after the ‘little guy’ for failing to comply with CASL, says Andriessen, as shown by one case where a sole proprietorship was fined $15,000 for violating the legislation and declining to fix the issue immediately.
“They were happy to have a little guy to hold up as an example, because I think they really want to get the message out that no matter who you are, CASL applies to you,” she says.
Ultimately, Andriessen says the CRTC is likely to continue to look for cautionary tales in its future CASL enforcement efforts.
“I wouldn’t be surprised to see them looking for someone who has used any of the direct messaging through Facebook, LinkedIn, maybe even Instagram to spam people, because they don’t have the social media CEM example yet.”
Professionals such as lawyers or accountants that have run afoul of CASL may also be in the crosshairs of the CRTC, she says, as the commission seeks to get the message out to these businesses via professional associations.
As such, although the legislation is five years old and may not be top of mind, companies need to continue to be aware of their obligations under CASL — including whether they have consent to send messages, a record of that consent and an unsubscribe mechanism.
“When I meet with people to start their new businesses, I go through and explain the whole CASL situation to them. For companies who retain our firm even though they’re already incorporated, we go through our retainer agreement, which has a CASL paragraph on it. That often spawns conversations about CASL and how they can become compliant,” says Andriessen.
“It’s not that hard, that’s the reality. There is a lot of software out there that makes it easy to be CASL compliant,” says Andriessen.
For more information about CASL, or to hear more of Andriessen’s advice on how to comply with the legislation, visit her recent CPD on CASL for CPAs.