CASL thumb image

2016: Cybersecurity, Corporate Ebola and CASL

Peter Clausi takes a look at the key risks to businesses in 2016 including Cybersecurity and CASL’s looming threat of class action litigation.

Cybersecurity was identified by PWC at its 2015 global conference in Monte Carlo as one of the key risks to businesses in 2016. The cybersecurity insurance market is estimated to be worth USD$7.5B by 2020. IIROC, the self-regulatory body for Canada’s brokerage firms, takes this so seriously that in December, 2015 it issued a standalone Cybersecurity Best Practices Policy aimed at small and medium sized firms.

Currently, the only consequence of a failure to comply with CASL is a prosecution by the Canadian Radio-television Telecommunications Commission (CRTC) and possible fines. The maximum penalty for a violation is $1,000,000 for an individual and $10,000,000 for a corporation, in addition to the legal costs, the cost of distraction and the public relations damage.

The problem is, that will change in July of 2017. That’s when the courts begin to share jurisdiction over CASL breaches. You and your company can then be sued for CASL breaches. Yes, in court, and supportable by class action litigation. And the onus will be on you as the sender to prove you were in compliance – the plaintiffs will not have to prove you weren’t in compliance.

Visit the original post for the full article.

CASL thumb image

CASL Anniversary Day

Bernice Karn of Cassels Brock Lawyers has put together a great overview of the first year of CASL enforcement:

Remember May and June of 2014? Conscientious organizations both in Canada and abroad were sending email blasts to Canadian mailing lists pleading for readers to opt in. For those of us trying to interpret the legislation, we hoped that the seemingly draconian provisions of CASL would be tempered by common sense and a realistic approach to enforcement. Surely technical breaches of CASL would not lead to significant financial penalties. Or would they? Continue reading
CASL, Guest Post thumb image

CRTC Issues $48,000 Fine for Technical Violation of CASL

Martin Kratz at Bennett Jones LLP has posted a good summery of the Plenty of Fish fine:

Following up on its recent $1.1MM CASL enforcement action against Quebec executive training firm Compu-Finder (which you can read about here), the CRTC announced today that it has entered into an undertaking with online dating service operator Plenty of Fish.

According to a press release issued by the CRTC, Plenty of Fish failed to include a CASL-compliant unsubscribe mechanism in commercial e-mails to its subscribers. The violations occurred from July 1 to October 8, 2014. Plenty of Fish has now reportedly entered into an undertaking with the CRTC, an option for businesses subject to enforcement action under CASL. The CRTC states that Plenty of Fish will be required to pay a $48,000 penalty under the terms of the undertaking.

We note that the CRTC appears to be increasing the frequency of its enforcement actions under CASL. However, unlike its previous enforcement actions, the CRTC’s recent action against Plenty of Fish appears to have focused on a largely technical compliance issue – the prominence and ease of use of an unsubscribe mechanism. While the CRTC does not go into detail in its press release as to the particular deficiencies, we interpret this enforcement action as a sign from the CRTC that even technical violations of CASL may give rise to substantial regulatory penalties. We anticipate that other social media operators will wish to review their compliance plans – the CRTC press release notes that Plenty of Fish will implement a compliance training program and policy.

Martin Kratz
Leading Canadian Intellectual Property and Technology Lawyer
Bennett Jones LLP

Visit the original post for more and links to their CASL resources.

CASL thumb image

Plentyoffish Media Inc. pays $48,000

Plentyoffish Media has entered into an undertaking with the CRTC’s Chief Compliance and Enforcement Officer which include paying $48,000, training and education for staff and corporate policies and procedures to ensure that its activities are compliant with Canada’s anti-spam legislation.

Plentyoffish Media allegedly sent commercial emails to registered users of its online dating site that did not contain an unsubscribe mechanism that was set out clearly and prominently, and that could be readily performed. CASL Cure automatically adds an unsubscribe link, included at the bottom of all outbound emails, along with CASL compliance required information such as business name and address.

“Prior to the coming into force of Canada’s anti-spam law, the CRTC conducted numerous outreach sessions and issued guidance material on interpretation of the new requirements. Plentyoffish Media erred by sending commercial electronic messages to its registered users with unsubscribe mechanisms that were not in compliance with the law.

This case is an important reminder to businesses that they need to review their unsubscribe mechanisms to ensure they are clearly and prominently set out and can be readily performed. We appreciate that Plentyoffish Media changed its practices once it became aware of the problem. The CRTC encourages Canadians to continue to report suspected violations to the Spam Reporting Centre.”

Manon Bombardier
Chief Compliance and Enforcement Officer
Canadian Radio-television and Telecommunications Commission

For more information visit

CASL, Guest Post thumb image

The CRTC issued its first “Notice of Violation” under Canada’s anti-spam law (“CASL”) today, assessing an administrative monetary penalty of $1.1 million against Compu-Finder, for allegedly sending commercial electronic messages without consent and for providing an unsubscribe mechanism that did not function properly. According to Manon Bombardier, Chief Compliance and Enforcement Officer at the CRTC:

“Compu-Finder flagrantly violated the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force to email addresses it found by scouring websites. Complaints submitted to the Spam Reporting Centre clearly indicate that consumers didn’t find Compu-Finder’s offerings relevant to them. By issuing this Notice of Violation, my goal is to encourage a change of behaviour on the part of Compu-Finder such that it adapts its business practices to the modern reality of electronic commerce and the requirements of the anti-spam law. We take violations to the law very seriously and expect businesses to be in compliance.”

Compu-Finder apparently sent commercial electronic messages to businesses promoting training courses in topics such as management, social media and professional development. The CRTC reported that Compu-Finder accounted for 26% of all complaints for this industry sector.

So, what are the takeaways for your business? Continue reading