Data Protection Report - Norton Rose Fulbright

The Canadian Radio-television and Telecommunications Commission (CRTC) issued, on March 5, 2015, its first Notice of Violation to Compu-Finder for violating Canada’s anti-spam law. The Notice of Violation included a penalty of $1.1 million in relation to four alleged violations based on commercial electronic messages (CEMs) that were sent to Canadian recipients without their consent, as well as CEMs in which the unsubscribe mechanisms did not function properly.

Reasonableness of the penalty

The CRTC indicated that the amount of the fine was essential in order to ensure compliance with the Canadian Anti-Spam Legislation (CASL), stressing that it was designed “to encourage a change of behaviour on the part of Compu-Finder such that it adapts its business practices to the modern reality of electronic commerce and the requirements of the anti-spam law.

Compu-Finder’s history also contributed to the significance of the penalty. Since 2008, it was subject to vivid criticism for sending unwanted e-mails to unknown recipients. Notwithstanding the entering into force of CASL, Compu-Finder continued to spam hundreds of recipients daily.

Additionally, the importance of Compu-Finder’s alleged violations were non-negligible. As the CRTC stressed, Compu-Finder “flagrantly violated the basic principles of the law by continuing to send unsolicited commercial electronic messages after the law came into force to email addresses it found by scouring websites”. In fact, 245,000 complaints were filed between July 2, 2014 and September 16, 2014 against Compu-Finder, in other words more than 1,000 complaints per day. In total, they represented more than a quarter of complains received by the CRTC since the entering into force of the CASL.

Follow-up to the Notice of Violation

Compu-Finder has 30 days: (i) to pay the penalty; or (ii) to make representations before the CRTC with respect to the amount of the penalty or the acts or omissions that constitute the alleged violations. In the latter case, the CRTC will decide, according to the balance of probabilities, the corporation’s liability with respect to the violations and may impose, if appropriate, a less severe penalty. The CRTC’s decision may be appealed before the Federal Court of Appeal. If Compu-Finder fails to pay the fine or does not make any representations, it will be deemed to have committed the violation.

Our take

This Notice of Violation shows CRTC’s intent: (i) to “change the behaviour on the part of all corporations” doing business in Canada, and (ii) to treat the “violations to the law very seriously.” We expect CRTC to initially pursue the largest and most persistent spammers in order to send a strong signal that willful disregard for the law will not be tolerated, and to establish enforcement criteria and precedent. This initial focus should allow legitimate players the opportunity to adjust their practices to comply with CASL and avoid broader enforcement measure that we expect following the initial push.