snIP/ITs Insights on Canadian Technology and Intellectual Property Law

Category Archives: Anti-Spam

Subscribe to Anti-Spam RSS Feed

CASL Private Right of Action delayed and Government to review CASL

Posted in Anti-Spam

CASL in its present form was a big mistake. The private right of action (PRA) which was scheduled to come into effect July 1, 2017 would have compounded the adverse effects of this flawed, overly-broad, indefensible, and likely unconstitutional law. See,  CASL’s private right of action.

The Government strongly signaled today that it is prepared to fix or at least mitigate some of the excessive elements of the CASL regime. This is something that every sector of the Canadian public including charities, not-for profit and educational institutions, private individuals, small, medium and large businesses, retailers, publishers, financial institutions, technology … Continue Reading

Misguided Policy: CASL’s Private Right of Action for Competition Act Reviewable Conduct

Posted in Anti-Spam

While much has been written about the impending CASL private rights of action, less has been said about the new private right of action CASL will tack on to the Competition Act for misrepresentations in electronic messages. ‎

The new CASL private right of action for reviewable conduct under section 74.011 of the Competition Act is an aberration, which will be inconsistent with and offensive to the current regime by which the Competition Act addresses deceptive marketing practices.  It will make misrepresentations in electronic messages the only such reviewable conduct which will be subject to private damage claims, and … Continue Reading

7 Practical Lessons from CRTC’s First CASL Enforcement Decision

Posted in Anti-Spam

Although CASL has been in force since July 1, 2014, the Canadian Radio-Television and Telecommunications Commission (“CRTC”) has conducted its investigations and levied its penalties in a generally non-public manner. Until now, the CRTC’s Compliance and Enforcement branch had publicly commented on only one Notice of Violation (“NoV”) under CASL. We understand that an undisclosed number of other NoVs have been issued without public comment.

All other public CASL enforcement actions have taken the form of negotiated “undertakings” which are forms of settlements reached in confidential, closed door negotiations with the enforcement branch. This atmosphere of secrecy has made … Continue Reading

CASL’s private right of action

Posted in Anti-Spam

Canada has the most onerous anti-spam/anti-malware law (CASL) in the world. In less than a year, July 1, 2017, it is going to become even worse. That’s when the private right of action (PRA) comes into force.

Since its inception, the anti-spam and anti-malware portions of the Act (ss.6-9) have been enforced by the CRTC. But when the PRA becomes law organizations big and small including charities, small businesses and even children marketing their first lemonade stands – and their officers, directors and agents – could become liable for millions of dollars in penalties.

Organizations throughout the country … Continue Reading

“Do Not Call” means Do Not Call: CRTC Enters into MOU with FTC on Spam and Unsolicited Telecommunications

Posted in Anti-Spam, Regulatory Compliance, Telecommunications

On March 24, 2016, the Canadian Radio-television and Telecommunications Commission (“CRTC”) signed a memorandum of understanding (“MOU”) with the United States Federal Trade Commission.[1]  This MOU is an effort by Canada and the United States to work together on anti-spam enforcement measures, and expressly refers to unsolicited telecommunications, unsolicited commercial electronic messages (spam), and other unlawful electronic threats (e.g., malware and botnets).… Continue Reading

CRTC CASL Compliance and Enforcement Update

Posted in Anti-Spam, Regulatory Compliance

On February 10, 2016, Lynne Perrault and Dana-Lynn Wood of the CRTC provided the latest in what is becoming a series of CASL briefings, which the presenters described as part of an “on-going dialogue” with industry. The CRTC now has a year and a half of enforcement experience under its belt for the Commercial Electronic Messages (CEMs) provisions of CASL, so this presentation focused on patterns and issues that have emerged in that period, and some guidance in response to those issues.  However, the presenters took some pains to note that the guidance offered was not intended to be prescriptive … Continue Reading

CRTC Executes CASL Warrant as Part of Botnet Take-down

Posted in Anti-Spam

On December 3, 2015, the CRTC issued a release announcing its first-ever execution of a warrant under the Canadian anti-spam law (commonly known as “CASL”), as part of a coordinated international effort to disrupt a major botnet family.

The effort also involved law enforcement and cybersecurity authorities in the U.S., Europe, and Asia, as well as Microsoft and other private sector actors including ESET.

The target botnet family, known as “Dorkbot”, can be exploited to capture personal information (particularly passwords) from users of compromised PCs, to send out spam, or to participate in distributed denial of service … Continue Reading

CASL Reduced Legitimate Email as Much as “Spam”: Cloudmark Study

Posted in Anti-Spam

As part of its 2015 Q1 Security Threat Report, the network security firm Cloudmark has released an empirical analysis of email traffic in Canada, following the coming-into-force of Canada’s anti-spam law (informally known as “CASL”). The results show that CASL has had a measurable effect on email in Canada, but the effect may not be what the government intended.

Average monthly email volumes received by Cloudmark customers in Canada declined by 29%, but the percentage of received email that Cloudmark assessed as “spam” actually increased, albeit by an insignificant amount (from 16.5% to 16.6%). In other words, the … Continue Reading

PlentyOfFish Hooked by Anti-Spam Legislation

Posted in Anti-Spam

Canada’s Anti-Spam Legislation (“CASL”) came into force on July 1, 2014, creating new requirements for sending commercial electronic messages (“CEM”).[1] A non-compliant business risks having “administrative monetary penalties” (or “AMPs,”, which are essentially fines) levied against it by the CRTC.   However, until recently, there has been no guidance on how aggressively CASL would be enforced, the scope of Notices of Violations, or how AMPs would be determined, and the scope of such. Businesses were stuck in a murky regulatory regime.

With the recent $48,000 AMP imposed on PlentyOfFish, as part of an undertaking entered into … Continue Reading

CASL Enforcement: Much Ado About Nothing?

Posted in Anti-Spam

Was it all for nothing? CASL, I mean.

The mad rush towards the July 1, 2014 deadline, the thousands (in many cases, hundreds of thousands) of dollars spent on compliance, the escalating salvo of shrill e-entreaties to please, please, please provide consent.

All the hype, all the fuss and….nothing. Was it Y2K all over again?

Complaints

From the perspective of organizations, the eerie calm may indeed be reminiscent of those first few seconds past midnight on January 1, 2000. For the CRTC, however, the regulatory wheels have been furiously churning for months. Unlike Y2K, the first few hours after July … Continue Reading

CASL’s inscrutable computer program provisions to be tackled by CRTC

Posted in Anti-Spam

With the computer program sections of Canada’s anti-spam/anti-malware law (CASL) coming into force in January 2015, the CRTC has now started reaching out to the public for questions they want guidance on in FAQs or bulletins. I attended such a session last week (on September 9, 2014) at an IT.CAN Public Affairs Forum Roundtable. The attendees were Dana-Lynn Wood (Senior Enforcement Officer, Electronic Commerce Enforcement, CRTC) Kelly-Anne Smith (Legal Counsel, Legal Sector CRTC), and Andre Leduc (Manager of the National Anti-spam Coordinating Body, Industry Canada).… Continue Reading

The Enforcement Begins: Highlights of the CRTC FAQ Updates on CASL

Posted in Anti-Spam

CASL came into effect on July 1, 2014, including the provisions for sending commercial electronic messages (“CEM”) (section 6) and installing computer programs (section 8).   Since July 1, 2014, it is reported that the CRTC has received more than 1,000 complaints.  Hence, awareness of this new law is spreading quickly, and as such so should attempts by organizations to become compliant.

The CRTC FAQs on Canada’s new Anti-Spam Legislation (“CASL”) were updated on July 4, 2014.  We covered the revisions made to the FAQs in May 2014 in a previous blog post.  The updated FAQs … Continue Reading

CASL Guidance for Registered Charities

Posted in Anti-Spam

Canada’s Anti-Spam Legislation (“CASL”), which came into force on July 1, 2014, is considered to be the toughest commercial electronic messaging (“CEM”) legislation in the world, with substantial fines for violations (including fines up to $10 million for organizations).

While CASL’s prohibition on sending CEMs (without adhering to prescribed consent, form and unsubscribe requirements) applies to all organizations, the regulations exempt CEMs sent by a registered charity (as defined under Canada’s federal Income Tax Act) where the primary purpose of the CEM is to raise funds for the charity.

Registered charities making efforts to comply … Continue Reading

Compliance with CAN-SPAM Does Not Equal Compliance with CASL

Posted in Anti-Spam

We are approximately a month away from the effective date of Canada’s Anti-Spam Legislation (CASL), July 1, 2014.  CASL is widely considered to be among the toughest anti-spam legislation in the world and will have significant implications for businesses.  All commercial electronic messages sent (i) by any person within Canada, or (ii) by any person outside of Canada to a person within Canada are captured by CASL, meaning it applies to international senders who send commercial electronic messages to Canada.  Those who violate CASL could face significant fines and potential civil action.

We have received many questions related to the … Continue Reading

CRTC updates FAQs – some clarity, along with some contradictions

Posted in Anti-Spam, Consumer Protection, E-Commerce, Regulatory Compliance

The CRTC just released a new FAQ on CASL, replacing the old one that it released in December 2013 (“December FAQ”). Those hoping the CRTC would take this opportunity to clarify some of the more vexing aspects of CASL and the accompanying Guidelines will be disappointed, as the new FAQ largely incorporates and reiterates material found in the Guidelines and the Regulatory Impact Assessment Statement.

While there are few new tidbits, in some key respects the new FAQ only further muddies the waters. Below are some select issues.… Continue Reading

Hot Off the Press – Doing Business in Canada: Navigating Opportunities for Investment and Growth

Posted in Anti-Spam, Consumer Protection, E-Discovery

If your organization is currently thinking about establishing or acquiring a business in Canada, the newest edition of Doing Business in Canada, written by McCarthy Tétrault, will prove to be a valuable resource. The guide provides a broad overview of the legal considerations that non-residents should take into account to help ensure their success as they enter into a business venture in Canada. Each section offers timely information and insightful commentary on different areas of law.

The book includes a chapter on information technology, with sections on:
  • export control of technology
  • consumer protection
  • anti-spam and anti-spyware
  • cyber-libel
  • criminal law
Continue Reading

CASL Applies To You Even If You Aren’t In Canada

Posted in Anti-Spam, Consumer Protection, Regulatory Compliance

CASL is the toughest law of its kind in the world and Canadian organizations are awakening to many major challenges they will face when trying to comply with this legislation.  However, non-Canadian organizations should not overlook the Act’s extra-territorial application and its effect on their respective operations.

CASL’s requirements far exceed those in other countries. Rather than targeting false and misleading e-mails or those sent in violation of an opt-out request such as in the U.S., or limiting the restrictions to direct marketing messages as in the EU, CASL goes much farther. It does the same thing with its “ban … Continue Reading