Yesterday, the Canadian Radio-television and Telecommunications Commission (CRTC) published their official decision on CompuFinder’s appeal of CASL penalties levied against them. You may recall CompuFinder was subject to the first CASL enforcement action in March 2015 and hit with a hefty $1.1 million fine for their violations. In the appeal, CompuFinder argued that the emails in question were not in violation of CASL in addition to challenging the constitutionality of the law.
In the original notice of violation, the CRTC presented CompuFinder with 3 specific email campaigns that were deemed to be sent without the recipients’ consent, and in at least one instance the message did not contain a working unsubscribe link. CompuFinder argued unsuccessfully that because someone at the receiving domain had purchased a training or resource from them in the past, they had established a business relationship with any recipient at the same organizational domain. Not surprisingly, the CRTC shot down this argument, lending credibility to the assertion that consent follows the individual and not the organization. However, while CompuFinder’s violations were deemed valid, the penalties for those violations was lowered from $1.1 million to $200,000.
In a separate document, the CRTC also rebutted CompuFinder’s constitutionality challenges, finding the Commission does hold jurisdiction to enforce these regulations and that the regulations themselves were within the authority of the Canadian Parliament to enact.
Like CompuFinder, many senders are hanging a lot of their CASL compliance efforts (or lack thereof) on the “existing relationship” clause of the law. As evidenced in this case, there is a very high standard of proof for that relationship and the scope is narrow. CompuFinder produced many invoices for purchases and historical records of their email campaigns to these recipients, but they weren’t able to provide what CASL requires – proof of consent. And while the fine was ultimately lowered, this decision should provide you with at least 200,000 reasons to make sure your consent and documentation are in order.
You’ve probably already heard the news.Maybe it was in your Twitter feed, or on LinkedIn, or even gossip around the water cooler this morning: CASL’s Private Right of Action is (temporarily) dead.
The announcement triggered a collective sigh of relief from marketers in North America and beyond, even eliciting a happy dance or two.
But what does this announcement actually mean? Matt Vernhout of EmailKarma details the next steps, which include a parliamentary review of the CASL provisions and a pronouncement of the new effective date.
It’s possible the legislation could remain unchanged and simply take effect at a later date, but that seems unlikely given the concerns raised by the industry in response to the pending provisions. Per Return Path, some of the key concerns included:
- potentially bankrupting small and medium-sized businesses (due to the legal costs of defending a class action)
- inordinate court time and court resources being devoted to frivolous claims
- litigation counsel receiving a disproportionate share of damage awards (or settlements), and
- negative impact to consumers where businesses (both foreign and domestic) avoid electronic communication, delay the introduction of software technologies, and pass along the cost of PRAsettlements or rulings in the pricing of consumer goods
For the past 3 years, we’ve been hearing opponents of CASL voice many of these concerns, and it appears their cries have finally made it to the ears of the Canadian government. Unfortunately it’s still too early to tell if this is a full-on reprieve or merely a temporary stay of execution.
With the deadline looming so closely, it’s likely most senders have already double- or triple-checked their compliance processes. If you fall into that camp, stay the course. Even without the PRA, the CRTC can and has levied hefty fines against CASL violators, so making sure your processes are airtight can only help minimize your risk.
Based on my interactions with senders, there are many who haven’t completed their compliance efforts. If you’re one of those who was still scrambling to beat the deadline, don’t lose that head of steam. The delay of the PRA provides a bit of breathing room, but if you’re not 100% sure you’re compliant the risk of complaints and fines isn’t going away anytime soon.
Much has been said about the Canadian Anti-Spam Law, CASL, both before and since its effective date in July 2014. On the anti-CASL side, one of the loudest arguments is that the law places undue burden on lawful, legitimate marketers instead of the malicious spam peddlers of the world. However, it seems the Canadian Radio-television and Telecommunications Commission (CRTC) is trying to address those concerns and reach out to marketers who fear running afoul of CASL regulations.
In an address to the Canadian Marketing Association on Tuesday, CRTC chairman Jean-Pierre Blais reiterated the importance of allowing consumers full control over their digital communication channels. Comparing spam messages to personal violations of privacy, he noted that “[J]ust as we don’t like it when strangers intrude on our personal spaces or show up on our doorsteps, we don’t like it when unwanted messages and annoying calls enter the private spaces of our smartphones.”
Blais went on to address the feelings of many marketers that the CRTC is targeting too many legitimate businesses, asserting “[w]e don’t go out looking for dragons to slay. We much prefer helping marketers comply with the law than enforcing it after they’ve broken it.” Blais’ statement here seems to address the high volume of complaints received by the CRTC that have ostensibly driven most of the penalties assessed thus far. As for his personal preferences on marketing email, he stated “I actually want [brands] to tell me (as a consumer) when they’ve got specials, as long as there is that trusted relationship.”
Later, Blais reminded those in attendance of the new provision of the law coming into force in 2017 that allows private citizens the right to take legal action and seek damages against senders. Along with the reminder came a warning that the CRTC may be the least of some marketers’ worries: “Once there’s a private right of action, I won’t be able to help you … you’re on your own. Good luck with that. All the more reason to get into compliance as much as you can with us, because it will diminish the risk.”