CRTC

October 2017


CompuFinder CASL Fine Reduced; CASL Constitutional

The CRTC issued two opinions in response to challenges of the $1.1 million fine issued against CompuFinder. CompuFinder argued:
• the fines were excessive and world force the company into bankruptcy
• the CRTC investigator was biased
• evidence produced by the CRTC was incomplete/unreadable
• consent was not needed where a relationship was established
• where consent was required, CompuFinder had implied consent though ‘conspicuous publication’ of addresses
• the CRTC failed to take into account CompuFinder’s compliance program as a ‘Due Diligence’ defence

The CRTC found that the investigator fairly conducted the investigation, and the maturity of CompuFinder’s compliance program was dubious (some elements implemented after investigations began), thus no ‘Due Diligence defence applied. Additionally, the CRTC determined that CompuFinder failed to produce sufficient evidence of any ‘relationships.’ Finally, consent could not be implied due to the way CompuFinder sourced addresses, and the generic content of the CEMs failed to demonstrate any relevance to a recipient’s business, role, function or duties .

However, the CRTC admitted that not all the evidence provided was readily understandable or usable. Based on that it reduced the number of violations from 451 to 317 (and opt-out failures from 116 to 87). The CRTC also implied that this being one of the first CASL enforcements, lack of cooperation by CompuFinder may have been previously overstated. Finally, those factors, in combination with CompuFinder’s overall financial health, convinced the CRTC that the penalty should be reduced from $1.1M to $200,000.
http://www.crtc.gc.ca/eng/archive/2017/2017-368.pdf

On the constitutionality question, the CRTC reasoned that although CASL was a (potentially illegal) restriction on commercial speech, the protection afforded consumers outweighed the rights and freedoms of senders.
http://www.crtc.gc.ca/eng/archive/2017/2017-367.pdf
jbho: the constitutional issues are very nuanced, but the results are similar to constitutional challenges of the TCPA in the US. I leave further interpretation as an exercise to the reader.

On the revised enforcement decision, the opinion provides some additional guidance on B2B exemptions under CASL. For example, the CRTC stated that a purchase or contract alone did not necessarily create a ‘relationship.’ “(T)he mere fact that an organization paid for training on behalf of one of its employees is not sufficient to demonstrate that the organization had, or intended to create, a relationship that would allow for a complete exemption.” So if you plan to solicit to an organization with whom you are contracting, you might want to include an ‘right to market’ clause in the Agreement.

The opinion also provides some clarification on implied consent through conspicuous publication. “Conspicuous publication requires that the person to whom the message is sent publish, or cause to be published, the address in question. The reproduction of a person’s contact information by a third party on its own initiative does not satisfy this requirement.” Since CompuFinder pulled contact info from directory sites – sites whose terms of use contained disclaimers to the effect that users of the directory were not to send unsolicited CEMs to the addresses found in the directory – consent could not be implied.

The CRTC also cited the relevance factor, and stated the generic nature of CompuFinder CEMs did not necessarily comport with the functions of the receiving organizations or individuals.

Interestingly, the means of collecting the publically available addresses was not discussed.

As a reminder B2B prospecting to non-scraped addresses is permissible if the following three conditions are met:
1. the recipient makes his/her contact information publically available, or voluntarily discloses his/her contact information to the sender
and
2. the contact information is posted/shared WITHOUT instructions not to send unsolicited CEMs
and
3. the message is relevant to the person’s business, role, functions or duties in a business or official capacity
Remember that the OPC has warned that scraping invalidates any ‘publically available’ implied consent (PIPEDA Report of Findings #2016-003)

August 2017

$65,000 For Unsolicited Telemarketing

Toronto Star – $65,500 for calling numbers on the National Do Not Call List (DNCL), failing to register as a telemarketer, and failing to ensure its telemarketers complied with the Unsolicited Telemarketing Rules (UTRs).
http://www.crtc.gc.ca/eng/archive/2017/vt170801.htm
jbho: remember, these fines are usually accompanied by an order where the company agrees to implement a compliance program to avoid similar violations in the future.

June 2017

CEO Fined $10,000 For CASL Violations

The CEO of Couch Commerce (Mr. Halazon) was fined $10,000 for allegedly supervising the sending of emails without a proper unsubscribe mechanism. The opt-out allegedly either did not work, could not be readily performed, or took longer than 10 days to be honored.

In addition to the monetary penalty, Mr. Hazalon has agreed to implement a compliance program, including:
• review of current practices
• develop and implement policies and procedures
• develop and implement training for employees
• implement disciplinary procedures
• track complaints and monitor complaint resolution
• report progress and program changes to the CRTC
http://www.crtc.gc.ca/eng/archive/2017/ut170612.htm
jbho: a reminder that company officers can be held personally liable for CASL violations.

March 2017

$15,000 For Spam Emails

A home based business (William Rapanos) was fined $15,000 for sending emails advertising a design, printing, and distribution service for commercial flyers, without consent, that:
• failed to identify the sender
• did not include contact information
• did not include a functioning unsubscribe mechanism
The CRTC launched an investigation based on complaints received at its spam reporting centre (58 complaints from 50 individuals).
http://www.crtc.gc.ca/eng/archive/2017/2017-65.htm
jbho: surprising that a relatively small number of complaints would drive an investigation.

Also of interest is that the CRTC appears to have counted violations based on email ‘batches.’ That is, it cited 3 email blasts for a total of 10 violations:
rapanos
The $15,000 was reached by assessing $1,500 per violation. The commission cited lack of cooperation as a contributing factor in the fine amount.

Unfortunately, still doesn’t provide much clarity around how violations will be tallied once the private right of action is in force.

By my count, this is now the 9th CASL enforcement action. Let me know if I’ve missed anything.

$60,000 For Failure To Register As Telemarketer

Newspaper Call Center was fined $60,000 for allegedly making telemarketing calls for a client that failed to register with and pay subscription fees for the National Do Not Call List (DNCL), as well as allegedly failing to keep appropriate registration records.
http://www.crtc.gc.ca/eng/archive/2017/vt170207.htm
jbho: don’t forget the procedural requirements

February 2017

$100,000 For Unsolicited Robocalls

Club Cranberry Vacations allegedly made predictive dialed calls to numbers on the National Do Not Call List (DNCL), abandoned more the 5% of calls made, failed to register as a telemarketer and pay subscriptions to the National DNCL.
http://www.crtc.gc.ca/eng/archive/2017/vt170206.htm
jbho: don’t forget the technical and procedural requirements.

November 2016

Slow Month For The CRTC

Support Avenues – $25,500 for calling numbers on the National Do Not Call List (DNCL), failing to register as a telemarketer and pay subscriptions to the National DNCL
http://www.crtc.gc.ca/eng/archive/2016/2016-441.htm
jbho: Remember, these fines are usually accompanied by an order where the company agrees to implement a compliance program to avoid similar violations in the future.

October 2016

$50,000 for B2B Marketing Emails

Responding to complaints received at its Spam Reporting Centre (http://fightspam.gc.ca/eic/site/030.nsf/frm-eng/MMCN-9EZV6S), the CRTC fined Blackstone Learning $50,000* for nine campaigns consisting of some 385,000 unsolicited emails. Blackstone argued it had implied consent based on ‘conspicuous publication’ of the email addresses it contacted, but the CRTC felt Blackstone failed to provide evidence supporting the validity of its consents (e.g., addresses were not scraped). Moreover, the contents of the messages – advertised various training courses & offered group rates – were not necessarily related recipients’ professional roles.

*The initial fine assessed was $640,000, but was reduced due to Blackstone’s ability to pay.
http://www.crtc.gc.ca/eng/archive/2016/2016-428.htm
jbho: A reminder that CASL covers B2B marketing.

B2B prospecting to non-scraped addresses should be permissible if the following three conditions are met:
1. the recipient makes his/her contact information publically available, or voluntarily discloses his/her contact information to the sender
and
2. the contact information is posted/shared WITHOUT instructions not to send unsolicited CEMs
and
3. the message is relevant to the person’s business, role, functions or duties in a business or official capacity
Remember that it appears scraping will invalidate any ‘publically available’ implied consent (PIPEDA Report of Findings #2016-003 on Compu-Finder’s $1.1M CASL fine)

Also interesting here is that the CRTC considered each campaign to constitute a violation, rather than each email. An important distinction for after 1July2017

$18,000 For 7 Telemarketing Calls

The owner of Home Improvement Companies Dynique Restoration and Victorian Restoration was fined $18,000 for allegedly calling numbers on the National DNCL, failing to register as a telemarketer and failing to pay DNCL subscription dues.
http://www.crtc.gc.ca/eng/archive/2016/2016-391.htm
jbho: Make sure you have consent to call, and don’t forget the procedural requirements.

September 2016

CRTC Racks Up $250,000 In Fines For UTR Violations

Two IT Service companies with common ownership were fined for violations of the Unsolicited Telemarketing Rules (UTRs). Highlights include:

  • Thee Future Web – $194,000 for allegedly calling numbers on the National Do Not Call List (DNCL), failing to register as a telemarketer and subscribe to the National DNCL, failing to identify itself as the caller, and failing to send a valid Caller ID number.
  • NextGen Webstore – $56,000 for allegedly calling numbers on the National Do Not Call List (DNCL), failing to register as a telemarketer and subscribe to the National DNCL, and failing to identify itself as the caller.

jbho: Remember, these fines are usually accompanied by an order where the company agrees to implement a compliance program to avoid similar violations in the future.

August 2016

8th CASL Enforcement To Date (AFAIK)

Kellogg Canada has entered into a voluntarily undertaking for allegedly sending marketing emails without consent. In addition to a $60,000 penalty, Kellogg has agreed to implement a CASL compliance program, including revising policies and procedures, implementing training programs, tracking email complaints and complaint resolutions, and implementing updated monitoring and auditing mechanisms to assess compliance.
http://www.crtc.gc.ca/eng/archive/2016/ut160901.htm
jbho: Remember it’s not just the fines, implementing the compliance programs cost money too.

I’m keeping track of the CASL enforcements I’ve seen here.

July 2016

CRTC Racks Up Over A Million In Fines For UTR Violations

Six companies were fined $1,233,000 in connection with robocalls allegedly made by and on behalf of Sirius. Highlights include:

  • Sirius XM – $650,000 for allegedly failing to identify the caller in prerecorded messages, for failing to provide a toll-free opt-out number in prerecorded messages, and continuing to call individuals who asked to be opted-out.
  • Raid – $500,000 for allegedly calling numbers on the National Do Not Call List (DNCL), and failing to ensure its clients subscribed (and paid dues) to the National DNCL
  • 9117-7683 Québec – $40,000 for allegedly calling numbers on the National Do Not Call List (DNCL), and failing to ensure its clients subscribed (and paid dues) to the National DNCL
  • Leads, Call Centers & Marketing Solutions – $30,000 for allegedly calling numbers on the National Do Not Call List (DNCL), and failing to ensure its clients subscribed (and paid dues) to the National DNCL
  • 8472416 Canada – $8,000 for allegedly calling numbers on the National Do Not Call List (DNCL), and for failing to keep records of its clients registration/subscription to the National DNCL
  • 9165-2602 Québec – $5,000 for allegedly calling numbers on the National Do Not Call List (DNCL), and failing to ensure its clients subscribed (and paid dues) to the National DNCL

http://news.gc.ca/web/article-en.do?nid=1091989
jbho: Remember, these fines are usually accompanied by an order where the company agrees to implement a compliance program to avoid similar violations in the future.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s