This time last year, businesses and other organizations were at the tail end of making sure they were ready for the coming into force of Canada’s Anti-Spam Legislation (“CASL”). The importance of obtaining consent, the need to develop CASL policies and the setting up of proper unsubscribe mechanisms were on the top of everyone’s mind. CASL was like a piece of breaking news – widely talked about and ever present. Just in time to celebrate the first anniversary of CASL’s coming into force, businesses are reminded of the importance of following the policies they worked so hard to put into place as news surfaces that Porter Airlines Inc. has entered into an undertaking with the CRTC.
On June 29th, the CRTC announced that, in response to allegations that it failed to comply with various CASL requirements, Porter Airlines has agreed to pay a $150,000 fine and to take other measures to become CASL compliant. The CRTC alleged that Porter failed to have a proper unsubscribe mechanism and was unable to prove that it had consent from each email address that received its commercial electronic messages.
The violations were alleged to have taken place between July 2014 and April 2015. It is noteworthy that the timing of these violations are similar to the other two cases we have seen to date – those of Compu-finder and Plentyoffish Media Inc. (which I discussed in a previous blog post). Compu-finder’s violations were alleged to have taken place between July 2, 2014 and September 16, 2014 and Plentyoffish Media Inc.’s violation was alleged to have occurred between July 1, 2014 and October 8, 2014. CASL came into force July 1, 2014. Reviewing these timelines, we see that investigations began as soon as the legislation came into force.
If you weren’t convinced that CASL must be taken seriously by the number of complaints reported to the CRTC within days of CASL’s coming into force, then hopefully you will be by these cases. Steps must be taken to comply with CASL. In the news release discussing the Porter case, CRTC Chief Compliance and Enforcement Officer, Manon Bombardier, states that,
This case is an important reminder that to be fully compliant with the law, proof of consent is required for each electronic address. Some businesses are under the mistaken impression that they are compliant with the law by relying on general business practices or policies as proof of consent for the majority of the electronic addresses to which they send their commercial emails. This is simply not the case.
CASL is a significant piece of legislation which changed the way electronic messages are sent. If you haven’t done so already, take the time to familiarize yourself with the requirements of the legislation and ask yourself whether you are CASL compliant. Steps you to take to become CASL compliant include making sure you and your staff are trained on the requirements of CASL, making sure you have the proper consent (whether implied or express) before sending out commercial electronic messages and establishing an email format that satisfies CASL (which must include all identifying information and a clear and prominent unsubscribe mechanism that can be readily performed).