Enforcement Highlights
Largest Penalty Issued to an individual under CASL
In January 2019, CRTC staff launched an investigation into a series of high-volume spam campaigns and potential violations of paragraph 6(1)(a) of CASL.
Based on information gathered in the course of the investigation, in March 2021, the Chief Compliance & Enforcement Officer issued a Notice of Violation (NOV), including an administrative monetary penalty of $75,000, to Scott William Brewer for sending commercial electronic messages without the consent of the recipients.
Mr. Brewer sent more than 670,000 emails, promoting affiliate marketing and web marketing businesses. A large number of these emails were sent using a “hailstorm” technique. In this approach, a high number of emails are sent very quickly in order to evade anti-spam detection.
More details are available in a CRTC News Release issued on 29 March 2021.
The Supreme Court of Canada declined to hear an appeal of Compufinder's challenge to CASL
In June 2020, the Federal Court of Appeal (FCA) upheld CASL’s constitutionality and provided guidance on certain legislative provisions, including the business relationship exemption and the conspicuous publication provision. In March 2021, the Supreme Court of Canada declined to grant leave to appeal.
The case stemmed from a 2015 NOV issued to CompuFinder, which was upheld upon review by the Commission in 2017. In its review decision, the Commission found that the company violated CASL when it sent 317 electronic messages to promote its educational and training services without consent and without a functioning unsubscribe mechanism.
For more information, you can read the FCA Decision.
Enforcement Measures
Long description
- 143 Notices to Produce
- 17 Preservation Demands
- 10 Warning Letters
- 1 Notice of Violation
- $75,000 Administrative Monetary Penalty
Payments and Penalties Under CASL
Since CASL came into force in 2014, enforcement efforts have resulted in more than $1.4 million payable. Of this amount, approximately $805,000 is from administrative monetary penaltiesFootnote 1 and $668,000 from negotiated undertakings.
Complaints to the Spam Reporting Centre (SRC)
Between October 1, 2020 and March 31, 2021
That’s 5,560 per week.
Approximately 4,237 of these complaints were submitted using the online form, which represents only about 3% of total complaints. The remainder of complaints were sent by email at spam@fightspam.gc.ca.
The CRTC encourages Canadians to use the SRC’s online form to provide as much information as possible about potential CASL violations. The information provided by Canadians is an essential part of the intelligence the Spam Reporting Centre gathers on spam and electronic threats. Each report is valuable and helps us to enforce CASL.
Canadians need to stay vigilant to protect themselves against different sources of spam.
Sources of spam (reported through online form)
Long description:
- Email: 67%
- Text message (SMS): 22%
- Instant message (IM): 2%
- Unspecified: 9%
Reasons why Canadians complain
Long description:
- Software and malware: 3%
- Other: 20%
- Deceptive Marketing Practices: 30%
- Identification: 34%
- Consent for messages: 93%
Note: The total does not add to 100% since Canadians can select more than one category for a complaint.
Complaints about consent issues continue to rise
Looking at submissions from Canadians to the SRC over the last 6 months, complaints about consent issues increased from month to month.
Long description:
| Year-Month | Consent for messages | Deceptive Marketing Practices | Identification | Other | Software and malware | Grand Total |
|---|---|---|---|---|---|---|
| 2020-10 | 482 | 127 | 148 | 120 | 18 | 895 |
| 2020-11 | 605 | 173 | 201 | 124 | 16 | 1119 |
| 2020-12 | 740 | 227 | 226 | 111 | 18 | 1322 |
| 2021-01 | 651 | 259 | 278 | 149 | 18 | 1355 |
| 2021-02 | 665 | 219 | 258 | 171 | 16 | 1329 |
| 2021-03 | 807 | 291 | 349 | 160 | 27 | 1634 |
| Grand Total | 3950 | 1296 | 1460 | 835 | 113 | 7654 |
Between October 2020 and March 2021, more than 76% of the messages reported to the SRC were related to affiliate marketing or legitimate businesses selling or promoting the sale of a good or service.
The top five categories of affiliate marketing messages reported to the SRC relate to: (1) Food, Drug and Health; (2) Surveys and Sweepstakes; (3) Casino; (4) Online Shopping; and (5) Technology.
The top five categories of commercial messages reported to the SRC relate to: (1) Marketing Services; (2) Technology; (3) Online Shopping; (4) Updates and Notifications; and (5) Newsletter.
Outreach
Outreach and engagement activities are a critical means to help legitimate businesses, including marketers, email senders, and other small and medium businesses, with their compliance efforts under CASL.
The CRTC Compliance and Enforcement team participated in 5 virtual engagement activities with companies, associations and organizations to raise awareness about the application of CASL to unsolicited communications. These included a presentation to the Edmonton Fraud Chapter and an exchange of ideas with the Canadian University Council of Chief Information Officers.
As part of Fraud Prevention Month in February 2021, the CRTC, alongside partners at the Canadian Anti-Fraud Centre, the Competition Bureau, and the Royal Canadian Mounted Police, participated in a weekly Twitter Chat to raise awareness about fraud prevention methods for consumers and businesses.
The CRTC continues to leverage online platforms such as social media, webinars and podcasts to disseminate compliance information and guidance to support businesses.
Partnerships
Enforcement partners working together in the interest of consumers using mobile applications (apps)
Three partners enforce CASL’s obligations: the CRTC, the Office of the Privacy Commissioner of Canada (OPC) and the Competition Bureau. In November 2020, these federal agencies joined forces and issued letters to 36 companies involved in the mobile app industry in Canada reminding them of their obligations under federal legislation. Specifically, the agencies highlighted that companies offering apps must ensure their products are CASL compliant.
The initiative highlighted concerns around:
- apps that make false or misleading claims to promote a product, a service or a business interest;
- apps that collect or use personal information, such as “keylogging” malware, without consent;
- apps that do not completely identify their functions as part of obtaining informed consent from the user prior to installation; and
- apps designed to spam users’ friends and contacts.
More details are available @ the Office of the Privacy Commissioner of Canada
Collaboration with International Partners
The CRTC has also forged partnerships with organizations across the globe in order to better fulfill its mandate. The CRTC is part of the Unsolicited Communications Enforcement Network (UCENet). Members from over 26 countries work together to promote international spam enforcement cooperation and address problems relating to spam and unsolicited telecommunications.
Long description:
Canada (CA)
Memorandum of Understanding:
- Competition Bureau (CB) and Office of the Privacy Commissioner (OPC)
- Consumer Protection Authority of British Columbia
Enforcement Collaboration:
United States (US)
Memorandum of Understanding:
Enforcement Collaboration:
United Kingdom (UK)
Memorandum of Understanding:
Information Commissioner’s Office (ICO)
Japan (JP)
Memorandum of Understanding:
Ministry of Internal Affairs and Communications
Australia (AU)
Memorandum of Understanding:
Australian Communications and Media Authority (ACMA)
Enforcement Collaboration:
Australian Federal Police (AFP)
New Zealand (NZ)
Memorandum of Understanding:
Useful Resources
Check out recent fraudulent activities reported to the Canadian Anti-Fraud Centre.
Looking for cyber safety tips?
Office of the Privacy Commissioner of Canada
Frequently Asked Questions about CASL
Information Bulletin - Guidelines on the Commission's Approach to Section 9 of CASL
- Date modified: