Enforcing
Canada’s Anti-Spam
Legislation (CASL)

Actions carried out by the CRTC between
October 1, 2021 and March 31, 2022

View previous time period

Enforcement Highlights

Dark Web Investigation

As part of an investigation, in January 2021, the CRTC’s Chief Compliance and Enforcement Officer issued administrative monetary penalties totalling $300,000 to four Canadians for their involvement with a company in the Dark Web Marketplace known as CanadianHQ.

The CRTC’s actions resulted in the shutdown of CanadianHQ, which was one of the largest Dark Web marketplaces of its kind in the world and a significant contributor to harmful cyber activity in Canada.  The CRTC’s investigation focused on four individuals who allegedly sent emails  that mimicked well-known brands in order to obtain personal data including banking credentials and other sensitive information.

This investigation has also allowed the CRTC to identify a number of other vendors where it expects to take additional enforcement actions.

To find out more on the CRTC’s investigation of CanadianHQ, consult the CRTC’s news release on Targeting the Dark Web Marketplace.

Complaints from Canadians support CRTC’s investigation

In December 2021, the CRTC reached an agreement with Gap Inc. (Gap) for allegedly violating CASL. In addition to implementing corrective measures, Gap agreed to make a payment of $200,000.

As part of the investigation, the Chief Compliance and Enforcement Officer had reason to believe that Gap sent commercial electronic messages to Canadians without the necessary consent. Gap’s messages also allegedly did not consistently include either an unsubscribe mechanism or an unsubscribe mechanism which could easily be performed.

Upon being made aware of the Chief Compliance and Enforcement Officer’s concerns, Gap proactively made changes to its marketing practices to meet CASL requirements.

This investigation was supported by complaints received from Canadians. Canadians are encouraged to report spam and suspicious practices to spam@fightspam.gc.ca or by using the Spam Reporting Centre’s (SRC’s) online form.

Enforcement Measures

Enforcement measures infographic
Long description:
  • 1 Undertaking
  • 230 Notices to Produce
  • 21 Preservation Demands

Payments and Penalties Under CASL

Since CASL came into force in 2014, enforcement efforts have resulted in more than $1.9 million payable. Of this amount, approximately $1.1 million is from administrative monetary penaltiesFootnote 1 and $868,000 from negotiated undertakings.

Complaints to the Spam Reporting Centre (SRC)

Between October 1, 2021 and March 31, 2022

Over 167,939 complaints to the Spam Reporting Centre

Over 167,939 complaints to the Spam Reporting Centre.

That’s 6,459 per week.

Approximately 4,069 of these complaints were submitted using the online form, which represents only about 2.42% of total complaints. The remainder of complaints were sent by email at spam@fightspam.gc.ca.

The CRTC encourages Canadians to use the SRC’s online form to provide as much information as possible about potential CASL violations. The information provided by Canadians is an essential part of the intelligence the SRC gathers on spam and electronic threats. Each report is valuable and helps us to enforce CASL.

SRC Database Updates

Not only does the SRC allow Canadians to report spam, it also provides the 3 enforcement agencies responsible for ensuring compliance with CASL: the Canadian Radio-television and Telecommunications Commission, the Competition Bureau, and the Office of the Privacy; with access to a central database which can be used for CASL investigative and enforcement purposes.

The CRTC has enhanced the search and reporting functions built into the SRC case management system.  This will foster more complex searches and allows the enforcement agencies to create a variety of reports to help provide analytical insight for identifying new trends, violations and investigations. 

Canadians need to watch out for POP-UP, CALL, SPAM EMAIL or any other urgent message about a virus on their computer.

Sources of spam (reported through online form)

Sources of spam chart
Sources of spam legend
Long description:
  • Email: 65%
  • Text message (SMS): 23%
  • Instant message (IM): 2%
  • Unspecified: 10%

Reasons why Canadians complain

Reasons why Canadians complain chart
Long description:

Complaint reasons and percentages

  • Lack of consent: 94%
  • Indentification of Sender: 39%
  • Deceptive Marketing Practices: 33%
  • Other: 20%
  • Software and Malware: 3%

Note: The total does not add to 100% since Canadians can select more than one category for a complaint.

Per month complaints about consent highest in November 2021

Looking at submissions from Canadians to the SRC over the last 6 months, per month complaints about consent issues were at their highest in November 2021.

Complaints about consent chart
Complaints about consent chart legend

Note: Statistics derived from spam reports filed through the SRC online form.

Long description:
Year-Month Lack of consent Deceptive Marketing Practices Identification of Sender Other Software and Malware Grand Total
2021-10 632 208 244 111 26 1221
2021-11 780 256 303 149 15 1503
2021-12 591 172 216 98 8 1085
2022-1 592 237 282 149 40 1300
2022-2 574 238 267 138 16 1233
2022-3 646 247 292 150 25 1360
Grand Total 3815 1358 1604 795 130 7702

Between October 2021 and March 2022, about 65% of the messages reported to the SRC were related to affiliate marketing or legitimate businesses selling or promoting the sale of a good or service.

Graphic of the top five categories of affiliate marketing messages

The top five categories of affiliate marketing messages reported to the SRC relate to: (1) Dating; (2) Food, Drug & Health; (3) Online Shopping; (4) Leisure and Gambling; and (5) Technology.

Graphic of the top five categories of commercial messages

The top five categories of commercial messages reported to the SRC
relate to: (1) News & Media (2) Online Shopping; (3) Technology; (4) Financial; and (5) Business to Business.

Outreach

Outreach and engagement activities are a critical means to help legitimate businesses, including marketers, email senders, and other small and medium businesses, with their compliance efforts under CASL.

CRTC Compliance and Enforcement staff participated in 4 virtual engagement activities with companies, associations and organizations to raise awareness about the application of CASL to unsolicited communications. This included a fireside chat by the CRTC’s Chief Compliance and Enforcement Officer with the Retail Council of Canada where complaints received from Canadians about commercial spam was highlighted.

"I have received spam from this company for over a year. The link to unsubscribe is not active.""

In February 2022, the CRTC's investigation into the Dark Web Marketplace was one of the top stories in the Brussels-based Cullen International's reportFootnote 2, which was timely since March was fraud prevention month.

In February and March, the CRTC continued to leverage online platforms to promote Fraud Prevention Month and remind Canadians to stay vigilant against scams, and how to recognise, reject and report fraud.  As examples, the CRTC created an easy to follow infographic on how to spot an online scam  and sent out social media alerts associated with investment scams, including paying in cryptocurrencies. 

Collaboration with International Partners

The CRTC has also forged partnerships with organizations across the globe in order to better fulfill its mandate. The CRTC is part of the Unsolicited Communications Enforcement Network (UCENet). Members from over 26 countries work together to promote international spam enforcement cooperation and address problems relating to spam and unsolicited telecommunications.

Agreements with International Partners world map
Long description:

Canada (CA)

Memorandum of Understanding:

Enforcement Collaboration:

United States (US)

Memorandum of Understanding:

Enforcement Collaboration:

United Kingdom (UK)

Memorandum of Understanding:

Information Commissioner’s Office (ICO)

Japan (JP)

Memorandum of Understanding:

Ministry of Internal Affairs and Communications

Australia (AU)

Memorandum of Understanding:

Australian Communications and Media Authority (ACMA)

Enforcement Collaboration:

Australian Federal Police (AFP)

New Zealand (NZ)

Memorandum of Understanding:

Department of Internal Affairs (DIA)

Useful Resources

Are you still receiving spam?

Report it and we’ll have a look.

Date modified: