Enforcing
Canada’s Anti-Spam
Legislation (CASL)

The CRTC continuously monitors the complaints submitted by Canadians to the Spam Reporting Centre (SRC). The information provided by Canadians to the SRC is an essential part of the intelligence the CRTC gathers on spam and electronic threats.

Hudson’s Bay Company

During the previous reporting period, CRTC staff concluded an investigation in response to complaints submitted by Canadians regarding Hudson’s Bay Company. Information gathered in the investigation showed that commercial electronic messages (CEMs) were sent to promote sales for Hudson’s Bay Company without including an unsubscribe mechanism which could readily be performed. Hudson’s Bay Company voluntarily entered into an undertaking, agreed to pay an amount of $120,000 and undertook to review its compliance program addressing the sending of CEMs.

Warning letters

In November 2024, the CRTC focused on approximately 25 companies that had been identified as having a noticeably higher number of complaints. For these, the CRTC assessed whether the commercial electronic messages (CEMs) that were sent by these companies to Canadians followed the rules set out in Canada’s Anti-Spam Legislation. For example, have these companies obtained the proper consent to send CEMs and/or is an unsubscribe mechanism in place. Where violations were believed to have taken place, warning letters were sent to remind the companies of their responsibilities under CASL and cautioned them that non-compliance may result in further enforcement action.

For the CRTC, warning letters have been an effective compliance tool.

Warning letters are used as an alternative enforcement measure to promote compliance with CASL. They may be addressed to any person or company who the CRTC believes are in possible violation of CASL. Warning letters encourage the company to take the necessary corrective action to ensure compliance with CASL.

Spammers continue to try and fool Canadians

The CRTC is committed to reducing the harmful effects of spam and related threats.

Our goal is to help create a safer and more secure online marketplace. That is why the CRTC enforces CASL and delivers important information to Canadians so they can be aware and take precautions against phishing, spam campaigns and other electronic threats. Canadians are encouraged to follow the CRTC’s X and Facebook accounts for alerts on emerging phishing and spam campaigns that are continually popping up to trick them into clicking on a malicious link, potentially downloading malware, or unknowingly sharing sensitive personal information.

Canadians are encouraged to report spam messages they receive at spam@fightspam.gc.ca. or using our online form.

Reporting Spam to the SRC is an essential part of the intelligence the CRTC gathers on spam and electronic threats. The three enforcement agencies responsible for compliance with CASL (i.e., the CRTC, the Competition Bureau, and the Office of the Privacy Commissioner (OPC) all have access to use this database for gathering intelligence to fulfill their mandates.

Between October 1, 2024 and March 31, 2025:

Over 208,083 complaints were received by the Spam Reporting Centre.

That’s 8,003 per week.

Approximately 4,595 of these complaints were submitted using the online form, which represents only about 2.2% of total complaints. The remainder of the complaints were sent by email at spam@fightspam.gc.ca.

It is helpful to use the SRC’s online form since it provide as much information as possible about potential CASL violations.

SRC Database Updates

The SRC has been updated to help identify cyber threat actors. More specifically, several new features have been added to the SRC that allow the CRTC, OPC and Competition Bureau to make better use of available data. Two examples include the redesign of the search function to make searches easier and an enhancement to facilitate the ease of communication with Canadians who have submitted complaints.

Reasons why Canadians complain to the SRC

Note: Percentages may not add up to 100% due to rounding.

Long description:

Complaint reasons and percentages

• Lack of consent: 48%
• Indentification of sender: 20%
• Deceptive Marketing Practices: 19%
• Other: 12%
• Software and malware: 2%

Per month break down of complaints

Note: Statistics derived from spam reports filed through the SRC online form.

Long description:

Table 1

Year	Other	Consent for messages	Identification	Deceptive marketing practices	Software and malware	Grand Total
2024-10	132	597	237	214	22	1202
2024-11	127	548	184	179	23	1061
2024-12	128	535	205	190	28	1086
2025-1	144	543	209	220	19	1135
2025-2	104	500	196	185	21	1006
2025-3	334	1156	556	581	11	2638
Grand Total	969	3879	1587	1569	124	8128

The CRTC works with members from over 26 countries to fulfill its mandate, to promote international cooperation and address problems relating to spam and unsolicited communication.