On June 29, 2015, Porter Airlines became the third Canadian company to pay a significant financial penalty under CASL, since the legislation came into force in July 2014. Earlier speculation over whether CASL would have any teeth should now be put to rest. Indeed, it has teeth…sharp ones!

CASL requires organizations to obtain consent from recipients prior to sending any commercial electronic messages (CEMs), and requires all CEMs to include specific identification information and a clear and prominent unsubscribe mechanism.

Porter Airlines agreed to pay $150,000 as part of an undertaking for alleged violations of CASL. The Canadian Radio-television and Telecommunications Commission (CRTC) reported that Porter Airlines had allegedly sent commercial emails without the required unsubscribe mechanisms or identification  information, had failed to honour requests to unsubscribe within the requisite 10 business days, and was unable to provide proof that it had obtained consent prior to sending commercial emails to some electronic addresses.

Porter Airlines appears not to have realized it was not in compliance with CASL until it was made aware of the CRTC investigation. Upon becoming aware of the alleged violations, Porter Airlines cooperated with the CRTC and immediately took steps to ensure full compliance. Even so, the alleged violations cost Porter Airlines a hefty sum.

It’s happened before and it will happen again

Earlier this year, the Quebec-­based company, CompuFinder, was fined $1.1 million for sending CEMs without consent and failing to provide a properly functioning unsubscribe mechanism. Shortly after that, Plentyoffish Media Inc. paid $48,000 as part of an undertaking for allegations similar to those against Porter Airlines. According to the CRTC, a number of other investigations are currently underway.

The CRTC’s success in these investigations should put organizations on alert to make sure their policies and procedures for sending CEMs are in compliance with CASL. The CRTC is encouraging Canadians to report spam, and has shown that it is willing and able to go after organizations for violations of CASL and to impose significant financial penalties, even against organizations that are not notorious spammers and are cooperative as soon as they become aware of their non-­compliance.

What can organizations do to avoid paying financial penalties under CASL?

Organizations need to examine their policies, procedures and practices to ensure compliance with the specific requirements set out in CASL.

Relying on general business practices or policies as proof of consent is not enough; organizations need to be able to prove they have consent from each and every electronic address to which they send CEMs (which include commercial emails). As well, not only must unsubscribe mechanisms be clear and prominent, organizations must make sure they do, in fact, honour unsubscribe requests within 10 business days. Finally, all CEMs need to include full identification information. These requirements apply whether an organization is sending out its own CEMs, or having someone else send CEMS on its behalf.

The penalties for failing to comply with CASL are already real and costly, as the Porter Airlines’ example makes clear. If that weren’t reason enough to take CASL seriously, starting in 2017, individuals affected by the receipt of CEMs will be permitted to file lawsuits against the senders (including class action lawsuits). When that happens, organizations may find that CASL has not only sharp teeth but many mouths.

If your organization needs assistance to ensure its electronic communications are CASL-­compliant, Field Law can help.