CASL Still Confusing

CASL, the Canadian anti-spam legislation, came into force on July 1, 2014. July 1, 2017 will be an important date for CASL, as a private right of action will become available. Anyone (class actions are likely) will be able to sue CASL violators. Statutory damages means that it won’t be necessary to prove actual damages.

CASL is a complex, illogical statute. Many businesses don’t comply because they don’t think emails they send could possibly be considered spam. After all, spam is about illicit drugs, diets and deals scams, right? Not according to CASL.

Nor do they understand they must keep detailed records to prove they have implied or express consent for each person they send an email to. Or they may be rolling the dice that they will be a low priority for CRTC enforcement. (That approach risks personal liability for directors and officers.)

Once the private right of action kicks in, the enforcement landscape changes. If a business has not yet come to grips with CASL, the spectre of private suits for violations may offer an incentive to comply.

In the long term, the private right of action could provide a couple of silver linings.

Getting CASL in front of the courts may provide some badly needed guidance on how to interpret and apply it in practice. So far, the handful of cases the CRTC has made public have not provided enough detail to help with that.

There is some thought that CASL could be struck down on constitutional grounds. Any business sued under the private right of action should include that in its defence.

The possibility of CASL being struck down should not, however, be a reason not to comply with CASL. It could take years before an action gets far enough to see that result. And that result is by no means assured.

Comments

  1. David Collier-Brown

    Aha! I had never considered businesses who “don’t think emails they send could possibly be considered spam. After all, spam is about illicit drugs, diets and deals scams” …

    I live in a world where spam emails and the attached viruses and malware are an ongoing, pressing problem, very much front-of-mind to our businesses.

    Not, perhaps, to my accountant, who used his personal email to communicate with his more “techie” customers.

    Thanks, Mr Canton!

  2. David Collier-Brown

    I’m looking forward with some interest to the private right of action being used in a class action against a very large US company who recently uploaded and force-installed an update that their customers had _explicitly_ rejected.

    I though only Sony was stupid enough to ship “official” malware (;-))