Personal Liability Under Canada’s Anti-Spam Law
Under Canada’s Anti-Spam Law (“CASL”) not only may a corporation that fails to comply be liable to pay a monetary penalty but personal liability may also arise. Section 31 provides that “An officer, director, agent or mandatary of a corporation that commits a violation is liable for the violation if they directed, authorized, assented to, acquiesced in or participated in the commission of the violation, whether or not the corporation is proceeded against”.
An example of application of Section 31 is the case of Mr. Halazon and TCC reported by the Canadian Radio-television and Telecommunications Commission (“CRTC”) in June 2017. Mr. Halazon was the chief executive officer of Couch Commerce and several subsidiaries (all described as “Couch Commerce”). The CRTC report indicated that those entities are bankrupt.
A CRTC investigation alleged that Couch Commerce had sent commercial electronic messages to recipients while Mr. Halazon was CEO of Couch Commerce. The CRTC alleged that those messages did not have an unsubscribe mechanism that was compliant with CASL. Specifically the CRTC alleged that the unsubscribe mechanism did not function or could not be readily performed and also alleged that unsubscribe requests were not acted upon within 10 business days after requested as required by CASL.
The CRTC pursued Mr. Halazon asserting personal liability under Section 31 of CASL. It appears that the CRTC did not pursue Couch Commerce for the violation. The CRTC reported that Mr. Halazon entered into an undertaking which included a payment of $10,000.
A related element of this case involved Transformational Capital Corp. and certain subsidiaries (described as “TCC”) of which Mr. Halazon was also chief executive officer. TCC acquired the email list initially used by Couch Commerce. The CRTC reported that TCC also entered into a undertaking and agreed to enter into a compliance program consisting of updating its practices, implementation of compliance policies and procedures, staff training, tracking of CASL complaints as well as follow up resolution, monitoring and auditing practices supported by disciplinary procedures. An element of the undertaking is reported to be reporting to the CRTC on implementation of the compliance program and on changes affecting the business.
This case is a reminder that CASL provides personal liability for many key stakeholders in a corporation and should encourage organizations to consider the adequacy of their CASL compliance efforts.
I’m really very pleased with this report (see also http://www.crtc.gc.ca/eng/archive/2017/ut170612.htm)
An individual who unwisely engaged in spamming was fined, rather than the bankrupt companies he led, and the remaining companies were required to enter into a compliance programme.
This puts the blame were it belongs, on the officers of the companies, and levies the fines in the same way. The companies are then enrolled in a compliance programme, to keep it from happening again.
This is wildly different from the US experience, of companies shielding their owners and officers from illegal acts, and in my opinion, good public policy.
Bravo CRTC!