The Canadian government has suspended the CASL private right of action that was to have come into force on July 1. The private right of action (most likely in the form of class actions) would have allowed people to sue anyone for sending spam. Or more accurately for those who violated the technical provisions of CASL.

This is a welcome move. But while we can breathe a sigh of relief that this remedy is gone, CASL still remains in force and must be complied with.

The government’s press release said:

Canadians deserve an effective law that protects them from spam . . . [more]

The private right of action for sending spam in violation of CASL comes into force on July 1. Many companies are dreading it – some class action lawyers can’t wait. The right thing for the government to do would be to completely scrap CASL – the statute is that bad and ill-conceived. But wishful thinking won’t make it go away.

At the moment, CASL violators are subject to enforcement proceedings by the CRTC. But after July 1, those who have been spammed in violation of CASL can sue the sender. Here are some things to keep in mind about the . . . [more]

The CRTC released a compliance and enforcement decision, CRTC 2016-428, October 26, 2016 in which it found that Blackstone Learning Corp. (Blackstone) committed nine violations of paragraph 6(1)(a) of Canada’s Anti-Spam Legislation (CASL) by sending commercial electronic messages (CEMs) without consent, and imposed an administrative monetary penalty of $50,000 on Blackstone.

The decision is noteworthy as it give more details and analysis than the CRTC’s prior press releases of enforcement action. As a result, it give a glimpse into the process used by the CRTC in an enforcement action. Importantly, it also confirms the CRTC views on the requirements to . . . [more]

CASL, the Canadian anti-spam legislation, came into force on July 1, 2014. July 1, 2017 will be an important date for CASL, as a private right of action will become available. Anyone (class actions are likely) will be able to sue CASL violators. Statutory damages means that it won’t be necessary to prove actual damages.

CASL is a complex, illogical statute. Many businesses don’t comply because they don’t think emails they send could possibly be considered spam. After all, spam is about illicit drugs, diets and deals scams, right? Not according to CASL.

Nor do they understand they must keep . . . [more]

The CRTC recently issued a media advisory entitled Enforcement Advisory – Notice for businesses and individuals on how to keep records of consent. It doesn’t add anything new – but reinforces what the CRTC is looking for. This is important because CASL requires a business to prove that they have consent to send a CEM (Commercial Electronic Message). CASL has a complex regime of express and implied consent possibilities.

The advisory states: “Commission staff has observed that some businesses and individuals are unable to prove they have obtained consent before sending CEMs. The purpose of this Enforcement Advisory is . . . [more]

The CRTC recently published a document with some guidance on implied consent under CASL.

The parts about “Can I send CEMs to an email address I find online?”, “How can I prove I have consent?”, and “What records should I be keeping?” show how difficult, if not impossible, it is to comply with CASL in practice.

CASL and its interpretation is so granular and so nuanced that the average business doesn’t stand a chance of getting it consistently right. The email address publication relevance issue, for example, is so fraught with risk that it isn’t worth tempting fate with . . . [more]

I’ve had some time to reflect on the CASL software provisions as interpreted by the CRTC . As I’ve said before, the CASL software consent provisions are tortuous and unclear, and if taken literally could cause huge problems for the software industry. The CRTC has tried to interpret them in a way that aligns with the intent of stopping people from installing malware on computers. While the CRTC interpretation may not line up with the act, we basically have to work within it for the time being. (Lawyers advising clients would be well served to include caveats that we . . . [more]

The CRTC has just published their thoughts on the interpretation of section 8 of CASL that requires consents for certain types of software installations.

They also discussed them in an IT.Can webinar. Their interpretation is helpful, and addresses some of the uncertainty around the provisions. But some aspects are still unclear, and some of their interpretations may not be entirely supported by the wording of the act. That may be fine so long as the CRTC is enforcing it, but a court does not have to defer to CRTC interpretation. I suspect there will be further clarification coming at some . . . [more]

Some of the dust kicked up during the stampede to comply with Canada’s Anti-Spam Legislation (CASL) has settled. In October, Ipsos released survey results showing that most Canadians are aware of the legislation and that they are taking advantage of it.

David Canton has published excellent commentary and practical advice regarding the legislation, which came into effect on July 1, 2014. Judging from discussions with clients and colleagues post-implementation, most compliance campaigns helped firms clean up their databases and wrangle administrative procedures. Although, some in-house marketers and administrative staff might still be recovering from the process….

Ipsos conducted the survey . . . [more]

In addition to the anti spam provisions of CASL, it contains provisions against malware starting in January 2015. It imposes disclosure and consent requirements for software providers in certain situations.

Unfortunately, those provisions are perhaps more ill-advised and unclear than the anti-spam provisions. They have the potential to make life difficult for software companies, create additional record keeping responsibilities where none are needed, and could even hurt Canadian consumers if foreign software developers simply don’t sell their products in Canada to avoid compliance.

The IT law bar is collectively scratching their heads trying to understand what the provisions mean in . . . [more]

CASL – the Canadian anti-spam legislation – contains provisions that require certain disclosure and permission requirements on the installation of software that does certain things, or when software does certain things. This aspect of CASL has been overshadowed by the anti-spam provisions, in part because the software provisions are not in effect until January 15, 2015.

Unfortunately these software provisions are not easy to comprehend or apply in practice. There is a lot of uncertainty around their interpretation. And IMHO they are going to cause far more harm than good. There is a real danger that some software creators will . . . [more]

You may be tired of hearing about CASL, and tired of getting the consent requests that people were sending out before July 1. The pre July 1 scramble was done because sending an email to request consent is now itself considered spam. But we may still see requests, which can be sent if the recipient fits into one of the exceptions.

In hindsight, I wish I had kept track of the number of consent requests I got, how many of those were not technically compliant with CASL, and how many were from entities I’d never heard of that were . . . [more]