An Even Bigger Fish for CASL: Rogers on the Hook for the Largest Settlement Yet

On November 20, 2015, the Canadian Radio-television and Telecommunications Commission (CRTC) announced its third and largest CASL settlement. For a general overview of CASL, please see Canada’s New Anti-Spam Law: CASL.

In the eighteen months since CASL inception, the CRTC has drawn public attention to four, high-profile investigations: Compu-Finder, Plentyoffish, Porter and Rogers. Check out CASL Update: $1.1 Million to Spare? for a case-by-case review. Business owners and privacy law experts alike have looked to the CRTC’s announcements for insights into how and when the new law will be enforced.

Before Compu-Finder, we knew that CASL would restrict the sending of commercial electronic messages (CEMs) without the implied or express consent of the recipient, and require the inclusion of specific content (this was indicated in the legislation itself). We also knew that the CRTC had large monetary penalties at its disposal to penalize non-compliance. We didn’t know what the CRTC would do with such powers. In the wake of Compu-Finder’s $1.1 million Notice of Violation, and Undertakings from Plentyoffish and Porter for $48,000 and $150,000 respectively, we have learned that the CRTC is prepared to levy large fines against reputable companies to deter the proliferation of email spam. These investigations have also shed light on the CRTC’s primary targets: large Canadian companies with inadequate unsubscribe mechanisms.

Rogers

Rogers Media Inc. (Rogers), the telecommunications giant, is the CRTC’s latest catch. Following a lengthy investigation, which unearthed evidence that Rogers violated CASL’s content requirements, Rogers agreed to a settlement of $200,000. As part of this settlement, Rogers agreed to implement a compliance program that includes the review and revision of its written policies, the development of training programs, and the registration and tracking of all CEM-related complaints.

From July 3, 2014 to July 15, 2015, Rogers failed to give effect to certain unsubscribe requests within 10 business days. For a period of time (during that same timeframe), Rogers sent CEMs, which did not contain a properly functioning or readily performable unsubscribe mechanism. Specifically, Rogers’ unsubscribe mechanism was not valid for a minimum of 60 days after the message was sent.

To read the Undertaking in its entirety, please click here: Rogers Undertaking

Takeaways

Every CEM that your business sends must have a properly functioning unsubscribe mechanism. A “properly functioning” mechanism is:

  1. Quick and easy to use;
  2. Live for at least 60 days; and
  3. Able to process requests for unsubscription within 10 business days.

How Momentum Can Help

Don’t let your company get caught by the CRTC for CASL non-compliance. Let the Momentum team conduct a privacy audit of your company. We can review your business’ online marketing and communications practices, and help you update such practices, where necessary.