In the Undertaking announced today by the CRTC, Gap, Inc has agreed to pay a $200,000 fine and to come into full compliance with compliance An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act, otherwise known as the Canadian Anti Spam Legislation or CASL for short. (for some strange reason our own Government refuses to use the short name and insists on using the full long name of the Act)
This law was passed in Dec 2010 and came partially into force in July 2014. ISED and the CRTC agreed to extend enforcement to July 2017 – a 3 year period – to allow organizations to clean up their lists and record consent in a way that can be recalled upon request. The private right of action – the primary enforcement tool – was also to come into force on July 1, 2017.
In their eagerness to protect businesses from incovenient and “frivolous” lawsuits, the then Minister of ISED, Navdeep Bains, “indefinititely postponed” the PRA. In doing so, most companies immediately ceased any CASL compliance activities thinking the law was not being aggressively enforced. And while the CRTC are not handing out fines left and right, they are indeed still monitoring the Spam Centre activity and taking action on organizations who are causing compliants from Canadian citizens. When “tall poppies” appear, they open investigations and make no mistake, the total cost of violating CASL only starts here. Ask any organization who has been investigated. Legal fees, staff time and resources begin to add up to real costs, on top of the fine and eventual cost of coming into compliance.
It is important for organizations to know exactly what Gap, Inc was fined for. According the the CRTC’s news release posted on the Response Marketing Association’s website, as well as the settlement notice the Undertaking included violations of paragraphs 6(1)(a) and 6(2)(c) and subsections 11(1) and 11(3) of the Act. So let’s unpack exactly what that means.
Paragraph 6(1)(a) consists of
“Requirements and Prohibitions
Unsolicited electronic messages
6 (1) It is prohibited to send or cause or permit to be sent to an electronic address a commercial electronic message unless
(a) the person to whom the message is sent has consented to receiving it, whether the consent is express or implied; and”
So clearly, the CRTC had tangible proof due to their full investigation of the Gap’s email practices that the Gap could not prove express or implied consent for some or all of the complaints they received in the Spam Centre. Note I did not say they they did not have consent of some form. They could not prove it. This is one of the cornerstones of a CASL Compliant Program. Every organizations must set up a series of processes to track and record each type of consent they wish to claim such that, upon request, they can prove that every name on their email list qualifies for either express or implied consent under the law. I wrote a series of detailed articles regarding the 5 types of CASL consent in order to help organizations understand their real obligations, which is also included in my book CASL Compliance: A Marketer’s Guide to Email Marketing to Canadians.
So now let’s examine Section 6(2) (c) which deals with:
“Contents of message…