New CASL Guidelines Spell Onerous Obligations and Potential Liability for Digital Businesses

On November 5, 2018, the Canadian Radio-television and Telecommunications Commission (CRTC) released Compliance and Enforcement Information Bulletin CRTC 2018-415 (CRTC 2018-415) on Canada's Anti-Spam Legislation (CASL) that may have far reaching implications for the digital business community. 

CRTC 2018-415 provides guidelines and best practices for stakeholders with respect to section 9 of CASL, which states that "it is prohibited to aid, induce, procure or cause to be procured the doing of any act contrary to any of [the direct violations of CASL set out in] sections 6 to 8”.  The bulletin addresses: 

• CRTC's general approach to section 9;
• examples of parties to whom section 9 may apply;
• activities that could result in non-compliance; and
• measures for associated risks.

The section of the bulletin likely to be of most concern to digital businesses surrounds liability.  The CRTC states that it is possible for an individual or organization to be held liable and face administrative penalties for violating CASL even if they did not intend to do so or were unaware that the activities enabled or facilitated contraventions of the law. Although liability in each instance is determined on a case-by-case basis, this approach proposes a broad ambit for potential liability and places onerous obligations on companies to develop, implement, document and maintain practices and procedures designed to prevent non-compliance by third parties.  With violators of CASL facing fines of up to $10 million per violation, CRTC 2018-415 will no doubt send a message to businesses working in the digital space to govern themselves accordingly.

Summary By: Hashim Ghazi