Canada’s anti-spam legislation, which became law on July 1, 2014, was created to protect Canadians from receiving unwanted spam emails. (Photo: iStock)
The Canadian Radio-Television and Telecommunications Commission has released its first decision against a violator of its new anti-spam law. Canada’s anti-spam legislation, which became law on July 1, 2014, was created to protect Canadians from receiving unwanted spam emails.
Blackstone Learning Corporation sent over 385,000 unsolicited marketing emails to Canadian government employees, starting July 2014 up to December 2014. The emails advertised the company’s educational and training services. Blackstone apparently found the employees’ email addresses by visiting various government websites.
After the CRTC received around 60 complaints from government employees, they started an investigation. They found Blackstone had violated CASL by sending these emails, and the CRTC issued a notice of violation on January 30, 2015, and slapped them with a $640,000 fine. They were told to pay up by March 2, 2015.
Instead of paying, Blackstone challenged the CRTC’s decision arguing that they had implied consent from the employees, because the employee emails were publicly available, and also that the fine was too high.
Blackstone’s argument that a publicly available email address suggests implied consent was rejected, even though one of the ways that someone can prove implied consent, is that the recipient’s information is published in “plain sight. . . on a website or trade magazine.”
The CRTC told the company that argument was taking things too far, because “. . .the Act does not provide persons sending commercial electronic messages with a broad licence to contact any electronic address they find online; rather, it provides for circumstances in which consent can be implied by such publication, to be evaluated on a case-by-case basis.”
The CRTC said that if the message Blackstone sent was related to the roles of employees then that may be implied consent. An example of that is if on the website it was stated that an employee was responsible for training other employees. However, in this case in which the company blindly sent out emails to hundreds of thousands of government employees regardless of their role, it was not.
In other words, it’s not enough to say that there was implied consent just because a person’s email is public, there has to be a connection between what the person does and the email that they are sent.
As for Blackstone’s second point, the CRTC agreed the fine was too high and reduced it to $50,000, to be paid by November 25.