Hot off the press! A CASL compliance update announced.

Today, November 5, 2018, the Canadian Radio-Television and Telecommunications Commission (CRTC) released a new round of guidance documentation for businesses sending Commercial Electronic Messages (CEMs) to Canadian subscribers. This document (CRTC 2018-415) deals exclusively with Section 9 of the legislation, a part of the law mostly forgotten by businesses until the recent enforcement taken in July 2018 against Datablocks and Sunlight Media, who allegedly knowingly allowed malware to be shared though their respective ad networks and failed to take action after being notified of the issue by security researchers.

As a reminder, Section 9 of CASL reads:
“It is prohibited to aid, induce, procure or cause to be procured the doing of any act contrary to any of Sections 6 to 8.”

And Sections 6 through 8 deal with items related to sending, causing, or permitting to be sent CEMs without express or implied consent, altering, transmission of data in electronic messages, and installing or a computer program (e.g., malware, viruses, and botnets) without express consent of the user.

The new guidance from the CRTC seems to be focused on businesses or agencies providing services around one of the activities in sections 6 through 8, and how much control over each of these activities these providers have on the potential violation. Example companies listed in the guidance include advertising brokers, electronic marketers, software and application developers, and payment processing system operators, to name only a few. This likely brings into scope any email service provider (ESP) or agency engaging in the sending of a CEM to Canadian subscribers.

The logic provided by the CRTC indicates that as a vendor of services, you have a responsibility to...

Read The Full Article

0 Comments Write your comment

    1. Loading...