Notice of Violation: Investigation into non-compliant emails sent by Couch Commerce Inc. and nCrowd, Inc. including the vicarious liability of corporate directors

Ottawa, 23 April 2019

File number: 9090-2015-00414

Summary of investigation

Violations pursuant to An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act, SC 2010, c 23 (the Act or CASL).

Background

As a result of complaints submitted by Canadians to the Spam Reporting Centre, designated persons of the Commission (Commission staff) initiated an investigation in April 2015 in order to assess the business activities of two groups of companies, the Couch Commerce group ^Footnote1 and the nCrowd group ^Footnote2, for compliance with section 6 of the Act.

When sending commercial electronic messages (CEMs), section 6 imposes three types of requirements, which relate to the recipient’s consent, the unsubscribe mechanism and the identification of the sender.

The business activities of the Couch Commerce group and the nCrowd group consisted of the online sale of coupons. More precisely, companies within these ownership groups promoted the products and services of merchants on various internet websites, and sold electronic vouchers corresponding to these products and services. Descriptions of the deals were delivered to potential customers via weekly or daily emails; up to 4 emails per day per complainant in some cases. In this business model, the purchaser of a voucher (the customer) presented it to the merchant, who was responsible for shipping the product to the customer. The voucher company (here, companies of the Couch Commerce group and the nCrowd group) took a percentage on the selling price, typically around 35%, and the other part went to the merchant. In this e-commerce business, one of the voucher company’s greatest assets is their email distribution list, since consumers are profiled and receive daily emails highlighting available products relevant to their profile, and directing them to the voucher company’s websites to make purchases.

Thvestigation uncovered a complex corporate network e inand a business pattern, characterized by acquisitions, foreclosures, and bankruptcies. During this chain of acquisitions, the customer email distribution list grew exponentially to reach more than 2 million email addresses. The common threads amid this corporate network and string of acquisitions of email distribution lists are the key players involved, namely Ghassan Halazon and Brian Conley ^Footnote3 , as shown in the chart below and detailed in the corresponding description.

Besides this chain of acquisitions, the investigation uncovered a whole network of corporations in various lines of businesses, throughout several countries, and characterized by (a) high frequency of business registrations, (b) high frequency of business acquisitions, (c) high frequency of corporate changes, including names and addresses, and (d) dealings with companies specialized in dividend routing and tax optimization services.

The key assets acquired in the chain of transactions listed in the chart were intangible, essentially the email distribution list, domain names and trademarks. Through these ownership changes, key individuals directing the former company were able to continue to carry on business by directing the new one. This model allowed the new company to continue on the business with an ever larger email distribution list. This model also allowed the new company to continue the business without the assumed liabilities of the former company. However, the continuity of service was damaged: as merchants ceased being paid for their products, they refused to ship products ordered by customers. The new company refused to pay the amounts owed by the previous company to merchants and customers. As a result, both merchants and customers ended up losing money, since the voucher business closed or entered into bankruptcy proceedings before merchants and customers were fully compensated for their transactions.

Canadian and American consumers ^Footnote4 and merchants ^Footnote5 reported that they lost money. National and international media outlets alerted the public about Couch Commerce Inc. operating as Teambuy and Dealfind, nCrowd and Boomstreet ^Footnote6 . The industry, via the Canadian Deals and Coupons Association, also issued warning notices regarding nCrowd and Boomstreet ^Footnote7 .

As a result of the circumstances cited above, specifically the fact that the companies involved were operational then quickly dissolved or otherwise ended, any enforcement actions directed towards such companies would have no deterrent effect nor effectively promote compliance. Therefore, Commission staff pursued the corporate directors through vicarious liability in order to encourage future compliance with the Act.

Investigation of nCrowd, Inc. and its director Brian Conley

Commission staff alleged and the Commission found in Decision 2019-111 that between 25 September 2014 and 1 May 2015, nCrowd, Inc. sent CEMs or caused or permitted any of its subsidiaries, namely nCrowd Commerce, Inc. and nCrowd Limited, to send CEMs to electronic addresses, without consent and without a functioning unsubscribe mechanism contrary to paragraphs 6(1)(a) and 6(2)(c) of the Act.

Commission staff also alleged and the Commission found in Decision 2019-111 that Brian Conley acquiesced in these violations, while he was the President and Chief Executive Officer (CEO) of the nCrowd companies. As CEO, Brian Conley took no action and turned a blind eye to the practices being employed at his companies in terms of the acquisition and use of email distribution lists, despite the fact that in this line of business, an email distribution list is one of the most important assets through which to generate revenues. Protecting such an asset, including ensuring continued ability to use it, under CASL, should therefore have been important to the nCrowd group and its CEO. However, the nCrowd group’s email distribution and consent-tracking lists were largely inaccurate, incomplete, and altered.

• The type of consent is listed for each and every one of the 1,928,015 entries as “explicit” consent although a significant number of email addresses on this list were generic or belonged to institutions or governments, including police services and hospitals (some of which were available online).
• The date at which the consent was allegedly obtained and the legal person who allegedly sought and obtained the consent were obviously inaccurate or altered. For example, on numerous occasions consent was obtained for more than 3,000 addresses in just one day, and more than 80% of all parties provided consent (1,566,114) on the same day.
• nCrowd, Inc.’s non-compliant unsubscribe mechanism was a broad and recurring issue that Brian Conley ought to have known about over the time, and the appropriate steps to fix the unsubscribe process were never taken. The non-compliance continued for almost a year and evidence shows that even when the nCrowd group’s employees informed customers that they had been unsubscribed, they had actually not been.
• No evidence was found that Brian Conley ever verified or required the conducting of any audit of the consent list provided by the Couch Commerce group or other lists purchased by the nCrowd group to ensure its validity and accuracy.
• Brian Conley instituted no policies or procedures relating to the nCrowd group’s compliance with the Act.

Of interest, Commission staff noticed that the nCrowd group used a technique, called “pixel tag” ^Footnote8 , one of many used by e-marketers and spammers alike to track whether an email address is valid, if and when the email was opened, and from which computer the email was viewed, without asking the recipient directly. This technique may be used for analytics of email open rates. While a long list of valid email addresses with high open rates collected through the use of pixel tags may be a good indicator of a distribution list’s reach and value when selling/purchasing it, Commission staff alleged that the technique itself by its very nature does not reflect the existence of consent from recipients, and thereby it cannot be a way to manage distribution lists in compliance with the Act. In other words, by opening an email, a recipient does not provide (nor retroactively provide) the originator with express or implied consent to send them CEMs.

Investigation of Couch Commerce Inc. and its director Ghassan Halazon

Commission staff alleged that between 2 July 2014 and 9 September 2014, Couch Commerce Inc. sent CEMs, or caused or permitted any of its subsidiaries, namely 8108773 Canada Inc. and DealFind.com Inc., to send CEMs to electronic addresses, without a functioning unsubscribe mechanism contrary to paragraph 6(2)(c) of the Act.

Commission staff also alleged that Ghassan Halazon acquiesced in this violation while he was the President and CEO of Couch Commerce Inc. Couch Commerce’s non-functioning unsubscribe mechanism was a broad and recurring compliance issue that Ghassan Halazon ought to have known about over the time, considering the importance of email distribution lists to the Couch Commerce group’s business. Evidence shows that even when Couch Commerce group’s employees told a customer they had been unsubscribed, they had actually not been. Appropriate steps to fix the unsubscribe process were never taken. No evidence shows that Ghassan Halazon instituted any policy or procedure relating to compliance with the Act.

Enforcement actions

Pursuant to section 22 of the Act, the CRTC designated person served a Notice of Violation (NOV) on Brian Conley on 13 February 2017, whereby it was alleged that he was liable, in his director capacity, for the violations committed by nCrowd, Inc. pursuant to section 31 of the Act. The NOV set out an administrative monetary penalty totaling $100,000. Pursuant to section 24(1) of the Act, Brian Conley submitted representations to the Commission (see details below).

Pursuant to section 22 of the Act, the CRTC designated person served a NOV on Ghassan Halazon on 7 February 2017, whereby it was alleged that he was liable, in his director capacity, for the violation committed by Couch Commerce Inc. pursuant to section 31 of the Act. In addition, a warning letter was served upon Ghassan Halazon on 10 February 2017. The purpose of this letter was to raise concerns regarding new compliance issues, considering that the email lists that were at the core of the alleged violations committed by Couch Commerce Inc. and nCrowd, Inc. were appropriated, after a series of bankruptcies and transactions, by Transformational Capital Corp. (TCC), a company directed by Ghassan Halazon. Following discussions between Mr. Halazon and Commission staff, an undertaking was signed to address the alleged violations and ensure future compliance. The undertaking included, an amount to be paid, set at $10,000, and a compliance program to be put in place by TCC. This undertaking ended the proceeding commenced by the NOV, pursuant to section 21 of the Act.

In addition, warning letters were served on 16 December 2016 upon Salesforce.com, Inc., formerly known as ExactTarget, Inc. (Couch Commerce group’s email service provider or ESP) and Sailthru, Inc. (nCrowd group’s ESP). Commission staff advised these ESPs that some CEMs sent on behalf of their respective client did not properly identify the ESP as the sender ^Footnote9 and did not always contain a functioning unsubscribe mechanism. These letters required both ESPs to take corrective action to ensure compliance with CASL.

Decision of the Commission

In its Decision 2019-111 dated 23 April 2019, the Commission confirmed the violations committed by nCrowd, Inc. and the liability of its director, Mr. Conley, pursuant to section 31 of the Act, as well as the penalty amount set out in the NOV ($100,000).

This decision has no impact on the undertaking signed by Mr. Halazon.

Caveat:

A person found liable by the Commission may further bring an appeal in the Federal Court of Appeal from the decision rendered by the Commission pursuant to section 27 of the Act. Commission staff will make the best efforts to provide additional information as soon as practicable.

Footnotes

Footnote 1

Couch Commerce Inc. and its subsidiaries, 8108773 Canada Inc. and DealFind.com Inc. are collectively designated hereafter as the Couch Commerce group. Couch Commerce Inc. allegedly committed the violations mentioned below, and/or caused or permitted these violations to be committed by its subsidiaries.

Return to footnote1referrerFootnote 2

nCrowd, Inc. and its subsidiaries, nCrowd Commerce, Inc. and nCrowd Limited, are collectively designated hereafter as the nCrowd group. nCrowd, Inc. committed the violations mentioned below, and/or caused or permitted these violations to be committed by its subsidiaries.

Return to footnote2referrerFootnote 3

Mr. Halazon was the Chief Executive Officer (CEO) of Couch Commerce Inc. and Mr. Conley was the CEO of nCrowd companies, as detailed below.

Return to footnote3referrerFootnote 4

See for example http://ncrowd.pissedconsumer.com/

Return to footnote4referrerFootnote 5

Lawsuit from merchants against nCrowd, Inc. and Brian Conley: Civil action File No. 1:15-cv-03551-ODE before the United States District Court for the Northern District of Georgia, Atlanta Division, which terminated in June 2017 with an out-of-court settlement.

Return to footnote5referrerFootnote 6

In Canada, CBC News, CTV News, and the Financial Post published reports on Teambuy and nCrowd. See for example: https://www.cbc.ca/news/canada/british-columbia/marquis-spa-deal-ncrowd-boomstreet-1.3300832. In the United States, ABC affiliate WATE-TV aired an investigative report including a video entitled “Knoxville-based nCrowd forecloses, Boomstreet opens in the same spot” https://www.wate.com/news/investigations/knoxville-based-ncrowd-forecloses-boomstreet-opens-in-same-spot_20170818074902376/792795165. In the UK, The Mail On Sunday reported that “more than 2,800 people and businesses are estimated to be owed around 1.6million [CAN$ 2.9million] following the collapse of nCrowd” and pointed out that Conley took a rest “sipping drinks with his wife in sunny Cabo San Lucas, in Mexico, while his customers counted their losses” https://www.thisismoney.co.uk/money/cardsloans/article-3424235/Deals-website-nCrowd-goes-bust-owing-shoppers-money-reappears-new-ownership.html.

Return to footnote6referrerFootnote 7

See http://www.canadiandealsassociation.com/warning-ncrowd-announces-foreclosure/ and http://www.canadiandealsassociation.com/there-are-better-managed-companies-in-the-deals-industry/

Return to footnote7referrerFootnote 8

This technique consists of embedding an image file of a single white pixel among the content of an email. When the recipient’s email client prepares such an email for display, it typically sends a request to the server to receive the additional content. The white pixel image file is subsequently downloaded without being noticed by the recipient. Consequently, the party controlling the server from which the pixel was downloaded may track email opening.

Return to footnote8referrerFootnote 9

Pursuant to section 6(2) of the Act, section 2(1) of the Electronic Commerce Protection Regulations (CRTC) and guidance material published on the Commission’s website, when a CEM is sent on behalf of another person, all these persons need to be identified in the CEM if they play a material role in the content of the CEM and/or the choice of the recipients. An email service provider who has no input on the content of the message or recipient list would not need to be identified in the CEMs sent by clients, pursuant to this guidance. However, in this case, Commission staff found that the ESP’s email management solution adapted messages based on customers’ profile and behaviors and sent emails with dynamically generated content. Therefore, the ESPs played a material role in the content of the CEMs being sent and must be identified in these CEMs.

Return to footnote9referrerFootnote 10

Some examples are: Kashless, Inc. (parent company of Tippr LLC, Tippr.com LLC and Groupalicious LLC), Crowdsavings.com LLC, Screaming Media Group, Inc., Saveology.com, LLC, EthicalDeal, Dealathons.com Inc., and KGB Deals.

Return to footnote10referrerFootnote 11

Some examples of these companies, known by their tradenames, are: Savvy Avenue, Daily Deal Squad, Get Grouby, QponDay, Deal Daddies, Lucky Monckey, Play Hawaii, and Huge Daily Deal.

Return to footnote11referrerDate modified: 2019-04-23

CRTC Announcement