Tech Change Costs Porter $150,000 In CASL Fines

Porter Airlines is the latest company to face the wrath of the CRTC with a fine of $150,000 for failing to Canada’s Anti-spam Legislation (CASL).

Manon Bombardier, CRTC’s Chief Compliance and Enforcement Officer, emphasised Porter’s collaboration:

“We appreciate that Porter Airlines took corrective action once it became aware of our investigation. The company has voluntarily entered into an undertaking and committed to comply with Canada’s Anti-Spam Law.”

Even though Porter seemed to be acting in good faith, they still agreed to comply and pay without contesting the decision. Moreover, the airline publicly admitted its fault and explained that it was mainly related to a change of technology for the sendout of some of its emails.

This penalty against Porter Airlines demonstrates how high the chances are of paying a fine, even if you are acting in good faith and believe you are compliant.

CRTC spokesperson Manon Bombardier was very clear about the risks:

“Some businesses are under the mistaken impression that they are compliant with the law by relying on general business practices or policies as proof of consent for the majority of the electronic addresses to which they send their commercial emails. This is simply not the case.”

The CRTC identified many issues in Porter’s case but noted that it wasn’t at fault in all their sendouts. Only a limited number of emails were problematic. The issues were:

  • General lack of information on how to stop receiving commercial messages
  • Unclear unsubscribe mechanisms
  • Lack of proper contact information
  • Unsubscribe requests not fulfilled within the 10-day grace period
  • Inability to provide proof of consent

The CRTC news release didn’t mention if these problems were limited to general emails, newsletter, transactional email of emails sent by individuals to Porter customers.

All in all, if Porter Airlines had followed the CRTC’s recommendations, when CASL came into effect, by conducting an audit of its procedures and implementing a clear compliance policy for its employees, it could have demonstrated due diligence, and avoided this hefty fine, despite the problems caused by its change of systems.

Regarding your own business, the time to act is now. At the very minimum, perform an audit. Followed by the implementation a compliance program that covers CASL’s 100+ rules and regulations.

 

SMB Plenty of Fish to pay $48K for a form!

In no less than three weeks after issuing its first fine, the CRTC announced that PlentyOfFish Media Inc., a Vancouver SMB, has also been fined under Canada’s Anti-Spam Act.

PlentyOfFish Media Inc. is a 75-employee Vancouver-based company that manages the popular free dating site Plenty of Fish, a destination with over 90M users.

Consent was not an issue

The facts compiled by the CRTC cover the period from July 1, 2014 (when CASL first came into effect) to October 8, 2014 (when the CRTC informed the company that it was subject to an investigation).

Over this period, the CRTC criticised Plentyoffish Media for not having a clear enough unsubscribe link and a form too complex to complete the process.

N.B.:  The complaints received by the CRTC concerned emails sent to registered members of the site, and therefore to persons who had given their consent to receive them. So, consent was never an issue.

This fine is a case in point that even with consent as well as an unsubscribe link and form; businesses can still pay fines. One must be diligent. And PlentyOfFish showed their diligence by immediately paying their $48,000 fine and correcting the problem.

The CRTC makes its point clear

By giving a relatively small fine compared to the $1.1M one imposed at the beginning of the month to Compu-Finder, the CRTC is showing that it understands CASL, how to enforce it, and adjusts their fines based on the situation at hand.

It’s clear though, acting blindly in goodwill is not enough to avoid penalties.

In fact, as the CRTC stated in an Information Bulletin, that the only way to protect yourself against fines is to conduct a complete audit of your company and have a compliance policy which corrects those weaknesses identified by the audit.

If Plentyoffish had taken such action with Certimail or a consultant, they wouldn’t have had to pay this penalty and endure the bad-press that came with it.

And now what about you? Have you done an audit set up your program to avoid this kind of situation?

CASL’s First Fine: QC SMB Compu-Finder $1,1M!

According to a press release issued by the CRTC, it’s Morin-Heights’ SMB 3510395 Canada Inc. a.k.a Compu-Finder who received CASL’s very first notice of violation. And appropriately, this notice came with a fine of no less than $ 1,100,000!

For those covering and concerned with Canada’s Anti-Spam Law, many weren’t expecting this first penalty to be issued so soon. Many also suspected that the CRTC would choose a large, robust business as its first target. So when the CRTC announced that its first fine was to be issued to a Quebec SMB, for $1,1 million, everyone was caught by surprise.

Compu-Finder, operating under several business names including Academie de Gestion and ACF Management, is a company of about fifteen employees offering training courses for businesses and individuals. Their methods to recruit clients has always been controversial, so this first fine sets an excellent example.

Never-ending harassment

Compu-Finder’s never-ending harassment to executives across the country used methods similar to that of the most sophisticated Russian spammers. Even Certimail’s CEO suffered their endless flurry of emails and tried unsuccessfully several times to unsubscribe himself from their lists. He:

  • Used their unsubscribe form,
  • Sent emails asking for the removal of his address from their lists,
  • Even called on their 800 line.

The promises that his address would be removed from their list were only lies as he continued to receive their spam, like the tens of thousands of other SMB executives.

The CRTC mentioned that Compu-Finder was the subject of 26% of the 245,000 complaints they received from across Canada since CASL came into effect.

The fact that a Quebec SMB was able to generate more than 63,000 complaints in only a few months is indicative of the level of harassment they inflicted on the community.

Compu-Finder’s bad practices were common knowledge

For years now, the media has denounced Compu-Finder’s malicious practices. In 2008, Nelson Dumais, columnist of La Presse wrote an article on their underhanded methods, then in 2010 interviewed a former employee confirming the company’s culture of unethical practices.

In 2011, in their monthly magazine, consumer protection organisation Protégez-vous used Compu-Finder as an example to illustrate the relevancy of CASL.

The company was also known in the late 1990s for bad marketing practices, by saturating corporate fax machines with spam.

A lesson for all

When going through PIPEDA Report of Findings of the Investigation into the personal information handling practices of “Compu-Finder”, it’s quite clear that company owners, Sylvie Pagé and Alain Guyot were reckless in their marketing practices.

As a matter of fact, the Office of the Privacy Commissioner of Canada used the Compu-Finder case as an example of “how not to collect and use e-mail addresses”.

Let this be a good lesson and an example for all.