Manon Bombardier, CRTC’s Chief Compliance and Enforcement Officer, emphasised Porter’s collaboration:
“We appreciate that Porter Airlines took corrective action once it became aware of our investigation. The company has voluntarily entered into an undertaking and committed to comply with Canada’s Anti-Spam Law.”
Even though Porter seemed to be acting in good faith, they still agreed to comply and pay without contesting the decision. Moreover, the airline publicly admitted its fault and explained that it was mainly related to a change of technology for the sendout of some of its emails.
This penalty against Porter Airlines demonstrates how high the chances are of paying a fine, even if you are acting in good faith and believe you are compliant.
CRTC spokesperson Manon Bombardier was very clear about the risks:
“Some businesses are under the mistaken impression that they are compliant with the law by relying on general business practices or policies as proof of consent for the majority of the electronic addresses to which they send their commercial emails. This is simply not the case.”
The CRTC identified many issues in Porter’s case but noted that it wasn’t at fault in all their sendouts. Only a limited number of emails were problematic. The issues were:
- General lack of information on how to stop receiving commercial messages
- Unclear unsubscribe mechanisms
- Lack of proper contact information
- Unsubscribe requests not fulfilled within the 10-day grace period
- Inability to provide proof of consent
The CRTC news release didn’t mention if these problems were limited to general emails, newsletter, transactional email of emails sent by individuals to Porter customers.
All in all, if Porter Airlines had followed the CRTC’s recommendations, when CASL came into effect, by conducting an audit of its procedures and implementing a clear compliance policy for its employees, it could have demonstrated due diligence, and avoided this hefty fine, despite the problems caused by its change of systems.
Regarding your own business, the time to act is now. At the very minimum, perform an audit. Followed by the implementation a compliance program that covers CASL’s 100+ rules and regulations.