The CRTC War on Spam starts nailing the little man

This Man was Fined $15,000 for Sending Marketing Emails – CASL and the CRTC

You run your own business. You’re not a corporation, you’re just one person working out of your basement. Cash flow is a little tight so you need a little more revenue. You email a simple marketing flyer to prospective customers. BOOM! The CRTC whacks you with a $15,000 fine.

Unlikely scenario? It happened last week to William Rapanos.

For the first time, the Canadian Radio-television and Telecommunications Commission (CRTC) fined an individual for CASL breaches, and if it happened to him, it can happen to you. The decision on the CRTC website is here.

Rogers Media, PlentyofFish Media, Porter Airlines, Kelloggs… all well-known corporate names that have been fined under CASL. The high-water mark is a fine of $1,100,000 issued to a numbered corp doing business as CompuFinder. Rapanos is the first human to be hit.

We’ve been warning of CASL (Canada’s AntiSpam Legislation) and its potentially horrific consequences since prior to its enactment by the feds in 2014. There are two key components to CASL. Number one is that before you send a business email or text, you have to have that intended recipient’s consent to receive that email or text AND you have to be able to prove you actually had that consent. Number two is that your emails must be transparent and contain an unsubscribe feature.

There are other sections and subtleties, but for today those are the guts of the statute.

What did Rapanos do to attract the CRTC’s attention? He emailed an inoffensive marketing flyer, in which he advertised being able to design and deliver flyers through Canada Post. The email didn’t include an unsubscribe feature or the other features required by the statute. Fifty people complained to the CRTC about receiving this flyer by email.

That’s all it took, fifty complainers. The CRTC investigated. Rapanos was fined $15,000.

Granted, he didn’t help himself. A notice from the CRTC is not a casual document – it is the start of an investigation from a regulator who has shown a willingness to fight at street level (recall that the CRTC has already obtained two separate warrants under CASL, enforced by the police). Rapanos’ response was that an unknown person hacked his router and the emails weren’t sent by him. Trumplike, he offered no evidence for this bald assertion and so his defence failed. As the CRTC held, “It is highly improbable … that Mr. Rapanos was the victim of an identity theft orchestrated solely for the purpose of sending unsolicited [emails] advertising a flyer distribution business.”

Think of the resources the CRTC must have dedicated to the investigation, prosecution and his appeal. Yes, Rapanos clearly breached the statute, but he’s a small time offender. All he did was use the internet to offer his services to a new target market. Who did he offend in a previous life to earn this kind of bad karma? He’s just a little guy.

And that, I think, is the point. This wasn’t a knee-jerk reaction from the regulator, and it wasn’t a random decision to prosecute him. Fifty complaints is a pittance. This was a carefully planned message, and that message is, no one is immune from CASL. Whether you’re the size of media giant Rogers or a little guy like William Rapanos, CASL applies to you. You’ve been warned.

It will get worse on July 1, 2017. As we’ve pointed out before (most recently here) that is when a new private right of action (PRA) is created by CASL. In other words, if you send an email, and you can’t prove you had prior consent to send it, the recipient can sue you. Then the onus is on you as the sender to prove you had prior consent to send it, not on the recipient to disprove it. This PRA supports class action litigation, and just to make it a full roundhouse kick in the groin, damages are assumed, which means the plaintiff wouldn’t even have to prove damages to win.

This is the law of the land, from the Arctic Circle to the Great Lakes waters. The CRTC has made it clear that we are all subject to it.

This isn’t an attack on the CRTC. Sure, that government body has messed up many times (follow Mark Goldberg on twitter @Mark_Goldberg for his frontline view of the CRTC’s travails), but here, it’s merely enforcing the law.

To their credit, the CRTC staff have done their best to warn us. They have toured the country holding information sessions, before the legislation was enacted and after. The website is full of useful, easy-to-read information. They have clearly communicated their intentions to the public. The CRTC also partnered with New Zealand to fight global spam. The problem is, the public hasn’t been listening.

Rapanos was picked to force you to listen. Get into CASL compliance now so you’re not the next one tied to the whipping post.

CASL – imposing fines to work.

What do the NFL Playoffs and CASL have in common? Freakonomics

Last September we looked at the NFL preseason, with the NFL imposing fines after the games for activities carried out during preseason play. The Commissioner’s office wanted to shape behaviour and used monetary penalties to effect the change it wanted, before the regular season began.

At that time we said, “The NFL told its teams that it would be enforcing the roughing rules more closely, and has followed through on that with financial penalties. Other players have to be taking notice and consequently changing how they play the game to comply with the rules.”

Now the regular season is over and we’re in the playoffs. The NFL is not levying those same fines, which leads one to believe the underlying behaviour has changed, meaning the financial penalties worked. The players are playing the game differently. Levitt and Dubner at Freakonomics would be impressed.

Freakonomics was an immensely influential book. Published in 2005, in addition to being fun and witty, it was one of the first books to bring data mining to the masses, showing how fresh looks at data can describe why people behave the way they do. Levitt and Dubner theorized that social, moral and financial incentives could explain why teachers cheated in Chicago, why the USA’s national violent crime rate fell, why sumo wrestling in Japan is often as scripted as the WWE, and why good parenting could have minimal impact on a child’s education.

Levitt and Dubner described the world as a system of intentional and accidental moral, social and financial incentives working  as push/pull levers to shape behaviour. Their work is as much sociology as it is economics. But it’s hard to argue with this theory, that incentives can cause us to change our behaviour.

This is the theory that has been embraced by the CRTC  (Canada’s Radio-Television and Telecommunications Commission). Created in 1976 to regulate broadcasting and telecommunications, the CRTC’s jurisdiction has crept into the enforcement of internet-related regulatory issues, which means the CRTC is the primary body enforcing Canada’s AntiSpam Legislation (CASL).

The CRTC has been levying Administrative Financial Penalties since CASL came into force in July, 2014. New rules governing computer programs came into force the following January. The CRTC has named the violators, punished them, and advertised the results so as to shape the behaviour of everyone subject to the law. The CRTC has even obtained two warrants to enter business premises to enforce CASL.

Visit the CRTC’s website here for the statute itself, the regulations, and the penalties already levied. The CRTC has defined the high standards it expects to be observed, and has made it clear that it won’t take violations lightly.

The NFL might be in the playoffs but CASL is just finishing its preseason. The regular season begins July 1, 2017.

That date is when a new private right of action is created by statute. In other words, if you send someone an email, and you can’t prove you had prior consent to send it, the person receiving that email can sue you. The onus is on you as the sender to prove consent, not on the recipient to disprove it.

Even worse for the sender of email, damages are assumed, which means the plaintiff is assumed to have been monetarily hurt by receiving an unwanted email. Further, this private right of action supports class action litigation.

If you want to research the basics of CASL and why your highly-paid defence lawyers will be very happy you’re not in compliance, go here. Please note this doesn’t apply only to what is typically thought of as ‘spam’; CASL applies to every email and text message you send.

Are you ready for CASL’s regular season? As we’ve said before, the CRTC has made it clear that a CASL-compliant model includes:

  1. a senior executive to champion the creation and implementation of your compliance model
  2. a senior executive to supervise compliance and respond to potential breaches
  3. Human Resources to add sections to the Employee Handbook on the proper use of email addresses and phone numbers
  4. initial training of all staff, directors and management
  5. annual testing to ensure continued compliance
  6. a technology model that has been architected to achieve all the business goals set out in CASL and as interpreted by the CRTC
  7. initial and on-going stress testing of the system

The incentives are in place to shape CASL-compliant behaviour. Perhaps CASL and its impacts can be a chapter in the next instalment of Freakonomics.