CRTC fines Compu-Finder $1.1 million for CASL violations

The Canadian Radio-television and Telecommunications Commission (CRTC) is the principle agency tasked with enforcing Canada’s anti-spam law. Today they issued a Notice of Violation to Compu-Finder  including a $1.1 million dollar fine for 4 violations of CASL. The violations include sending unsolicited email and having a non-working unsubscribe link. According to the CRTC, complaints about Compu-Finder accounted for 26% of all complaints submitted about this industry sector.
This is the first major fine announced under CASL.
One of the first things that jumped out at me about this is the action was taken against B2B mail. There are a lot of senders out there who think nothing of sending unsolicited emails to business addresses. In my experience, many B2B senders think permission is much less important for them than B2C senders. I think that this enforcement action demonstrates that, at least to the CRTC, permission is required for B2B mail.
The other thing that jumped out is that given the extent of the complaints (26%) the financial penalties were only slightly more than 10% of the $10M maximum penalty. It seems the CRTC is not blindly applying the maximum penalty, but is instead actually applying some discretion to the fines.
I’ve looked for the actual notice of violation, but haven’t been able to find a copy. If I find it, I will share.
 
 
 
 

Related Posts

Canada announces CASL regulation start date

This morning Industry Canada published its final regulations regarding the implementation of the Canadian Anti-Spam Law. Email related provisions of the law will take effect June 1, 2014.
What does this mean? It means that anyone sending mail from Canada or anyone sending mail that is accessed in Canada is required to have explicit opt-in consent for sending that mail, with a few exceptions. These exceptions include commercial electronic messages that are:

Read More

The DMA: Email marketing or spam?

A few weeks ago, I signed up for a webinar from the DMA. As is my normal process I used a tagged address. I don’t remember any notification that I would be signing up for mail, and I generally do look for those kinds of things. I also know a lot of webinars are used to drive sales processes and I prefer not to waste sales time if I’m not actually looking to purchase.
In recent weeks I have gotten an ongoing stream of marketing messages from the DMA. I’ve tried to opt-out, but the DMA don’t actually want me to opt-out. Each marketing message is a different type of message from a different list. Each list must be opted out of individually.
First it was Conferences, then it was Education, then it was Awards, then Events. I’m trying to figure out what’s next and how many more times the DMA is going to get to spam me before I just turn that address into a spam trap.
And before you tell me that I can’t make an address a spam trap, think about that a little bit. I never opted this mail in to receive anything but the webinar confirmation. I’ve dutifully opted out each and every time the DMA has mailed me. I’ve even tried to opt-out of all mail. Unfortunately, the DMA has placed the “opt-out of all mail” behind a registration wall, one I cannot get to as I do not have (or want) a DMA account.
DMASignOn
The DMA is sending me mail I did not request and do not want. They have made it impossible for me to determine how much mail I will get. They have made it difficult for me to opt-out of all their mail.
This is an example of bad email marketing. I’m sure that the DMA will tell me this is all permission based email. I disagree. This is an example of the DMA taking permission. This is not an example of a sender asking for permission. I didn’t give permission to be added to all these DMA lists, and I have no way to actually revoke the permission that they took from me.
I signed up for a second webinar with this email address, one related to CASL. The irony is that the DMA’s behavior here is a violation of a number of points of CASL. First, there was no clear opt-in notice on the website. Second, CASL requires parity between opt-in and opt-out. If I opt-in once then I should be able to opt-out once. CASL puts an end to this opt-in once, opt-out dozens of times process.
I wish I could say I was disappointed in the DMA. But I’m barely surprised. Their track record is poor and they have typically fallen on the side of “I have consent until you force me to acknowledge that I don’t.” In this case, the DMA is demonstrating that quite clearly. They will keep spamming and spamming and spamming. I have no doubt were I to actually register an account, they would continue to spam me with “account notifications” that I was unable to opt-out of because they are transactional, membership messages.

Read More

Dodging filters makes for effective spamming

Spam is still 80 – 90% of global email volume, depending on which study look at. Most of that spam doesn’t make it to the inbox; ISPs reject a lot of it during the SMTP transaction and put much of rest of it in the bulk folder. But as the volumes of spam have grown, ISPs and filters are relying more and more on automation. Gone are the days when a team of people could manually review spam and tune filters. There’s just too much of it out there for it to be cost effective to manually review filters.
In some ways, though, automatic filters are easier to avoid than manual filters. Take a spam that I received at multiple addresses today. It’s an advertisement for lists to “meet my marketing needs.” I started out looking at this mail to walk readers through all of the reasons I distrusted this mail. But some testing, the same sorts of testing I do for client mails, told me that this mail was making it to the inbox at major ISPs.
What told me this mail was spam? Let’s look at the evidence.
listsellingspam_thumb

Read More