A director is held personally liable for violating Canada’s anti-spam legislation

For the first time since Canada’s anti-spam legislation¹ (CASL) came into force, the Canadian Radio-television and Telecommunications Commission (CRTC) has held a corporate director personally liable for violations to the CASL. The CRTC imposed a $100,000 penalty on Brian Conley as corporate director (he was president and CEO) of the nCrowd group² after finding that nCrowd had sent commercial electronic messages to persons without having received their express or implied consent and that the unsubscribe mechanism in the commercial electronic messages did not comply with the Act. 

The commission received 246 submissions regarding electronic messages sent by nCrowd. The electronic messages varied greatly, but, at a minimum, they all promoted products or services offered by various merchants via the online sale of corresponding vouchers through nCrowd’s platform.

The list of recipients nCrowd provided as evidence contained 1,928,015 electronic addresses, most of which had been acquired from a third party, Couch Commerce, on September 24, 2014. According to the information on the list, express consent to send emails to 1,566,144 email addresses on that list had allegedly been obtained in one day, that is to say on August 13, 2014, the date on which Couch Commerce moved its email records from one email service provider to another. No other supporting documents or information were provided on what, specifically, consumers might have consented to.

Therefore, Mr. Conley’s liability was retained based on the fact that he had participated in acquiring the distribution list and, it was reasonable to believe, according to the CRTC, that he had knowledge of how the lists would then be used. The CRTC also noted that the agreement of purchase and sale at the centre of this case – the list acquired from Couch Commerce – included terms indicating that Mr. Conley was aware of the Act generally, and terms requiring nCrowd to take steps to satisfy itself with respect to Couch Commerce’s compliance with the Act.

In its decision, the CRTC also pointed out that no internal policies or procedures regarding sending emails were in place while the violations were being committed. Corporate directors or officers should consider implementing such measures to prevent any future violations to the CASL. In addition, the purpose of the penalties under CASL is to promote compliance with the Act, and not to punish. The CRTC could award a lesser penalty in cases where efficient internal policies and procedures have been implemented. 

The authors would like to thank Anthony Piché, articling student, for his assistance in preparing this legal update.