The Canadian government has suspended the CASL private right of action that was to have come into force on July 1. The private right of action (most likely in the form of class actions) would have allowed people to sue anyone for sending spam. Or more accurately for those who violated the technical provisions of CASL.
This is a welcome move. But while we can breathe a sigh of relief that this remedy is gone, CASL still remains in force and must be complied with.
The government’s press release said:
Canadians deserve an effective law that protects them from spam and other electronic threats that lead to harassment, identity theft and fraud. At the same time, Canadian businesses, charities and non-profit groups should not have to bear the burden of unnecessary red tape and costs to comply with the legislation.
The Government supports a balanced approach that protects the interests of consumers while eliminating any unintended consequences for organizations that have legitimate reasons for communicating electronically with Canadians.
For that reason, the Government will ask a parliamentary committee to review the legislation, in keeping with the existing provisions of CASL.
There is no indication that the CRTC will lighten up its enforcement against those who try to comply with the spirit of the legislation, but can’t get the technical details right.
We don’t know how long this review process will take or how long it might be until changes are passed.
And frankly I’m skeptical that the “balanced approach” will go nearly as far as I and others would like to see it go. I (and I’m certainly not alone in this) have maintained from the start that CASL is one of the most ill-conceived, badly written, impractical pieces of legislation I’ve ever seen. It provides little benefit – at a great cost. Tinkering with the legislation won’t fix it – it needs a major overhaul.
Cross-posted to Slaw
The private right of action for sending spam in violation of CASL comes into force on July 1. Many companies are dreading it – some class action lawyers can’t wait. The right thing for the government to do would be to completely scrap CASL – the statute is that bad and ill-conceived. But wishful thinking won’t make it go away.
At the moment, CASL violators are subject to enforcement proceedings by the CRTC. But after July 1, those who have been spammed in violation of CASL can sue the sender. Here are some things to keep in mind about the private right of action.
- Individuals can sue a CASL violator – but class actions are most likely.
- CASL does not say if the right applies only to violations that occur after July 1. That would be the most obvious interpretation, but expect plaintiffs to say it is retroactive.
- In addition to the CASL anti-spam formalities, the right of action applies to the anti-harvesting provisions CASL added to PIPEDA, and the email false advertising provisions CASL added to the Competition Act.
- Damages include actual damages plus statutory damages calculated in a couple of ways – $200 per violation or up to a million dollars per day. It could get expensive.
- Directors and officers are at risk to be sued.
- Depending on timing, a notice of violation from the CRTC or entering into an undertaking with the CRTC may stay a court action. The reverse also applies – a court can prevent an undertaking or notice of violation. Potential defendants may have some influence over picking their poison.
- Due diligence defences are available to mitigate the damage amount.
Cross-posted to Slaw
CASL, the Canadian anti-spam legislation, came into force on July 1, 2014. July 1, 2017 will be an important date for CASL, as a private right of action will become available. Anyone (class actions are likely) will be able to sue CASL violators. Statutory damages means that it won’t be necessary to prove actual damages.
CASL is a complex, illogical statute. Many businesses don’t comply because they don’t think emails they send could possibly be considered spam. After all, spam is about illicit drugs, diets and deals scams, right? Not according to CASL.
Nor do they understand they must keep detailed records to prove they have implied or express consent for each person they send an email to. Or they may be rolling the dice that they will be a low priority for CRTC enforcement. (That approach risks personal liability for directors and officers.)
Once the private right of action kicks in, the enforcement landscape changes. If a business has not yet come to grips with CASL, the spectre of private suits for violations may offer an incentive to comply.
In the long term, the private right of action could provide a couple of silver linings.
Getting CASL in front of the courts may provide some badly needed guidance on how to interpret and apply it in practice. So far, the handful of cases the CRTC has made public have not provided enough detail to help with that.
There is some thought that CASL could be struck down on constitutional grounds. Any business sued under the private right of action should include that in its defence.
The possibility of CASL being struck down should not, however, be a reason not to comply with CASL. It could take years before an action gets far enough to see that result. And that result is by no means assured.
Cross-posted to Slaw