CASL's anti-spam sections came into force on July 1, 2014.
Every organization that CASL affects should now be complying with
it – and their directors and officers need to make sure they
do. CASL opens directors and officers up to personal liability for
violations of it, so every director and officer must think about
limiting her personal exposure. Here are five steps to get that
Director and Officer Liability. CASL expressly
extends legal responsibility to both an organization's
directors and its officers. CASL says that an
organization's officers, directors and agents can be personally
liable if the organization contravenes CASL, regardless of whether
the Canadian Radio and Television Commission (the CRTC, the main
agency charged with CASL's administration) proceeds against the
offending organization itself. To be personally liable, the
officer, director, or agent must have:
directed the violation;
authorized the violation;
assented (somehow agreed) to the violation;
acquiesced in the violation (knew about it and allowed it to
otherwise participated in the violation.
Teeth. CASL gives the CRTC the teeth to back it
up. Individuals and organizations that don't comply with CASL
risk significant penalties – any of which can be imposed or
brought against an offending organization's directors or
The CRTC has the power to impose monetary penalties of up
to $1M on individuals and $10M on other entities.
The CRTC can also bring a criminal charge for obstructing a
CASL investigation, failing to comply with a demand to
preserve transmission data, or failing to produce documents when
Effective July 1, 2017, a person or corporation affected by a
CASL contravention can bring a civil lawsuit against the offending
person or entity – and seek remedies including monetary
compensation and expenses. The maximum penalties are $200 for each
commercial electronic message contravention (to a maximum of
$1M/day), and $1M for each day on which a software contravention
occurs (CASL's software sections come into force on January 1,
Due Diligence Defence. CASL does, however,
provide a "due diligence" defence. So, when the CRTC
seeks to impose personal liability on an organization's
directors or officers for a CASL violation, they – or the
organization itself – may be able to raise the defence
that they exercised due diligence if:
the organization took reasonable steps, including at the board
and executive levels, to prevent the CASL violation; and
the organization can prove that it took those reasonable steps
with records and/or other tangible evidence that clearly
demonstrate the steps taken to avoid violating CASL.
Executive Compliance Program. Every
organization that CASL affects needs a CASL compliance program. But
directors and officers must also ask themselves whether there are
sufficient compliance mechanisms at the board and executive levels
to avoid running into personal liability issues down the road: have
the board and the executive taken all reasonable steps to prevent a
CASL violation? Designing and implementing an executive CASL
compliance program specific to its directors and officers is a way
to for them to exercise – and prove – due diligence to
help protect them from personal liability under CASL. Here are five
ideas to start that process:
Audits. Require the organization to conduct
regular internal audits on CASL compliance overseen by the officers
and management team to prevent and detect CASL violations.
Routine Reporting. Require routine reporting,
perhaps monthly or quarterly, by the organization's officers
and management team to its board of directors respecting the
organization's audit results.
Periodic Reporting. Require reporting by the
officers and management team to the board of directors whenever the
organization updates or modifies the corporate CASL compliance
procedures and policies, and immediate reporting to the board and
executive of any complaints that could signal non-compliance.
Chief CASL Compliance Officer. Appoint a
member of the senior management team as chief compliance officer
responsible for managing and reporting on the executive compliance
Attestations. Require CASL compliance
attestations from senior management in the course of the
organization's regular compliance process.
Under the Income Tax Act, the Employment Insurance Act, and the Excise Tax Act, a director of a corporation is jointly and severally liable for a corporation's failure to deduct and remit source deductions or GST.
Under the Income Tax Act, the Employment Insurance Act, the Canada Pension Plan Act and the Excise Tax Act, a director of a corporation is jointly and severally liable for a corporation's failure to deduct and remit source deductions.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).