The undertaking resulted from an alleged failure to obtain
consent from recipients prior to sending commercial electronic
messages. The alleged violations apparently occurred over an
11-week period in late 2014.
As with previous undertakings announced by the CRTC, the summary
produced by the CRTC includes few details about the alleged
non-compliance, such as whether the company sent messages without
obtaining consent, failed to meet form requirements in collecting
consent, or was unable to prove the existence of an existing
business relationship that would give rise to implied consent.
Interestingly, the CRTC summary does note that the messages in
question were allegedly sent by "Kellogg and/or its third
party service providers", and that Kellogg undertook to comply
with CASL and its Regulations, and to "ensure that any third
party authorized to send a commercial electronic message on its
behalf" did the same – suggesting that the alleged
violations may have stemmed, at least in part, from the activities
of a third party service provider. This, in turn, raises
important – but unfortunately, unanswered -- questions about
how penalties are assessed in such circumstances, and the extent to
which due diligence in vendor selection and procurement
arrangements might impact liability for non-compliance under
The central prohibition in CASL relating to commercial
electronic messages does refer explicitly to those sending such
messages, as well as to those causing or permitting such messages
to be sent; accordingly, the law appears to apply to both marketers
and the service providers that may be retained to send marketing
messages on their behalf. Organizations would be well advised
to choose third party vendors carefully, and to impose clear
contractual and process requirements on such vendors to help avoid
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Earlier this year, a Canadian trial court ruled that Canada's Personal Information Protection and Electronic Documents Act ("PIPEDA") has extra-territorial application and restricts the dissemination of personal information of Canadians ..
While much has been written about the impending CASL private rights of action, less has been said about the new private right of action CASL will tack on to the Competition Act for misrepresentations in electronic messages.
Potential damages of up to $1 million per day may be imposed. I refer to the blog by Aaron Baer "Are You Compliant With Canada's Anti-Spam Law? If Not, Expect Lawsuits Starting on July 1 of This Year."
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).