The undertaking resulted from an alleged failure to obtain
consent from recipients prior to sending commercial electronic
messages. The alleged violations apparently occurred over an
11-week period in late 2014.
As with previous undertakings announced by the CRTC, the summary
produced by the CRTC includes few details about the alleged
non-compliance, such as whether the company sent messages without
obtaining consent, failed to meet form requirements in collecting
consent, or was unable to prove the existence of an existing
business relationship that would give rise to implied consent.
Interestingly, the CRTC summary does note that the messages in
question were allegedly sent by "Kellogg and/or its third
party service providers", and that Kellogg undertook to comply
with CASL and its Regulations, and to "ensure that any third
party authorized to send a commercial electronic message on its
behalf" did the same – suggesting that the alleged
violations may have stemmed, at least in part, from the activities
of a third party service provider. This, in turn, raises
important – but unfortunately, unanswered -- questions about
how penalties are assessed in such circumstances, and the extent to
which due diligence in vendor selection and procurement
arrangements might impact liability for non-compliance under
The central prohibition in CASL relating to commercial
electronic messages does refer explicitly to those sending such
messages, as well as to those causing or permitting such messages
to be sent; accordingly, the law appears to apply to both marketers
and the service providers that may be retained to send marketing
messages on their behalf. Organizations would be well advised
to choose third party vendors carefully, and to impose clear
contractual and process requirements on such vendors to help avoid
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The Multilateral Staff Notice supplements a previous CSA notice regarding cybersecurity risk management, and provides helpful guidance to assist reporting issuers to comply with their legal obligations to ensure that investors have timely...
In the 2002 thriller Minority Report, the pre-crime unit of the Washington police force could lawfully arrest suspects for future criminal activity based on the foreknowledge of certain psychic "pre-cogs" prior to any crime actually being committed.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).