Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

CRTC ENFORCEMENT ADVISORY: REMEMBER, YOU MUST HAVE RECORDS TO PROVE CONSENT

By Karl Schober
July 28, 2016
  • Canada
  • Enforcement
  • Marketing, Cookies & Spam
Share on Facebook Share on Twitter Share via email Share on LinkedIn

The Canadian Radio-television and Telecommunications Commission (CRTC) issued an enforcement advisory to both businesses and individuals that send commercial electronic messages (CEMs) to keep records of consent. The CRTC reminded senders of CEMs that section 13 of Canada’s anti-spam legislation (CASL) places the onus on the sender to prove they have consent to send every single CEM.

The advisory made a point to note the CRTC has observed businesses and individuals unable to demonstrate they have obtained consent before sending CEMs. Failure to meet record keeping requirements has been alleged in recent CRTC enforcement decisions against organizations. However, today’s enforcement advisory may suggest the CRTC is finding record keeping to be a widespread concern, warranting this advisory.

Record keeping is one of the most contested provisions under CASL as the financial, organizational and technical burden weighs on senders to meet the high record-keeping standards set by the CRTC. Having the record keeping requirements on the CRTC’s radar adds further urgency to ensure a sender’s compliance program is sufficient.

The CRTC emphasized in its advisory that good record-keeping practices can assist senders establish a due diligence defense in the case of a violation under CASL. Violations of CASL may result penalties of up to CAD $1,000,000 for individuals, and up to CAD $10,000,000 for organizations.

The CRTC reiterated its guidance that record-keeping should document:

  • All evidence of express or implied consent from consumers who agree to receive CEMs. Evidence can be in various forms such as audio, electronic or paper.
  • The procedures and methods through which senders obtain consent
  • The sender’s CASL policies and procedures
  • All unsubscribe requests and subsequent actions taken

Click here to read the full CRTC Enforcement Advisory. For more guidance on record keeping, read the CRTC’s guidelines to help develop a corporate compliance program.

 

 

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Karl Schober

About Karl Schober

Karl Schober is a Senior Associate with Dentons' Privacy and Cybersecurity group, and Transformative Technologies and Data Strategy practice. Based in Toronto, his thriving practice focuses on privacy compliance, emerging technologies, marketing and advertising, regulated products, and general consumer protection laws and regulations.

All posts Full bio

RELATED POSTS

  • Canada

Copyright Modernization Act enters into force – TPMs, ISP Liability and more

The majority of the provisions of Canada’s Copyright Modernization Act (the “CMA”) entered into force today, November 7.  Let’s take a look […]

By Margot Patterson
  • Marketing, Cookies & Spam

CASL: A Call for Clarity

By Margot Patterson
  • Canada
  • Consumer Protection
  • Privacy Rights
  • United States

Children’s Online Privacy Protection: U.S. Developments Compared to Canada

There were two important developments in the U.S. regarding children and mobile technologies. FTC Staff Report On December 10, 2012, […]

By Privacy and Cybersecurity Group

About Dentons

Dentons is the world’s largest law firm, delivering quality and value to clients around the globe. Dentons is a leader on the Acritas Global Elite Brand Index, a BTI Client Service 30 Award winner and recognized by prominent business and legal publications for its innovations in client service, including founding Nextlaw Labs and the Nextlaw Global Referral Network. Dentons’ polycentric approach and world-class talent challenge the status quo to advance client interests in the communities in which we live and work. www.dentons.com.

Dentons Digital

Twitter

Categories

  • Accountability
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2021 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site