Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

Office of the Privacy Commissioner announces first investigation under the address harvesting provisions

By Privacy and Cybersecurity Group
May 27, 2016
  • Canada
  • Enforcement
  • Marketing, Cookies & Spam
Share on Facebook Share on Twitter Share via email Share on LinkedIn

Today, the Office of the Privacy Commissioner (OPC) announced its report of findings against Compu-Finder, a Quebec-based company that offers face-to-face professional training courses.

The OPC alleges Compu-Finder used address harvesting programs to search and collect e-mails on the internet. This marks the first investigation by the OPC involving its address harvesting provisions under the Personal Information and Electronic Documents Act (PIPEDA). The OPC concluded that Compu-Finder did use e-mail addresses of individuals to send e-mails promoting its business activities, without the consent of the individuals concerned. Compu-Finder was unable to demonstrate it had the appropriate consent for the collection and use for many of the e-mail addresses. Further, the OPC found Compu-Finder lacked basic privacy knowledge of its obligations and failed in demonstrating accountability and openness of its privacy practices.

This investigation also debuts the OPC’s compliance agreement power since the tool was added by the Digital Privacy Act on June 18, 2015. The compliance agreement between the Privacy Commissioner of Canada and Compu-Finder lists over ten remedial measures imposed on Compu-Finder. Some of the following measures that Compu-Finder has agreed to implement, include:

  • collect and use only e-mail addresses with proper consent;
  • destroy all e-mail addresses in its possessions which were collected without obtaining consent;
  • refrain from collecting any electronic addresses of individuals through the use of a harvesting computer program;
  • develop and implement a privacy program; and
  • obtain a third-party audit of its privacy program.

Compu-Finder is also under investigation by the Canadian Radio-television and Telecommunications Commission (CRTC). The CRTC issued a Notice of Violation against Compu-Finder pursuant to Canada’s Anti-Spam Legislation (CASL) on March 5, 2016.  The OPC acknowledged the CRTC shared investigative information with the OPC pursuant to CASL and a Memorandum of Understanding between the two agencies.

The CRTC’s proceedings against Compu-Finder are still on going.

You can read the full report of findings and compliance agreement online  here.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Privacy and Cybersecurity Group

About Privacy and Cybersecurity Group

Our Privacy and Cybersecurity lawyers operate at the intersection of technology and law. We understand that data is one of your core assets, driving insights and enabling development of valuable new products and services. Our global Privacy and Cybersecurity group works across all sectors offering a full complement of counseling and advice, regulatory and litigation services.

All posts

RELATED POSTS

  • Canada
  • Data Breach
  • Employee Privacy

Who’s Minding The Store?

Late last week, the office of the Privacy Commissioner of Canada announced a major breach within its own office with […]

By Catherine Coulter
  • Marketing, Cookies & Spam

Cookies rule – updates in Spain, France and the UK

As the UK counts down to the 26 May “cookie deadline” there have been some important developments in other key […]

By Simon Elliott
  • Cloud Computing
  • Consumer Protection
  • Data Breach
  • Employee Privacy
  • Enforcement
  • Health Information Privacy
  • Marketing, Cookies & Spam
  • Privacy Rights
  • United States

FTC Announces New Guidance on Ransomware

By Peter Stockburger

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site