Kellogg Canada is the latest company to be hit under Canada’s Anti-Spam Law, ordered by the CRTC to pay $60,000 as part of a settlement for alleged violations that took place over a relatively short period of time.
A statement issued by the CRTC on Sept. 1 indicated Kellogg Canada Inc. “…voluntarily entered into an undertaking with the chief compliance and enforcement officer of the Canadian Radio-television and Telecommunications Commission, in relation to an alleged violation of paragraph 6(1)(a) of the Act:
“From 1 October 2014 to 16 December 2014, inclusively, messages were sent by Kellogg and/or its third party service providers during the period of 1 October 2014 to 16 December 2014 to recipients without consent of their recipients.”
Pursuant to section 21 of the Act, Kellogg Canada Inc. agreed to the monetary payment of $60,000 and to comply with, and ensure that any third party authorized to send a commercial electronic message on its behalf complies with, the Act and regulations, and to review and update its compliance program.
The compliance program will be reviewed and updated by Kellogg Canada Inc. with the goal to promote compliance with the Act and regulations. More specifically, the program will cover elements such as revising written policies and procedures regarding compliance, training programs for Kellogg employees, tracking of commercial electronic message complaints and subsequent resolution, and implementing updated monitoring and auditing mechanisms to assess compliance.
No one from Kellogg Canada was available for comment, but the company issued a statement on Friday:
“We are aware and disappointed in our company’s alleged violation of Canada’s anti-spam legislation as it relates to commercial electronic messages sent by our third party suppliers on behalf of Kellogg Canada in late 2014. We are cooperating fully with the Canadian Radio-television and Telecommunications Commission (CRTC), and voluntarily undertaking a number of immediate actions to ensure our compliance and that of our third-party suppliers. At Kellogg, consumers are at the heart of all we do, and we will continue to earn their trust and demonstrate a commitment to integrity and ethics each and every day.”
In the statement, the CRTC noted: “This Undertaking fully and completely resolves all outstanding issues with respect to Kellogg’s or its subsidiaries’ alleged non-compliance with the Act, including the payment of any specified amount in relation thereto, between the Commission and Kellogg Canada Inc. in relation to the CCEO’s investigation into the alleged violation by Kellogg Canada Inc. during the period of 1 October 2014 up to and including the Effective Date of this Undertaking.”
Bradley Freedman, partner with Borden Ladner Gervais LLP in Vancouver, says the settlement is notable in that it is the first time an alleged violation has been by an organization or its service providers.
“You can see how the language is not clear — it says Kellogg Canada and/or its third-party service providers,” says Freedman.
He adds that there are things organizations can do such as educating employees and following appropriate policies and procedures.
Marketing and advertising lawyer Steve Szentesi says the case shows that the CRTC is still working through matters that arose early following the coming into force of CASL and that compliance with the basic CASL requirements (consent, identification and an easy unsubscribe mechanism) remain key for companies marketing electronically.
“This case is also something of a caution that companies should ensure that third-party marketers and partners comply with CASL,” says Szentesi.
“Companies using third-party marketers for electronic marketing may also consider risk-shifting provisions in their agreements with marketers in the event CASL issues arise,” he says.
The case also sends a message that the CRTC wants companies engaging in electronic marketing to have effective compliance programs.
Violation of CASL’s CEM rules can result in penalties up to $1 million per violation for individuals and up to $10 million per violation for organizations, civil liability through a private right of action (commencing July 1, 2017) and vicarious liability on employers, directors and officers. CASL gives the CRTC regulatory and enforcement authority regarding CEMs and other matters.