Federal Court of Appeal Recognizes Constitutionality of CASL

On June 5, 2020, the Federal Court of Appeal (“FCA”) released its decision in 3510395 Canada Inc. v Canada (Attorney General), 2020 FCA 103.

The decision considered the appeals of 3510395 Canada Inc. (doing business as “CompuFinder”) to two findings of the Canadian Radio-Television and Telecommunications Commission (“CRTC”).

The decision is significant for two main reasons. First, it recognizes the constitutionality of the scheme in Canada’s Anti-Spam Law (“CASL”)[1] which regulates the sending of unsolicited commercial electronic messages (“CEMs”).[2] Second, it provides guidance on several key aspects of CASL’s CEM provisions, including: (i) the scope of the “relationship” requirement in CASL’s business-to-business exemption; (ii) the effect of including a non-functioning unsubscribe mechanism in a CEM, even if the CEM also includes a functioning unsubscribe mechanism; and (iii) the scope of CASL’s provisions relating to implied consent to receive CEMs. Organizations which utilize CEMs to promote business activities would be wise to pay close attention to the impacts of the decision.

Constitutionality

The FCA found that CASL’s CEM scheme is a valid exercise of the federal government’s constitutional jurisdiction over general trade and commerce. Moreover, although the scheme infringes upon freedom of expression, such infringement is justified in part by CASL’s demonstrable benefits, including: (i) the reduction of spam; (ii) an increase in legitimate CEMs reaching recipients and being opened; and (iii) increased email marketing performance of Canadian companies.

Business-to-Business Exemption

The decision provides guidance on the scope of the “relationship” requirement in CASL’s business-to-business exemption. Section 6 of CASL establishes several requirements for sending CEMs, including the requirement to obtain consent from recipients prior to sending a CEM. The business-to-business exemption provides that s. 6 of CASL does not apply to CEMs sent between representatives of organizations where those organizations have a “relationship” and the CEM relates to the activities of the recipient organization.[3] CompuFinder provided professional training courses on several topics, including team management and effective use of social media. An organization purchased one of CompuFinder’s training courses for one of its employees. CompuFinder subsequently sent CEMs to a significant number of the purchasing organization’s employees. The FCA refused to interfere with CRTC’s finding that the organization’s purchase of one training program for one of its employees did not, on its own, establish a “relationship” that would allow the appellant to directly solicit every other employee in that organization. Such a contractual relationship, which comprehends a very limited number of transactions affecting very few employees, does not constitute a “relationship” for the purpose of the business-to-business exemption.

Unsubscribe Mechanism

The decision clarifies that a CEM containing a non-functioning unsubscribe mechanism is non-compliant, even if the CEM also contains a functioning unsubscribe mechanism. CompuFinder sent 87 CEMs containing two unsubscribe links: one that functioned properly and one that produced an error message when clicked. The presence of the non-functioning unsubscribe mechanism meant that the functioning unsubscribe mechanism was not set out clearly and prominently, nor was it able to be readily performed, both of which are required under the CRTC Regulations.[4]

Implied Consent

The decision provides guidance on the scope of the implied consent provisions in CASL. CASL provides that a recipient impliedly consents to receiving CEMs where:

  1. The recipient has conspicuously published or caused to be conspicuously published their electronic address;
  2. The publication is not accompanied by a statement that the recipient does not wish to receive unsolicited CEMs; and
  3. The CEM is relevant to the business, role, functions or duties of the recipient individual or organization.[5]

With respect to the first condition, CompuFinder sent CEMs to email addresses obtained from websites that did not indicate whether the email addresses were user submitted. Therefore, CompuFinder failed to show that the recipients themselves had published their email addresses. CompuFinder also sent CEMs to email addresses obtained from websites containing statements requesting that CEMs not be sent to the email addresses therein, therefore violating the second condition. Finally, CompuFinder argued that the third condition was satisfied because CompuFinder knew the job titles of CEM recipients, and could therefore ascertain the business, role, functions or duties of the recipient individuals. The court disagreed, finding that CompuFinder failed to discharge its burden of demonstrating that the recipients’ job titles proved that CompuFinder’s CEMs were relevant to the business, role, functions or duties of the recipient individual. The court declined to definitively state that no job title could, in and of itself, sufficiently convey the business, role, functions or duties performed by the titleholder. Notably, however, the court stated that a recipient’s job title is not the same as a recipient’s official business, role, functions or duties and that organizations seeking to rely on having implied consent due to conspicuous publication must “be prepared to state explicitly the “business, role, functions or duties” of recipient individuals or organizations…and then be prepared to elucidate, equally explicitly, the relevance of the CEM to the recipient’s business, role, functions or duties thus stated.”[6]

EKB’s Information & Privacy team is experienced and knowledgeable in all areas of information and privacy law and is here to assist business owners navigating complex privacy issues.

Citations

[1] The full name of CASL is: An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities ‎that discourage reliance on electronic means of carrying out commercial activities, and to amend the ‎Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal ‎Information Protection and Electronic Documents Act and the Telecommunications Act, SC 2010, c 23.

[2] A CEM is an electronic message that, having regard to the content, hyperlinks or contact information in the message, it would be reasonable to conclude has as its purpose, or one of its purposes, to encourage participation in a commercial activity (CASL, s. 1(2)).

[3] SOR/2013-221, s. 3(a)(ii).

[4] SOR/2012-36, s. 3(1)-(2).

[5] See CASL, s. 10(9)(b).

[6] 3510395 Canada Inc. v Canada (Attorney General), 2020 FCA 103 at para 255.