• When CASL took effect in 2014, Canada was home to 7 of the world’s top 100 spamming organizations. By 2019, and to this date, there are no longer any Canadian organizations on that list.

  • During 2022–2023, the CRTC enforcement measures included:
    • 358 Notices to Produce.
    • 6 Undertakings.
    • 2 Notices of Violation.
    • 10 Preservation Demands.
    • 4 Warrants.
    • 3 Warning Letters.

  • Here, it is important to note that the largest exertion seems to be towards Notice to Produce. This is largely concerned with the telecommunications providers and is the bottleneck preventing more Notices of Violation. Currently, we have a section that requires these providers to provide the necessary information, but no time limit is specified. We need to impose mandatory time frames where if the documents are not procured till then, fines shall be pursued against the provider.

  • NCU

  • Currently, CASL is enforced by the CRTC, the CBC and the Office of the Privacy Commissioner of Canada. The CBC is the one who pursues monetary penalties and fines. It appears that the policy is working and has shown considerable progress since its enactment in 2014. As the RCMP and OPP continue to establish more NCU’s, we should see this number rise steeply.

  • However, the CAFC reports that only 5 - 10% of online fraud is reported. This means, if there were 63K reports processed last year, that there were actually more than 1M complaints. To fight online fraud and cyberfraud at this scale, a bigger organization is required. For example, currently, Canada’s main international partner is the FBI. Gaining partners with other countries will strengthen our ability to prosecute. Even domestically, we need to expand the CAFC, CBC and CRTC.

  • Moreover, prosecution takes too long. It took ~5 years for each the Canada Inc. and nCrowd cases. Need to speed this up.

  • I would also recommend enforcing something like the GDPR rules for privacy. These rules have helped the EU become a more privacy-centered space and thus reduced the likeliness for becoming a victim to fraud.

  • I think signing the Second Protocol was a great move, and during the next election or so, the Government should focus on ratifying it to get additional resources.

  • While researching through this project, it was very interesting to see how the law for fraud is tiny, but the policy is a monolith.

  • In comparisons with the US, I find the US Sections to be much more compendious and thorough. For example, each subsection includes a sentencing range whereas in CASL, there’s only 2-3 sections on sentencing. There were also no laws for forfeiture pursuant to computer related crimes. By confiscating the laptops and hard drivers of criminals, the RCMP and other Canadian crime authorities can track related cybercrime and mass marketing fraud rings.

  • One part that I think the Government needs to work on is spreading awareness of reporting online fraud. Before researching this topic, I didn’t have the slightest idea of where I could go to report fraud or what my digital privacy laws were. Currently, the government has taken some steps to address this, such as giving out 700 kits to their partners to give presentations to the community on this subject. They should send more kits to densely populated regions such as Toronto and Vancouver and senior care facilities.