Enforcement Highlights
CRTC issues $115,000 in penalties to stop the spread of malicious software
Recently, CRTC staff took enforcement action against Orcus Technologies and its partners John Paul Revezs and Vincent Leo Griebel, who developed, marketed and sold the Orcus RAT. Following this investigation, the Chief Compliance & Enforcement Officer issued Notices of Violation with total administrative monetary penalties of $115,000 for contraventions of section 9 of CASL.
Remote Access Trojans (RATs) are a type of malware that causes significant harm to Canadians. RATs are used by malicious actors to control computer systems without the owner’s consent, contrary to Canada’s anti-spam legislation.
As part of this investigation, CRTC staff cooperated with domestic and international law enforcement agencies, including the RCMP, the US Federal Bureau of Investigation and the Australian Federal Police, as well as private cyber-security firms. This complex investigation demonstrated the benefits of cooperation among law enforcement in addressing global threats.
Staying Vigilant over COVID-19 Scams
The CRTC investigates those who send commercial electronic messages without the recipient’s consent or install programs on computer systems without express consent. This includes malware, spyware and viruses in computer programs or spam messages, or downloaded through infected Web links.
Agencies worldwide have seen a spike in scam activity related to the COVID-19 pandemic. CRTC staff is working to identify malicious sites associated with the pandemic and working with partners to have them shut down, helping to protect Canadians. In addition, the CRTC is using its social media platforms to advise Canadians to stay vigilant against emerging scams related to COVID-19 and how to report them.
Enforcement Measures
- 2 Notices of Violation
- 131 Notices to Produce
- 3 Preservation Demands
- $115,000 in Administrative Monetary Penalties
Administrative Monetary Penalties
Since CASL came into force in 2014, enforcement efforts have resulted in administrative monetary penalties totaling nearly $1.3 million. Of this amount, $568,000 has been paid as part of negotiated undertakings.Footnote 1
Complaints to the Spam Reporting Centre…
EU confirms PIPEDA’s adequacy status under the GDPR
In a Report issued two weeks ago,[1] the European Commission advised that i…