PIPEDA Case Summary #2009-013
The complainant was perturbed by the number of unsolicited e-mails he received from a publisher marketing a Canadian directory of funding sources. Even when he asked the company to remove his various e-mail addresses from its list, the company continued to send him messages. For its part, the company contended that the complainant’s business e-mail address was not personal information and that, in any event, his e-mail addresses were publicly available.
The Assistant Privacy Commissioner established that business e-mails are personal information as defined by the Act, and as determined in an earlier complaint. Furthermore, all but one of the e-mail addresses in question could not be considered publicly available as defined in the Regulations. She concluded that the company was collecting and using e-mail addresses from the Internet without the addressee’s knowledge or consent. She recommended that the company cease this practice, and that it also cease using e-mail addresses that it had collected from other businesses in the past without consent. The company would not and did not implement the Assistant Commissioner’s recommendations.
Read more on the Office of the Privacy Commissioner of Canada.
So…. a finding is good, but where’s the enforcement power or action?