CRTC fines firms for online advertising malware
The Canadian Radio-television and Telecommunications Commission has fined two companies under Canada's Anti-Spam Legislation for installing malicious software through online advertising. According to the commission, this is the first time it has taken an enforcement action of this kind. The two companies, real-time bidding service Datablocks and online advertising network Sunlight Media, have been issued notices of violation and fines of $100,000 and $150,000 respectively.
According to the CRTC, Sunlight Media accepted unverified, anonymous clients who used their services to distribute malware, while Datablocks provided Sunlight Media clients with the infrastructure and software to manage the placement of their ads. Neither had monitoring measures in place to prevent misuse of their services, or written contracts that bound clients to compliance with anti-spam law. Both were warned by the CRTC to implement these safeguards in 2016.
"As a result of Datablocks and Sunlight Media's failure to implement basic safeguards, simply viewing certain online ads may have led to the installation of unwanted and malicious software," said Steven Harroun, chief compliance and enforcement officer at the CRTC. "Our enforcement actions send a clear message to companies whose business models may enable these types of activities. Businesses must ensure their commercial activities do not jeopardize Canadians' online safety."