As reviewed in Part 1, since July 1, 2014, Canada's Anti-Spam Law (or CASL) has been in effect, and the software-related provisions have been in force since January 15, 2015.

In January, 2016, the Canadian Radio-television and Telecommunications Commission (CRTC) executed a search warrant at business locations in Ontario in the course of an ongoing investigation relating to the installation of malicious software (malware) (See: CRTC executes warrant in malicious malware investigation). The allegations also involve alteration of transmission data (such as an email's address, date, time, origin) contrary to CASL. This represents one of the first enforcement actions under the computer-program provisions of CASL.

The first publicized case came in December, 2015, when the CRTC announced that it took down a "command-and-control server" located in Toronto as part of a coordinated international effort, working together with Federal Bureau of Investigation, Europol, Interpol, and the RCMP. This is perhaps the closest the CRTC gets to international criminal drama. (See: CRTC serves its first-ever warrant under CASL in botnet takedown).

Given the proliferation of malware, two actions in the span of a year cannot be described as aggressive enforcement, but it is very likely that this represents the visible tip of the iceberg of ongoing investigations.