Over the holidays I got an email from one of my relatives visiting Toronto. She asked me to recommend a dental surgeon for an unexpected tooth extraction. She also asked me to refer her to other dentists to get additional recommendations. I sent her an email with a recommendation to get treatment from a dental surgeon who I encouraged her to see and also provided the name of a family dentist who could make other recommendations. My email included a link to a website of the clinic operated by the dental surgeon. My wife sent a similar email when I told her my relative was looking for a dentist. Later that day I started wondering whether responding to this type of inquiry would be legal or illegal under Canada’s anti-spam law (CASL), once it is proclaimed into force.
Archive for the ‘E-commerce’ category
The Canadian Anti-SPAM law (CASL or FISA) contemplated that regulations would need to be promulgated before the Act is proclaimed into force. CASL contemplated two sets of regulations: one from Industry Canada and the other from the CRTC. The CRTC published draft regulations for comment purposes on June 30, 2011. The Commission will accept comments from interested persons that it receives on or before September 7, 2011, a date extended by the CRTC from the original date of 29 August 2011.
The CRTC draft regulations are as follows:
The leaders of the G8 concluded their meetings last week with a renewed commitment to freedom and democracy. They released a declaration dealing with a variety of topics including the importance of the Internet and intellectual property as catalysts to innovation. The declaration also highlights the challenges of maintaining the privacy and security of networks and network communications.
The declaration on the Internet made the link between the Internet and innovation as follows:
For business, the Internet has become an essential and irreplaceable tool for the conduct of commerce and development of relations with consumers. The Internet is a driver of innovation, improves efficiency, and thus contributes to growth and employment…
You clearly had fun trying to come up with a name. Some of you suggested a few names. Some suggestions were serious (more or less). Others were hysterical, many reflecting your thoughts about the Bill, or about SPAM. Here are your proposals to name the Bill.
Canada has a new anti-SPAM and anti-spyware law, Bill –C-28. It is a law with an inordinately long name: “An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act”.
The Bill has no short title. As a result different terms and acronyms are being used to refer to it including the ECPA, FISA, FIWSA, the SPAM Bill, the Anti-SPAM Legislation, and the Anti-SPAM and Anti-Spyware Bill.
The new anti-SPAM and anti-spyware legislation (Bill C-28) will have significant implications for entities carrying on business in Canada and for entities doing business with Canadians. Its scope is very broad. Its approach to tacking the challenges posed by SPAM, malware, spyware, false and misleading representations associated with electronic messages, and harvesting of electronic address and personal information, is comprehensive.
The legislation creates significant vicarious and accessorial liability for companies and for their officers and directors with the potential for administrative penalties of up to $10 million and damages awards which can reach $1 million per day or per breach.
Organizations that conduct business online should start preparing for Canada’s new anti-spam and anti-spyware legislation, which was passed in mid-December and is expected to come into force later this year.1 As the Act is complex and the penalties for violating the new law can be severe, organizations should review and modify their online practices, where necessary, at an early opportunity.
Canadian controls over the export or transfer of goods, software and technology containing or designed to work with encryption continue to present challenges for Canadian companies. Export permits must be applied for and obtained in order to export information security items or transfer any related technology from Canada to destinations other than the United States. Canada’s Export Control List identifies the goods and technology covered by these requirements and imposes a very low threshold of control — encryption with key lengths in excess of 64 bits (in the case of symmetric algorithms). Further, the available exemptions for mass market items and technology and software in the public domain may only be relied upon in very limited circumstances.