Posts Tagged ‘ECPA’

Reflections on the new CRTC CASL regulations

March 29th, 2012

Earlier this month the CRTC published its final regulations under the new Canadian Anti-SPAM legislation (CASL). The regulations have now been published in the Canada Gazette. The Commission has now also provided an explanation of its reasons for why it made, or refused to make, changes to its previously issued draft regulations.

Industry Canada has followed a separate route. Rather than finalizing its regulations, it will publish a new set of regulations to obtain further feedback from the public. In view of the significant problems identified by approximately 60 associations, companies, and organizations as well as individuals that filed submissions with Industry Canada and the Commission this approach makes sense.

Draft FISA (Anti-SPAM) regulations published by CRTC and Industry Canada (updated)

July 18th, 2011

The Canadian Anti-SPAM law (CASL or FISA) contemplated that regulations would need to be promulgated before the Act is proclaimed into force. CASL contemplated two sets of regulations: one from Industry Canada and the other from the CRTC.  The CRTC published draft regulations for comment purposes on June 30, 2011. The Commission will accept comments from interested persons that it receives on or before September 7, 2011, a date extended by the CRTC from the original date of 29 August 2011.

The CRTC draft regulations are as follows:

Rethinking CASL

May 25th, 2011

SPAM is awful.  It wastes our time. It clogs the Internet. It is full of scams, malware and fraudulent, false and misleading messages. Who wouldn’t cheer when Canada finally decided late in 2010 to outlaw SPAM and related afflictions of malware, spyware, address harvesting and sending false and misleading commercial electronic messages?

Indeed, there was much satisfaction when Canada’s anti-SPAM law, also known as FISA[2], was given royal assent on December 15, 2011.  After a lengthy and thorough review process, including consultations and Parliamentary reviews, Canadians could look forward to the toughest anti-SPAM law in the world just as soon as the regulations were finalized, which is expected this summer.

Name Canada’s Anti-Spam/Anti-Spyware Law

February 6th, 2011

Canada has a new anti-SPAM and anti-spyware law, Bill –C-28. It is a law with an inordinately long name: “An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act”.

The Bill has no short title. As a result different terms and acronyms are being used to refer to it including the ECPA, FISA, FIWSA, the SPAM Bill, the Anti-SPAM Legislation, and the Anti-SPAM and Anti-Spyware Bill.

Impacts of Bill C-28 (the new anti-SPAM and anti-spyware legislation)

January 26th, 2011

The new anti-SPAM and anti-spyware legislation (Bill C-28) will have significant implications for entities carrying on business in Canada and for entities doing business with Canadians. Its scope is very broad. Its approach to tacking the challenges posed by SPAM, malware, spyware, false and misleading representations associated with electronic messages, and harvesting of electronic address and personal information, is comprehensive.

The legislation creates significant vicarious and accessorial liability for companies and for their officers and directors with the potential for administrative penalties of up to $10 million and damages awards which can reach $1 million per day or per breach.

Canada Passes Anti-Spam and Anti-Spyware Law

January 6th, 2011

Organizations that conduct business online should start preparing for Canada’s new anti-spam and anti-spyware legislation, which was passed in mid-December and is expected to come into force later this year.1 As the Act is complex and the penalties for violating the new law can be severe, organizations should review and modify their online practices, where necessary, at an early opportunity.

Industry Committee Amends Anti-Spam Bill (ECPA)

October 27th, 2009

By Barry Sookman and James Gannon

In May of this year, we sent an e-Alert that reviewed the concerns many Canadian businesses had expressed with the first draft of Bill C-27 – the Electronic Commerce Protection Act (ECPA). The Bill was criticized for containing overly broad anti-spam and anti-spyware provisions that would have rendered illegal many common legitimate commercial practices. It would have potentially exposed businesses to millions of dollars in fines and liabilities for activities that were unrelated to sending spam emails or installing spyware programs.

Anti-Spam Bill Raises Concerns

May 12th, 2009

On May 8, 2009, the Electronic Commerce Protection Act (ECPA) received a second reading in the House of Commons. The Government of Canada had introduced the bill on April 24th. The intention of the ECPA is “to deter the most dangerous forms of spam, such as identity theft, phishing and spyware, from occurring in Canada” and to “help drive spammers out of Canada.” The bill also contains provisions intended to combat spyware by prohibiting the installation of computer programs without the consent of the computer’s owner. While the objective of the legislation is laudable, the bill’s overly broad language could circumscribe legitimate business-to-business marketing and impact software companies’ ability to deliver upgrades and patches to customers. Section 6(1) of the ECPA states that “No person shall send or cause or permit to be sent to an electronic address a commercial electronic message unless (a) the person to whom the message is sent has consented to receiving it, whether the consent is express or implied; and (b) the message complies [with specified formalities].” Unlike other international anti-spam legislation, the prohibition against unsolicited commercial messages in the ECPA is not limited to messages sent with some element of fraud or misleading information, sent with an “intent to deceive or mislead,” sent to addresses that were gathered using “automated means,” or sent in bulk.