Posts Tagged ‘malware’

CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline

January 14th, 2015

The “anti-spam” portion of Canada’s anti-spam/spyware law (CASL) came into on July 1, 2014. The “malware/spyware” computer program provisions come into force on January 15, 2015.

Most organizations are having very difficult times adapting to CASL’s confusing and prescriptive rules. According to a recent mini-survey conducted by the Canadian Chamber of Commerce of over 160 of its members, from responses to questions answered over 90% of Canadian organizations believe that CASL should be scrapped, amended, or at least be subject to a Parliamentary review before it becomes law. Over 80% believe it will not be effective against the most harmful sources of spam. 63% believe that it will make business more difficult for them.  Most believe CASL’s consent, disclosure and unsubscribe requirements are disproportionate and unreasonable. 56% believe CASL will impede the creation of a business environment driven by entrepreneurs that encourages jobs, growth and long term prosperity for Canadians.

CASL don’t forget about the computer program “malware” and “spyware” provisions

April 7th, 2014

Earlier today, I co-chaired the program Countdown to Canada’s Anti-Spam Legislation: Make Sure You Are Ready, jointly provided by the Ontario Bar Association and the Law Society of Upper Canada. I gave an overview of CASL focusing on the computer program provisions before moderating the “Ask the Experts” Q&A panel.

My slides on the computer program provisions are shown below.

 

The Industry Canada CASL regulations and RIAS: a lost opportunity

December 16th, 2013

If it was not clear enough before that there are many problems with CASL, it became evident when Industry Canada released the final regulations and the Regulatory Impact Analysis Statement (the RIAS). CASL takes an extremely broad “ban all” approach to regulating commercial messages and the installation of computer programs. This structure makes the exceptions particularly important because every CEM sent without consent (and following the prescribed rules) and every computer program installed on any computer (machine or device) without consent (and making the required disclosures) as part of a commercial activity will be illegal. The regulations purport to address some of the major necessarily inadvertent consequences with CASL’s breadth and structure.  See, CASL Industry Canada regulations: summary and comments. However, they fall short in many very important respects.

Evaluating the Industry Canada CASL regulations: countering cyber-security threats

February 1st, 2013

In a previous post, Evaluating the Industry Canada CASL regulations: why they are needed, I suggested that close scrutiny needs to be given to Industry Canada’s new draft Electronic Commerce Protection Regulations. CASL’s “ban all” structure makes it imperative that generous regulations be adopted to ensure that the goal’s of Canada’s new anti-spam/anti-malware law (CASL) are met. In another post, Evaluating the Industry Canada CASL regulations: how to assess them, I proposed a framework for assessing the regulations.

Evaluating the Industry Canada CASL regulations: defining commercial electronic message

January 30th, 2013

In a previous post, Evaluating the Industry Canada CASL regulations: why they are needed, I suggested that close scrutiny needs to be given to Industry Canada’s new draft Electronic Commerce Protection Regulations. CASL’s “ban all” structure makes it imperative that generous regulations be adopted to ensure that the goal’s of Canada’s new anti-spam/anti-malware law (CASL) are met. In another post, Evaluating the Industry Canada CASL regulations: how to assess them, I proposed a framework for assessing the regulations.

Evaluating the Industry Canada CASL regulations: how to assess them

January 16th, 2013

In a previous post,Evaluating the Industry Canada CASL regulations: why they are needed, I suggested thatclose scrutiny needs to be given toIndustry Canada’s new draft Electronic Commerce Protection Regulations. CASL’s “ban all” structure makes it imperative that regulations be adopted to ensure that the goal’s of Canada’s new anti-spam/anti-malware/spyware law (CASL) are met. Their adequacy and appropriateness should be measured against these and other generally recognized objectives. In this post I propose to lay out the framework for assessing the regulations.

Evaluating the Industry Canada CASL regulations: why they are needed

January 14th, 2013

Industry Canada has now published its revised draft Electronic Commerce Protection Regulations. These regulations to Canada’s new anti-spam/anti-malware/spyware law (CASL) are open for comment for a period of 30 days from the date of their publication, January 5, 2013. The regulations are helpful and a major improvement over the last draft regulations. They address some key problems with CASL. However, they don’t address all of the problems and only partially address others.

Will it be illegal to recommend a dentist under Canada’s new anti-spam law (CASL)?

January 3rd, 2012

Over the holidays I got an email from one of my relatives visiting Toronto. She asked me to recommend a dental surgeon for an unexpected tooth extraction. She also asked me to refer her to other dentists to get additional recommendations. I sent her an email with a recommendation to get treatment from a dental surgeon who I encouraged her to see and also provided the name of a family dentist who could make other recommendations. My email included a link to a website of the clinic operated by the dental surgeon. My wife sent a similar email when I told her my relative was looking for a dentist. Later that day I started wondering whether responding to this type of inquiry would be legal or illegal under Canada’s anti-spam law (CASL), once it is proclaimed into force.

Naming Canada’s Anti-Spam/Anti-Spyware Law

February 14th, 2011

Last week in a blog post I asked for suggestions to help name Canada’s new anti-SPAM and anti-spyware law, Bill –C-28. The Bill has no short title and needs one.

You clearly had fun trying to come up with a name. Some of you suggested a few names. Some suggestions were serious (more or less). Others were hysterical, many reflecting your thoughts about the Bill, or about SPAM. Here are your proposals to name the Bill.