Michael Geist loves Canada’s anti-spam law (CASL). He was one of the first witnesses called by the Government to support it (then Bill C-27) when it came before the Standing Committee on Industry, Science and Technology. He told the Committee to resist attempts to change it. He later urged Minister Moore not to listen to the tsunami from across all sectors of Canadian society to fix CASL calling the criticisms Festivus grievances, Now that CASL is law and the public is ridiculing it calling it, among other things, a Monty-Python-esque farce and Spamaflop, deeply stupid, and a sledgehammer that is ludicrous regulatory overkill, he once again tries to defend it. If anyone could defend CASL, it would be Michael Geist. However, CASL is indefensible and his attempts to defend it clearly show there is no policy basis on which it can be justified and that It should be scrapped or amended.
In his blog post In Defence of Canada’s Anti-Spam Law, Part One: Why Spam is Still a Problem and the New Law Will Help Michael Geist argues there is a lot of spam and it costs a lot of money to deal with. The study he relies on to describe the problems with spam defines spam as “messages from economic agents who do not have a previous relationship with the customer and who do not offer opt-out provisions.” It identifies the dominant source of spam, much of which is fraudulent, to be botnets operated from overseas. He links to the Register of Known Spam Operations which states that 80% of spam received by Internet users in North America and Europe can be traced via aliases, addresses, redirects, locations of servers, domains and dns setups, to a hard-core group of around 100 known spam operations, of which 7 are in Canada.
Michael Geist doesn’t even try to argue that the anti-spam provisions in CASL will be effective against these foreign spammers. His only claim is that “laws with tough penalties can reduce domestic-originating spam”.
It is also obvious that CASL’s anti-spam provisions are unnecessary to deal with the seven Canadian based spam threats he refers to, assuming they still exist. Given their business methods, the new address harvesting amendments in PIPEDA, the amendments to the Competition Act that target misleading electronic messages, and the new provisions in CASL which make it illegal to alter transmission data in electronic messages, would likely be enough. Further, in light of the nature of these messages which are sent by economic agents who “do not have a previous relationship with the customer and who do not offer opt-out provisions”, there is no need for CASL’s “ban all” express based consent regime and the information and unsubscribe formalities prescribed by CASL and the CRTC regulations. The fact is, these criminal spammers could never muster any color of right to send messages even if CASL only prohibited sending a commercial electronic message without any prior contact, or consent, express, implied, opt-out, inferred or otherwise.
Michael Geist, in fact, properly concedes in his second blog post In Defence of Canada’s Anti-Spam Law, Part Two: Why the Legislation Is Really a Consumer Protection and Privacy Law in Disguise that CASL’s breadth cannot be justified “if the law were only designed to deal with harmful spam”. He now says that CASL’s consent regime is “Privacy Law in Disguise”. He says its real purpose was “to recalibrate who bears the costs associated with the use of personal information in the digital environment.” In particular, his argument is that CASL’s anti-spam regime was premised on a purely economic policy rationale, a policy of reducing consumers’ costs of receiving commercial emails from legitimate businesses they gave consents, but not express consents, to send. He says:
The third – and currently most controversial – aspect of the law is the update to Canadian privacy standards on consent for emails from legitimate businesses. Before CASL, most of the costs of commercial electronic messages were borne by consumers. With weak “implied consent” standards (as evidenced by the many unexpected opt-in emails Canadians received from organizations that harvested email addresses in a myriad of ways with little real awareness or consent from consumers), businesses sent messages safe in the knowledge that consumers would bear virtually all the costs…
…for consumers, the cumulative effect of hundreds or thousands of emails from different organizations adds up to a non-trivial cost. Multiplied by millions of consumers who each face the same thing and the off-loaded cost on consumers becomes significant…
The new Canadian law re-calibrates this approach by giving consumers greater control over the costs they bear from commercial email. By shifting to an opt-in approach, the costs associated with receiving and dealing with email better reflects consumer choice since consumers only incur the costs for those commercial emails for which they have expressly provided consent…
There is a cost to consumers for the receipt of commercial email from legitimate businesses. For over a decade, businesses have effectively off-loaded those costs. CASL seeks to create a more equitable balance, leading to support from many Canadians but opposition from business….
Some may still disagree with the policy rationale or the privacy balance struck by CASL. However, what should be obvious to all is that the law is about far more than just harmful spam. The application to legitimate businesses is not an unintended consequence but rather a well-considered policy decision to update Canadian privacy standards by more fairly apportioning the costs associated with the use of personal information.
Michael Geist’s claims that CASL was based on “a well-considered policy decision” to target legitimate businesses and that it can be justified by reducing consumers’ costs in the ways he describes does not hold up to scrutiny.
First, his claims are completely at odds with the Government’s consistent stated policy rationale for CASL’s anti-spam regime which was to address the most damaging and deceptive forms of spam. For example:
- When Bill C-28 (CASL) was introduced the Government Backgrounder: explained CASL’s purpose saying
“The intent of the new law is to deter the most damaging and deceptive forms of spam from occurring in Canada.”
Spam includes more than unsolicited commercial messages. It has become the vehicle for a wide range of threats to online commerce affecting individuals, businesses and network providers. It can lead to the theft of personal data to rob bank and credit card accounts (identity theft); online fraud luring individuals to counterfeit websites (phishing); the collection of personal information through illicit access to computer systems (spyware); and false or misleading representations in the online marketplace…
Will the new law eliminate spam in Canada? If not, by how much will it be reduced?
While it is not expected that the new law will eliminate spam altogether, business and consumers will see a reduction in the amount of spam received. The intent of the law is to deter the most damaging and deceptive forms of spam from occurring in Canada and help drive spammers out of Canada.
- When Bill C-28 became law in 2010, the Government Backgrounder described CASL as “legislation designed to reduce the most damaging and deceptive forms of spam and other activities that discourage electronic commerce”.
- In January 2013, Industry Canada published a draft Regulatory Impact Analysis Statement when it published the revised GIC regulations. It stated: “The general purpose of Canada’s Anti-spam Legislation is to encourage the growth of electronic commerce by ensuring confidence and trust in the on-line marketplace. To do so, the Act prohibits damaging and deceptive spam, spyware, malicious code, botnets, and other related network threats.”
- The final Regulatory Impact Analysis Statement published at the time the GIC regulations were finalized in December 2013 similarly stated: “The general purpose of Canada’s Anti-spam Legislation (CASL) is to encourage the growth of electronic commerce by ensuring confidence and trust in the online marketplace. To do so, the Act prohibits damaging and deceptive spam, spyware, malicious code, botnets, and other related network threats.”
- The Explanatory Note to the Order in Council which fixed the date for bringing CASL into force described its objective as “To bring into force legislation that is intended to deter spam and other damaging and deceptive electronic threats such as identity theft, phishing and spyware from occurring in Canada and to help drive spammers out of Canada”
- In April of this year the Government unveiled its digital strategy for Canada. Its Digital Canada 150 report extolled the virtues of CASL stating: “We passed Canada’s world-leading anti-spam law, which comes into force July 1, 2014, to protect Canadians from malicious online attacks.”
Second, even assuming that CASL’s anti-spam regime was premised on the “disguised” policy rationale he describes, that rationale would also be indefensible. One can hardly justify a law with “funny math” that inflates benefits and completely ignores costs.
Michael Geist claims that legitimate businesses send consumers hundreds of millions, billions or tens of billions of unwanted emails each year based solely on “weak implied consent standards” (“the cumulative effect of hundreds or thousands of emails from different organizations” “Multiplied by millions of consumers who each face the same thing”.) This claim bears questioning. He cites no research or studies including any Canadian Government studies to back up the claim that legitimate businesses (not the infamous foreign spammers) who have implied but not express consents to send Canadian consumers electronic messages send such a volume of messages. Further, his claim assumes that these messages are unwanted even though consumers gave businesses consents to use their personal information to send them these messages and even though consumers have rights at any time to opt-out of receiving further CEMs under PIPEDA and other provincial privacy legislation.
Michael Geist does not purport to quantify, or suggest that the Government quantified, the costs to consumers of receiving electronic messages they consented to receive and have the right to opt-out of, but do not really want. He just says that they are ‘significant” and without more contends the costs are sufficient enough to justify CASL’s anti-spam rules.
Michael Geist also fails to address that any sound policy rationale for an anti-spam law that targets legitimate organizations would have to weigh the costs which consumers were supposed to save with the expected society wide costs of CASL. He does not purport to argue that the so called benefits of targeting legitimate businesses and other organizations with rules designed to penalize criminal spammers outweigh CASL’s costs. These costs include the following.
- CASL imposes significant costs and creates impediments to small businesses and entrepreneurs. According to Dan Kelly, the president of the Canadian Federation of independent Business (CFIB), many small businesses are struggling to figure out how to make their businesses viable in the new CASL world. They don’t regard themselves as spammers and don’t have the resources to implement compliance policies or learn complicated rules that mirror anti-money laundering policies banks have to put in place. See, Barry Sookman CASL’s effect on small business, and Evaluating the Industry Canada CASL regulations: the B2B exception (Part I-SMEs). Moreover, CASL places manacles on how small businesses can reach out to others to promote their products including to potential customers, partners, and even to family and friends. See, Barry Sookman, Evaluating the Industry Canada CASL regulations: family relationships and personal relationships.
- The hidden costs associated with CASL cannot be underestimated. Marketing and other e-mail lists have been decimated. See, Jeremy Miller, Canada’s Anti-Spam Law Decimates Email Lists: How To Rebuild; and Kerry George, Truths And Misconceptions About Email Marketing And CASL. Jim Murray in a blog post last week, Real Help For Your CASL Dilemma, summarized the plight of businesses, particularly small businesses stating “They have, in essence, become victims of ‘paralysis by analysis’, and have no idea what constitutes a safe, compliant way forward. They are facing the grim reality that their databases which, for many of them, are the lifeblood of their businesses are being decimated and they are being forced into many hours of extra work to comply with the government’s outrageous demands vis a vis this legislation.”
- Since consumers had consented to receiving these CEMs in the first place, one would have to infer, and experience with CASL is already showing, that many consumers will no longer receive messages they want and thus have to bear the costs and frustrations of being cut off of newsletters, fan club updates, special promotions, and product announcements from manufacturers, suppliers, distributors, retailers, entertainers, charities, and other businesses and organizations they are interested in. As Patricia Morgan pointed out in a blog post last week, Canadian Anti-spam Law has Good Intentions “not for profits and small businesses trying to make an honest living will lose many of their long standing contacts. I went from over 1800 contacts to a few hundred replying to my request. I have had a number of people tell me that they missed my request among the flood of emails they received from others asking for permission.” This point was echoed in another blog post also published last week which concluded that “Unfortunately, it seems that legitimate Canadian businesses, those that consumers probably want to hear from, are going to suffer. See, Ashley Salvador, Canadian Anti Spam Law (CASL): An Open Dialogue.
- Businesses who can no longer send out CEMs, particularly to consumers who consented to receiving them in the first place and never opted out after receiving CEMs, would be expected to lose sales. This is bad for everyone including the businesses, consumers (who don’t get the chance to buy products or services they may have wanted), employees who rely on their employers to succeed in business for their jobs, and governments who collect sales, income and other taxes when businesses succeed.
- CASL imposes financial tolls on companies that have to implement compliance programs. According to Scott Smith, the Canadian Chamber of Commerce’s director of intellectual property and innovation policy, some bigger businesses peg the initial costs of becoming compliant at up to $10 million. The costs would be smaller for small businesses, not taking into account the losses of potential new business. See, Ernie Smith, As Canada’s Anti-Spam Law Hits, Groups Warn of Side Effects. According to Dan Kelly of the CFIB at least one small business pegged its compliance costs as being between $30,000 to $50,000. That’s the cost of getting compliant; it’s not the ongoing compliance costs. Multiply all of this by just about every Canadian organization and sole proprietors carrying on a business and you have a very big number.
- CASL’s restrictions on commercial speech and the new restrictions associated with prospecting for customers limits information dissemination to buyers about products and services that are the lifeblood of a competitive market economy. When information is restricted competition is reduced which leads to less innovation, higher prices, and poorer choices for consumers and other buyers of goods and services.
- There are costs to non-business organizations such as charities and other not for profit organizations who also have to comply with the rules. This was emphasized in an editorial last week in the Vancouver Sun Anti-spam law resolves little by Victoria Times who concluded “Unlike the new legislation, which, unless it is altered, has the potential to create more problems than it prevents”.
- The chill associated with CASL is causing other collateral damage that cannot be dismissed. For example, HR recruiters are concerned that CASL makes it more difficult for them to respond to individuals seeking employment. See, The Canadian Anti-Spam Law (CASL)( and how it’ll hurt your job search. Journalists are concerned that PR firms and businesses, and especially small businesses, will stop sending them story ideas about their products and services. See, Christine Persaud, Is Canada’s Anti-Spam Legislation Working? Estates lawyer Jennifer Corak in a post CASL and Estates Law warns that due to the broad nature of the definition of a commercial electronic message, an email notifying a beneficiary that they are entitled to a share in an estate may be a commercial electronic message which cannot be sent without a prior require consent. Some claims made about CASL are not true or are exaggerated. This will undoubtedly also chill legitimate communications that CASL does not bar, or only places formalities on. However, this is an inevitable consequence of the law which has broad and undefinable scope and intimidating remedies and are real costs that have to be factored into any cost/benefits analysis of CASL.
Third, even assuming that there was a policy rationale to target criminal spammers and legitimate businesses and other Canadian organizations in the same law, sound policy would have dictated intimidating remedies against the criminal spammers and more calibrated remedies against legitimate Canadian organizations. CASL treats domestic legitimate businesses including small businesses and not for profit organizations as if they are the foreign purveyors of damaging and fraudulent spam. This has resulted in a law that was described as being best “understood as a draconian, Canadian hybrid of the U.S. Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (“CAN-SPAM”) and the Telephone Consumer Protection Act of 1991 (“TCPA”)”. See, New Canada Anti-Spam Legislation (CASL): A Litigation Perspective.
Fourth, the Charter right to freedom of expression protects commercial speech. Accordingly, society at large would be expected to absorb some costs of receiving commercial emails because of the attendant benefits of free speech. Yet, the policy rationale Michael Geist claims is behind CASL does not take these Charter values into account. It’s no wonder that there is a petition that seeks to repeal CASL calling CASL’s impingement on free speech as “an attack on arts and culture”. See, Tom Harrison, ‘Beyond Orwellian’ federal anti-spam law is an attack on the arts, say indie artists. Kerry George in a blog post published last week, Truths And Misconceptions About Email Marketing And CASL, is even more acerbic about CASL in her post devoted to clearing up misconceptions about CASL. She states “The corrupt anti-social law is not only a nuisance, it is in direct violation of your constitutional rights.” She concludes with the following misconception:
Misconception #7 – CASL is good for us.
Truth – CASL does not stand for Canadian Anti-Spam Legislation.
CASL = Canadians Are Silenced Legislation!
Fifth, a question Michael Geist does not answer is why would the policy rational he says exists be disguised? Is he claiming that the Harper Government and the officials at Industry Canada misrepresented (disguised) the purposes of CASL in order to sell it to Canadians? Or is Michael Geist’s policy rationale a last ditch Hail Mary attempt to find a disguised rationale to defend CASL’s anti-spam rules now that the official rationale has been totally discredited?
We may never know the answer to these questions. But, what is now obvious is that CASL is a “Spamaflop”, a “deeply stupid” “sledgehammer” that “is ludicrous regulatory overkill”. Even its greatest defender comes up empty in trying to justify it. The Government should promptly suspend CASL’s operation until a Parliamentary Committee or special committee can review it and make recommendations on whether to kill it permanently or how to fix it. The Government could instead refer it to the Supreme Court of Canada for an opinion on CASL’s constitutionality. Either way, Canadians of all stripes would be put out of the collective misery of dealing with CASL.
For more information about CASL, see, CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline.