The introduction last spring of Bill C-27 – the Electronic Commerce Protection Act – represented the culmination of years of effort to address concerns that Canada is rapidly emerging as a spam haven. Industry Minister Tony Clement’s anti-spam bill has steadily made its way through the legislative process, with the Standing Committee on Industry likely to conduct its final "clause by clause" review over the next two weeks.
Although support for anti-spam legislation would seemingly be uncontroversial, my weekly technology law column (Toronto Star version, homepage version) notes that various business groups have mounted a spirited attack against the bill, claiming requirements to obtain to user consent before sending commercial email will create new barriers to doing business online. The Conservative MPs on the committee have remained supportive of the bill, yet Liberal MPs have expressed growing concern about some of the bill’s provisions.
A close examination reveals that the bill sets reasonable limits for online marketing consistent with laws found in countries such as Australia, New Zealand, and Japan. In fact, there are four major caveats to the consent requirement.
First, the bill includes a business-to-business exception so that businesses that send commercial email to other businesses are immediately exempt from the need to obtain consent.
Second, the bill only applies to commercial email. Non-commercial email between friends, family, and colleagues is excluded.
Third, a wide range of business-to-consumer commercial email is also outside the ambit of the bill. For example, businesses can rely on "implied consent" to contact existing customers for a full 18 months and even contact non-customers who merely make an inquiry for six months. In other words, simply inquiring about long distance plans or hotel room availability opens the door to six months of electronic messaging under the guise of implied consent.
Fourth, all other commercial messaging to consumers is permitted – there are no limits – so long as the business has obtained prior consent. There are some form requirements, but nothing that should be considered particularly onerous.
Notwithstanding the implementation of similar opt-in systems elsewhere, some Canadian businesses argue that obtaining prior consent is problematic. These groups would prefer an "opt-out" approach whereby they could continue to send electronic messages to consumers and force them to request that no further messages be sent.
Whenever such concerns are raised, politicians would do well to ask a simple question – is obtaining consumer consent really so unreasonable? It is unreasonable to obtain consent before sending a commercial message about a new service or product? Is it unreasonable to obtain consent before installing software on a personal computer? In most instances, the answer is no.
Canadians frustrated with the lobbying against the anti-spam bill can be forgiven for experiencing a sense of déjà vu since it bears a striking similarity to the efforts to water down Canada's do-not-call list. When the bill establishing the do-not-call list was first introduced, it featured strict limitations on unwanted telemarketing.
However, after weeks of business lobbying, the bill was gutted with new exceptions for business relationships, charities, political parties, polling companies, and newspapers. The end-result is that the majority of telemarketing calls remain perfectly legal, despite the inclusion of millions of phone numbers on the Canadian do-not-call list.
History may repeat itself this week with the anti-spam bill. While this should be a non-partisan issue, reservations from some opposition MPs about the content of the bill suggest that Canada’s contribution to the fight against spam is still far from a done deal.
And how is a business going to obtain that consent? Under the proposed legislation, the business can’t call you or write you to ask for permission. The bill only permits “pull” – no push.
“And how is a business going to obtain that consent?”
Um, they can ask you at the same time they ask you for your email address.
Michael,
I have been looking for more info about your statement, “Liberal MPs have expressed growing concern” but my searches keep pointing back to your blog post. Would you please provide some info about which MPs and what concers have been expressed?
Thanks
Charities are spammers, too
Some of the most persisten spammers are charities. I’d like to block them as well.
Consent?
A smart business man will start to collect consent forms from all his clients prior to the last call of the legislation.
@said, I’m not sure when I last filled in a web form for a company and didn’t have to uncheck the “may we send you spam” checkbox. As mentioned above, obtaining consent is trivial. The real issue for most of these businesses is that they haven’t been ethical in their practices to date, and haven’t been getting consent for their existing lists—but as far as I am concerned, if they weren’t ethical in obtaining the address lists, then they aren’t in any position to complain.
Of course all this is besides the point. Unlike the do-not-call list, in the case of the anti-spam bill, opt-out is worse than no bill at all. Choosing to join the DNC does not confirm your phone number as active to criminal and unethical telesellers; opting out of a spam-list does. An opt-out anti-spam bill is actually a “legalize spamming” bill.
I am wondering though. Should Canada introduce pro-spam legislation, would that be grounds for those companies with anti-spam legislation (NZ, AU, JP, etc) to seek to introduce punitive trade sanctions in response to Canada officially harboring these electronic criminals?
They should get consent
An opt-out policy is not unlike some of the billing schemes that have been used in the past, and continue in some cases. For instance, Rogers Pay As You Go includes voicemail; you need to opt out of it. They charge you airtime when a call goes to voicemail, and when you retrieve one from voicemail. There was a case of, in the mid-90s where Rogers Cable added some new specialty channels to their customers and they had to opt-out…
As far as the first comment about how a business is going to get consent? Simple. Ask a customer when they initiate contact. Andrae is correct; an opt-out system is worse than no system because of exactly the rationale given.
That the industry most affected is trying to get is watered down is hardly surprising. People are often supportive of laws that affect the actions of others but don’t affect their own actions.
Anon-K
No, you don’t get charged for airtime going to your voicemail and you don’t pay for airtime if you retrieve your voicemail from a landline.
The problem with the legislation is that it does nothing to stop the real problem spam but targets legitimate business. Where is the evidence?
Do Not Call List – Reply to Andrae Muys
Just to clarify the Do Not Call List implications – revealing a list of residential, unlisted and cell phone numbers to telemarketers was lunacy. The DNCL was a disaster, and was, in every meaningful way, as stupid as if the government were to sell a list of all of our email addresses to spammers. Foreign robocallers depend on having an electronic version of the list, and want to target primarily residences rather than unused, business, fax and emergency numbers. The CRTC did the legwork for them, harvesting and distributing our phone numbers for nominal cost.
The CRTC was told that the list would be immediately abused, and turned into a calling list, but they chose to break their the law by covering up the expert testimony from other jurisdictions. Why did they do this? Because the telcos want to make money selling privacy services – and the CRTC buffoons want to get hired by the telcos as payola. One such hiring took place in the middle of the DNCL proceedings. They are apparently accountable to no-one but themselves – a recipe for the worst kind of government. Why does this travesty not receive more publicity? What broadcaster would risk their license crticizing the CRTC? Time and again, broadcast reporters deem this problem to be extremely newsworthy, but are shot down when they take the story to their editors. This climate of fear is how dictatorships begin.
@ .
Two points.
First, did you bother to read the Rogers TOS???
“Local airtime at the applicable rates will apply to voicemail deposits/retrievals. Long distance and/or roaming fees will also apply to voicemail retrieval as applicable.” (From the Rogers website. http://www.rogers.com/web/content/wireless-products/paygo_rates?content10=paygo_rates
You need to click on the legal disclaimers tag to find it.)
It appears that, if you pay the $7 per month on a plan, NOT PAYG, that you may not be charged airtime, but I suggest you re-read my posting, where I specifically mentioned PAYG.
Second. Frankly, what legitimate business wants to piss off their potential customers? In general, business spammers do it because it is dirt cheap; they shift some of the price of delivery to the potential customer rather than bear it themselves, and the payoff is greater than that reduced cost. I don’t pay to have Canada Post deliver junk mail to my house; that cost is borne by the junk mail sender. I do, however, pay for an internet connection and am therefore bearing a portion of the cost of the delivery (to the tune of a percentage of what I download in the month… If my connection costs $25 per month and half of what I download is in spam and tracking cookies, then I paid $12.50 for someone else’s marketing activities).
However, agreed it isn’t likely to reduce the amount of spam received appreciably, it’ll just move the production to another jurisdiction. Does that, however, equate to targeting businesses? Well, if you are in the “direct marketing” business (read contract spam sender), then yes it does. Otherwise, not really, save that, if done like the DNCL, if a “regular” business employs an off-shore spammer to send of their behalf, the “regular” business is also liable.
Clause 4?
The IT security industry goes to great lengths to get the public to NOT click on Opt-out links, then we read about the bad experiences over the do-not-call registry and “evil” companies using it as a calling list. Now some companies (reputable I’m sure :P) want to force us to receive their junk unless we opt-out??