On May 17, 2005, the National Task Force on Spam, which included stakeholders from the across the spectrum including the Canadian Marketing Association, ITAC, Bell, CAIP, and consumer groups, presented its final report to then-Industry Minister David Emerson. The unanimous report included the following recommendation:
There should be an appropriate private right of action available to persons, both individuals and corporations. There should be meaningful statutory damages available to persons who bring civil action.
The inclusion of a private right of action was no small matter. I was a member of the Task Force and recall discussion of lawsuits launched in the United States by large ISPs and Internet companies such as Microsoft and Amazon that had proven effective. It took nine years for the task force recommendations to become law when all parties – Conservative, Liberal, NDP and Bloc – supported the resulting legislation. The private right of action provision was to have taken an additional three years as the Conservative government chose to delay its implementation until July 2017 to give businesses three years to ensure compliance with Canada’s anti-spam law.
Yesterday, Innovation, Science and Economic Development Minister Navdeep Bains indefinitely suspended the private right of action before it could take effect. In doing so, Bains blocked important consumer redress for harmful spam and spyware that would have supplemented enforcement efforts overwhelmed by spam complaints. Bains indicated that the statutorily-mandated review of the law, which is required after three years, will be used to assess the law and the private right of action (the Canadian Federation of Independent Business holds out hope that it will be struck down permanently).
Read more ›
Canada’s anti-spam legislation has long been the law that Corporate Canada loves to hate. Months before it was slated to take effect in 2014, there were ominous warnings about how regulation would bring commercial e-mail to a screeching halt, banning everything from large-scale business marketing efforts to emails promoting a neighbourhood lemonade stand.
My regular Globe and Mail technology op-ed notes that nearly three years later, e-mail marketing is alive and well in Canada as many have adjusted to the tougher privacy standards that require informed consent prior to sending commercial electronic messages. Moreover, in a world where malware and ransomware have become serious cybersecurity threats touching millions of Internet users, the inclusion of antimalware provisions has proven prescient since they give authorities the legal tools to participate in global enforcement efforts.
Read more ›
The Trouble with the TPP and privacy, which includes weak privacy laws, restrictions on data localization, bans on data transfer restrictions, and a failure to obtain privacy assurances from the U.S., also includes the agreement’s weak anti-spam standards. Given the fact that nearly all TPP countries have some form of anti-spam law (with the exception of Brunei), the inclusion of anti-spam provision in the TPP was not surprising, yet the agreement sets the bar far lower than that found in many countries. Article 14.14 states:
Each Party shall adopt or maintain measures regarding unsolicited commercial electronic messages that:
(a) require suppliers of unsolicited commercial electronic messages to facilitate the ability of recipients to prevent ongoing reception of those messages;
(b) require the consent, as specified according to the laws and regulations of each Party, of recipients to receive commercial electronic messages; or
(c) otherwise provide for the minimisation of unsolicited commercial electronic messages.
The TPP provision features two key requirements: anti-spam laws that provide for a binding unsubscribe mechanism and some form of consent. Yet with the standard of consent left wide open, countries are free to adopt weak, ineffective standards and still comply with the TPP requirements. In fact, since spam raises global concerns that frequently requires cross-border co-operation, the TPP would have been an ideal mechanism to strengthen international anti-spam rules and enforcement.
Read more ›
The launch of Canada’s anti-spam law generated considerable criticism suggesting that the law was unenforceable and would not have a discernible impact on spam. Recent enforcement actions by the CRTC and the Competition Bureau, which led to millions on fines, demonstrates that the law can be used to target businesses that run afoul of the law. Now a new study from Cloudmark, a network security firm, concludes that there was a significant drop in spam originating from Canada once the law took effect. Moreover, Canadians received considerably less email after CASL was implemented. Cloudmark states:
Read more ›
As the launch of the Canadian anti-spam law neared last spring, critics warned that enforcement was likely to present an enormous challenge. Citing the global nature of the Internet and the millions of spam messages sent each day, many argued that enforcement bodies such as the Canadian Radio-television and Telecommunications Commission and the Competition Bureau were ill-suited to combating the problem.
My regular technology law column (Toronto Star version, homepage version) notes that in recent weeks it has become increasingly clear that the CRTC and the Bureau can enforce the law against companies that send commercial emails that run afoul of the new legal standards. Those agencies have completed three enforcement actions against Canadian businesses that point to the risks of millions of dollars in fines for failing to obtain proper consent before sending commercial messages, not granting users the ability to unsubscribe from further messages, or sending false or misleading information.
Read more ›