Canada’s anti-spam legislation took effect at the beginning of the month, sparking a steady stream of critical opinion pieces calling it an absurd solution to a mostly non-problem or “ludicrous regulatory overkill.” The criticisms generally boil down to three claims: spam isn’t a big problem, the law is ineffective because most spam originates outside Canada, and the law is overbroad because it targets legitimate businesses alongside fraudulent spam. I think all three criticisms are wrong. This post addresses why spam is still a problem and how the law will help. A second post tomorrow tackles the broad scope of the law, arguing that it is better understood as privacy legislation that fairly apportions the costs associated with electronic marketing.
Read more ›
With Canada’s anti-spam law now in effect, many are starting to ask about enforcement of the law. While no one should expect the law to eliminate spam, the goal much more modest: target the bad actors based in Canada and change the privacy culture by making opt-in consent the expected standard for consumer consents. The CRTC, the lead regulatory agency, has made it clear that the fear-mongering of million dollar penalties for inadvertent violations is not going to happen. Chair Jean-Pierre Blais recently stated:
Read more ›
Canada’s anti-spam legislation takes effect this week, sparking panic among many businesses, who fear that sending commercial electronic messages may grind to a halt on July 1st. The reality is far less troubling. The new law creates some technical requirements for commercial email marketing alongside tough penalties for violations, but left unsaid is that Canadian law has featured rules requiring appropriate consents for over a decade.
My weekly technology law column (Toronto Star version, homepage version)The concern over the new anti-spam law, which mirrors similar worries from 2004 when private sector privacy legislation arrived, suggests that many may not have complied with their existing obligations. As Canadians receive a flood of requests for consent from long-forgotten organizations they never realized had collected and used their personal information in the first place, the controversy over the rollout of the new anti-spam law says more about poor compliance rates with current privacy laws than it does about the new regulations.
Read more ›