Businesses Think Anti-Spam Law Should Protect Them, Not Consumers

For the past month, business groups from across the country have waged an extraordinary campaign against Canada’s anti-spam legislation. With the long overdue law likely to take effect by year-end, groups such as the Canadian Chamber of Commerce, the Canadian Federation of Independent Business, and the Canadian Marketing Association, have launched an all-out blitz to carve out large loopholes in the law and exempt highly questionable conduct.

My weekly technology law column (Toronto Star version, homepage version) notes that the business groups’ chief concern is that the law moves Canada toward a stricter “opt-in” privacy approach that requires marketers to obtain customer consent before sending commercial electronic messages. The move will provide Canadians with greater control over their in-boxes, while also resulting in more effective electronic marketing campaigns for businesses.

Businesses claim the changes will be costly and out-of-step with the rest of the world, but the reality is that Canada is playing catch-up years after most other developed countries implemented similar safeguards.  The opt-in approach can be found in many countries including Australia, the United Kingdom, the European Union, and Japan, who have all recognized that weaker opt-out models (that permit marketing until a consumer proactively asks for it to stop) simply don’t provide effective protection.

Moreover, the government has added numerous safeguards for business to the law. The general requirement may be opt-in consent, but there are many exceptions that allow for softer, implied consent. These include exceptions for existing business relationships, personal and family relationships, business-to-business emails, and third-party referrals. 

In fact, there is even an exception for email addresses that have been posted online without a notice that the poster does not wish to receive unsolicited commercial email. For companies seeking to develop lists of potential contacts, this exception ensures that will remain a possibility.

In addition to the exceptions, the business community has been granted years to comply with a transition period that could run to 2017 before a business must switch to opt-in consent for its existing customers.

Despite the numerous carve outs, the business groups claim that the law will result in significant new expenditures, including the need to maintain a database of opt-in consents and a website to allow for easy access to contact information and unsubscribe mechanisms. Yet those businesses are already required to maintain databases with opt-out information and electronic marketing without a website seems somewhat pointless.

Perhaps the most surprising demand from business groups is an expansive exception to a new requirement to obtain express consent prior to the installation of computer software.  The groups have asked the government to delay implementation of this rule indefinitely. Alternatively, they are seeking at least ten additional exceptions, including one that would permit surreptitious surveillance for private enforcement purposes.

The business groups’ proposed provision would remove the need for express consent for the installation of any program designed “to prevent, detect, investigate, or terminate activities” such as the unauthorized use of a computer or the contravention of any law, whether Canadian or foreign. Once operational it would effectively legalize spyware in Canada on behalf of these industry groups and create a new mechanism for enforcing foreign laws in Canada.

The potential scope of coverage is breathtaking: a software program secretly installed by an entertainment software company designed to detect or investigate alleged copyright infringement would be covered by this exception. So too would programs designed to block access to certain websites, attempts to access wireless networks without authorization, or even key-logger programs that track unsuspecting users.

The anti-spam law was enacted with the promise of increasing consumer confidence in e-commerce by providing protections commonly found in other countries. With the latest round of lobbying, however, business groups are pressuring Industry Minister Christian Paradis to turn the law upside down by shifting from protecting consumers to protecting businesses.


  1. Lobbyists
    if you could afford them you too could have power! the devide between corporate and working people has never been more clear in this country.
    thank you mister prime minister

  2. Computer Programs?!??!!?
    I’m sorry. I’m confused. This is talking about anti-spam legislation right? So why would it EVER be acceptable to install any software on another persons computer in this context. Ever!

  3. Devil's Advocate says:

    Admission of guilt…
    “…the business groups claim that the law will result in significant new expenditures, including the need to maintain a database of opt-in consents and a website to allow for easy access to contact information and unsubscribe mechanisms.”

    There’s only 2 ways to take this:

    1) This guy’s disconnected from the fact that what he describes is already required.

    2) He is inadvertently admitting that the business world really doesn’t do its part to control unwanted marketing.

    Is it any wonder why anyone with a working brain tries to limit the latitude these assholes are afforded over the Internet?

  4. Businesses don’t like the opt-in model because it means they actually need to work to get your permission to send marketing emails. Most people tend to ignore the little check boxes asking permission to send you stuff (or you needing to check to opt-out), so they get the ability to send you stuff that most people probably don’t realise is there. By having opt-in, they need to specifically draw your attention to this so they can get you to click it. The problem isn’t that they don’t want to have to do this extra work because they realise that if most people were aware of this then they would not sign up for it.


    Think about Blizzard games and how the used to use monitoring programs to make sure you where not using map hacks. I love blizzard games and I understand why they did it, although some times it bugs me how they implement stuff like that. There newer games require internet access for full functionality and they integrate game monitoring into their systems by creating acheivmeents. I imagine it the software industry pushing for the removal of that rule.

    It’s a stupid thing to do though, because most consumers would agree to mostly any Terms of Services. So by trying to hide that junk, they’re just creating unnecessary scandals.

    Then there’s always the sony rootkit fiasco…. it wasen’t illegal then, but we saw what happend with that….

  6. Free Dominion comes under DDoS SYN attack
    Sorry it’s a little off topic, but don’t know how else to let you know: just as Free Dominion have announced they are trying to raise funds for their legal bills, they have come under a DDoS SYN attack…

  7. @Michael
    Dr. Geist, while I read and admire your writings I find that you are calling the kettle black since you yourself have spammed me.

    It’s no secret that Open Media, one of your mouth pieces, have spammed a couple of tens of thousands of people in Canada.

    When Mike Lerner (mlerner) started the “dissolve the CRTC petition”, I was speaking with Rocky (Then CEO of Teksavvy)and him (Mike) about it when nothing came of it.

    I was told they “plan to use the couple of ten of thousands of people as a starting point for something”.

    Then Open Media started with a few tens of thousands of dollars in “donations” from Acanac and Teksavvy (as well as your support).

    It was no secret you (and cippic) were involved since it was stated from the beginning, and even before they became, “Open Media”.

    Then they took mlerners list (Mike Lerner gave it to them when they asked stating it was for a greater purpose) to raise funds.

    Should be noted Mike was like a 20-r old kid that you used to get this list.

    I was one of the people spammed by your Open Media.

    So in effect, Michael, You and cippic spammed me from a stolen list that I have never signed up for. Ever. For money.

    How does that sit with you as you write all these articles about spam?

    Or did it never happen?

    Or were you “apparantly” never aware of it with your own mouth-piece astroturf organization?

    For those who want to know more, Or for those who think it’s BS, see this topic here:

    Open Media never posts to DSLr anymore since they spammed the user base.

    And you will see Mike Lerner (mlerner), whose list was taken by The Geists’ astroturf Open Media spam team speak up on this issue in the link above.

    Open Media refused, *absolutely refused*, to comment on the issue. But state instead CIPPIC would audit them sometime in the future after the fact that they spammed tens of thousands of people for money that never had anything to do with them.

    So, Michael, How does this sit with you? Does it make you feel warm and fuzzy inside after knowing your mouth-pieces spammed all these people?

    Anything to say?

    Going to say you never knew about it as Open Media started under you directions with a spam list taken from Mike Lerner that never had anything to do with them or their beliefs?

    Even Mike Lerner was mad about it as shown in that topic.

    Want to say sorry to me for spamming me? :/

    Will you do it again if Open Media takes another spam list?

    Open Media started by spam and with spam. Want to deny it?

    So in a way, while I root for you, I also see another side…

    Just saying.

    The other problem is one’s email is often attached to whole lot of other information on business (especially banking, credit bureau) databases such as your physical address, phone numbers, occupation, salary/earnings, SIN, etc. They often sell this information to each other so that they can target their spam more effectively.

    Even if you opt out – you can never really be sure they have actually removed all the information they have on you.

  9. Un-Trusted Computing says:

    @Quebec Guy
    Care to show a link to Michael Geist and Open Media?

    As a regular DSLr-er, who’s participated in that very thread you linked, I’m pretty familiar with the situation, but I fail to see the link between Open Media and Michael Geist.

  10. @Quebec Guy

    I get stuff from open media because I said they could when I signed a petition a while ago. Besides, they only email me once in a blue moon in comparison to, say, Amazon or other retailers who have emailed me daily without asking most of the time. That said, I’m not sure what your angry about here since he’s saying that places like OpenMedia should get your permission to send you email. Seems to be a bit odd to be upset by someone wanting to make sure the law has what you want in it.