For the past two years, I have been describing the government’s long-missing digital economy strategy as the Penske File, a Seinfeld reference to a non-existent work project. The government’s Seinfeldian approach to digital policies continued yesterday, with Industry Minister James Moore hosting a Festivus-like event on Canada’s anti-spam legislation. The anti-spam law was passed in 2010, but intense lobbying has delayed approval of the final regulations that are needed to bring the law into effect.
The by-invitation roundtable featured most of the business associations that have criticized the legislation along with several consumer/public interest representatives. Consistent with the Seinfeld episode on Festivus, the 90-minute event opened with the airing of grievances, providing the critics with an opportunity to deliver their concerns directly to the Minister. The consumer and public interest representatives spoke in favour of the legislation and of the need for the government to move quickly to finalize the regulations. While the government’s plans remain to be seen, Moore is clearly engaged on the issue and, given that the law was passed years ago, will hopefully demonstrate a feat of strength by bringing it into effect.
A draft of my comments (which were changed slightly in delivery) are posted below.
I appreciate the opportunity to participate in this roundtable. I’m a law professor at the University of Ottawa and I was a member of the National Task Force on Spam that in 2005 unanimously recommended that the government introduce anti-spam legislation.
I’d like to open with four quick points.
First, I’d like to address the imbalance at today’s roundtable. I don’t criticize the fact that the critics far outnumber the supporters today since the squeaky wheel invariably gets the attention. As we saw this summer on the wireless file, Canadian business groups can be very good at generating attention when they oppose government policy.
Rather, I think it is important to recognize that there are many Canadians – both individuals and businesses – that support this legislation. They are the thousands of Canadians who participated in the work of the anti-spam task force, who appeared before the Industry Committee to speak in support of the anti-spam bill once introduced, and who referenced the need to bring the anti-spam law into effect as part of their comments in the digital economy strategy consultation several years ago.
I think many Canadians reasonably thought that passing this legislation in 2010 was largely the end of their civic participation in this policy issue. The bill was extensively debated, amended, and ultimately passed by Parliament. There should no room for debate on whether the legislation should be brought into force. The only question should involve the regulations associated with the legislation.
Second, I want to emphasize that spam and spyware remain a serious problem in need of a legislative solution. Law alone won’t solve the problem, but failure to act legislatively leaves Canada at risk of becoming a spam haven and Canadians without recourse to address harmful online activities.
There are improved filtering solutions today, yet the problems with spam remain. Last night, I checked my Gmail spam box. As is the case most days, there was several legitimate business messages that I’ve opted for that were sent to spam, one important personal message incorrectly identified as spam, and several messages from email groups that I participate in. The daily misidentification of spam by aggressive filters means that business messages often don’t get through and the reliability of email is undermined. That hurts both business and consumers.
Third, there is a sense of déjà vu here. In preparing for this meeting, I came across the following comments:
“especially from the perspective of small business, there’s a bit of a fear of the unknown here”
“It has many more cost implications. There are some alarm bells going off and people are saying, “Whoa – let’s think about this for a moment.”
“It is so easy for companies to take their business someplace else, and we are constantly threatened by this. Literally, if you make too many regulations and add to the costs, it is very simple to house sites in the United States, Bermuda, or someplace else.”
The first two comments come from the Canadian Chamber of Commerce and the third from ITAC. But they aren’t about CASL. They are comments from 1999 about PIPEDA. The knee-jerk criticism of privacy legislation is not only short-sighted, but also very old and ultimately wrong.
Fourth, many of the concerns expressed with respect to this legislation are greatly exaggerated. Indeed, the claims make this summer’s attempt to link spectrum with Canadian water resources seem positively reasonable by comparison. If you believe the criticism, the legislation will place lemonade stands at risk, create onerous obligations not found elsewhere, and create massive new costs for Canadian business.
Yet the reality is that most of the criticism does not stand up to scrutiny. The legislation starts with a simple proposition – obtain customer consent and you can do pretty much whatever you like. Given the delays, Canadian business will have nearly ten years from its first introduction to ask one time for permission. With that permission in hand, the law does not create serious barriers to electronic marketing. Beyond the basic consent requirements, there are a host of exceptions – for personal relationships, business-to-business, and many others. A reasonable reading of these exceptions – the same kind of reading the businesses that now claim the exceptions are too limiting will use the moment the law takes effect – clears away virtually all the horror stories.
Further, the opt-in approach found in the Canadian law is the standard in most of the world. It can be found in Australia, the United Kingdom, the European Union, and Japan, who have all recognized that weaker opt-out models simply don’t provide effective protection.
Finally, the claims associated with costs leave the impression that Canadian businesses have no compliance costs today. That’s just not true. PIPEDA and the do-not-call list both create obligations for businesses. If they are not already maintaining lists, respecting opt-outs, and ensuring full compliance, they aren’t following the law. CASL creates new obligations but it doesn’t change the fact that compliance costs are not new.