Columns

Message to the mail man by gajman (CC BY 2.0) https://flic.kr/p/b8fDw6

Keep Calm and Get Consent: Canada’s Anti-Spam Law Takes Effect This Week

Canada’s anti-spam legislation takes effect this week, sparking panic among many businesses, who fear that sending commercial electronic messages may grind to a halt on July 1st. The reality is far less troubling. The new law creates some technical requirements for commercial email marketing alongside tough penalties for violations, but left unsaid is that Canadian law has featured rules requiring appropriate consents for over a decade.

My weekly technology law column (Toronto Star version, homepage version)The concern over the new anti-spam law, which mirrors similar worries from 2004 when private sector privacy legislation arrived, suggests that many may not have complied with their existing obligations. As Canadians receive a flood of requests for consent from long-forgotten organizations they never realized had collected and used their personal information in the first place, the controversy over the rollout of the new anti-spam law says more about poor compliance rates with current privacy laws than it does about the new regulations.

June 30, 2014 — 5 comments — Columns

What's on the blacklist? Three sites that SOPA could put at risk by opensource.com (CC BY-SA 2.0) https://flic.kr/p/aZhtRV

Should Canadian Courts Decide What the World Gets to See Online?

The challenge of jurisdiction and the Internet has long been one of the most contentious online legal issues. Given that the Internet has little regard for conventional borders, the question of whose law applies, which court gets to apply it, and how it can be enforced is seemingly always a challenge.

Striking the right balance can be exceptionally difficult: if courts are unable to assert jurisdiction, the Internet becomes a proverbial “wild west” with no applicable law. Conversely, if every court asserts jurisdiction, the Internet becomes over-regulated with a myriad of potentially conflicting laws vying to govern online activities.

My weekly technology law column (Toronto Star version, homepage version) notes that in recent years, courts in many countries have adopted a reasonable balance where they are willing to assert jurisdiction over online activities or companies where there is a “real and substantial” connection, but they limit the scope of enforcing their rulings to their own jurisdiction. In other words, companies cannot disregard local laws where they operate there, but courts similarly should not disregard the prospect of conflicting rules between different countries.

June 27, 2014 — 5 comments — Columns

Treaty for the Blind T-Shirts by Timothy Vollmer (CC BY 2.0) https://flic.kr/p/5SXhgK

Why Has Canada Still Not Signed the WIPO Copyright to Support the Blind?

Countries from around the world last year reached agreement on a landmark copyright treaty designed to improve access to works for the blind and visually impaired. As the first copyright treaty focused on the needs of users, the success was quickly billed the “Miracle in Marrakesh” (the location for the final round of negotiations) with more than 50 countries immediately signing the treaty.

The pact, which was concluded on June 27, 2013, established a one-year timeline for initial signatures, stating that it was “open for signature at the Diplomatic Conference in Marrakesh, and thereafter at the headquarters of WIPO [the World Intellectual Property Organization] by any eligible party for one year after its adoption.”

My weekly technology law column (Toronto Star version, homepage version) notes that in the months since the diplomatic conference, 67 countries have signed it. The list of signatories includes most of Canada’s closest allies, including the United States, European Union, United Kingdom, and France. The major developing economies such as Brazil, China, and India have also signed the agreement. Curiously absent from the list of signatories, however, is Canada.

The issue was raised in the House of Commons by NDP MP Peggy Nash, leading to the following exchange with Industry Minister James Moore:

June 18, 2014 — 11 comments — Columns

Proposed Data Breach Disclosure Rules Leave Too Many Canadians in the Dark

News last week of a stunning data breach at a Toronto-area hospital involving information on thousands of mothers places the proposed Digital Privacy Act squarely in the spotlight. Bill S-4, which was introduced two months ago by Industry Minister James Moore, features long overdue data breach disclosure rules.

My weekly technology law column (Toronto Star version, homepage version) notes the new rules would require organizations to notify individuals when their personal information is lost or stolen through a data or security breach. Most other leading economies established similar rules years ago, recognizing that they create much-needed incentives for organizations to better protect our information and allow individuals to take action to avoid harms such as identity theft when their information has been placed at risk.

While the mandatory data breach rules can be an effective legislative privacy tool, they only work if organizations actually disclose breaches in a timely manner. Bill S-4 establishes tough penalties for failure to notify affected individuals, but unfortunately undermines its effectiveness by setting a high notification standard such that Canadians will still be kept in the dark about many breaches, security vulnerabilities, or systemic security problems.

June 9, 2014 — Comments are Disabled — Columns

Surveillance: America's Pastime by Jared Rodriguez / t r u t h o u t; Adapted: naixn, Jason Smith / feastoffun.com) (CC BY-NC-SA 2.0)

Why Has the Canadian Government Given Up on Protecting Our Privacy?

In recent years, it has become fashionable to argue that Canadians no longer care about their privacy. Supporters of this position note that millions of people voluntarily post personal information and photos about themselves on social media sites, are knowingly tracked by Internet advertising giants, and do not opt-out of “targeted” advertising from telecom companies. Yet if the past few months are any indication, it is not Canadians that have given up on privacy. It is the Canadian government.

My weekly technology law column (Toronto Star version, homepage version) notes the public response to the tidal wave of stories regarding widespread surveillance, the 1.2 million government requests to telecom companies for customer information, and the growing number of security breaches suggest that many Canadians are deeply concerned about the protection of their privacy. However, many feel helpless in the face on recent revelations and wonder whether the government is prepared to tighten privacy rules and establish stronger oversight.

June 3, 2014 — 10 comments — Columns