The recent introduction of the Electronic Commerce Protection Act, Canada's long-awaited anti-spam bill, has been greeted with initial all-party support in the House of Commons. The bill just passed second reading with committee hearings the next step in the legislative process. My weekly technology law column (Toronto Star version, Ottawa Citizen version, homepage version) argues that looking ahead, the big fight seems destined to focus on the government's desire to establish a comprehensive regime with tough penalties that apply to most commercial communications to consumers. Consumer groups will likely welcome the reforms, while some business and marketing organizations may paint a gloomy picture of the costs associated with the new regulations.
Post Tagged with: "c-27"
Electronic Commerce Protection Act Headed To Committee Following Odd Debate
The Electronic Commerce Protection Act (Bill C-27) is headed for committee review following two days of rather strange debate in the House of Commons last Thursday and Friday. What was ensued was alternately predictable and bizarre. The predictable part was the all-party support for anti-spam legislation. MPs from all four parties talked about the need for anti-spam legislation, how it was long overdue, it is costly, it undermines confidence, etc.
The bizarre part was the discussion on the bill's implications for the do-not-call list. As I wrote soon after the bill was introduced, buried at the very end are provisions that kill the do-not-call list. Given the problems associated with the list, moving toward an opt-in approach (rather than DNCL's opt-out) could be a good thing. Yet the government seems determined to deny that the bill lays the groundwork to kill the list.
The Electronic Commerce Protection Act – The Competition Act Provisions
Having reviewed the Electronic Commerce Protection Act provisions on anti-spam, enforcement, and do-not-call, the other major section in the bill are the provisions involving reforms to the Competition Act. The ECPA makes several important amendments to the statute to better ensure that false or misleading representations in electronic messages are captured by the law. This will mean that the Competition Bureau will have the power to investigate and take action against the use of false headers, false locator information, or the presence of false or misleading content in electronic messages.
The changes focus on parallel reforms to the false or misleading representation provisions and the deceptive marketing provisions. The Competition Act will now include a lengthy new provision on false or misleading representations in an electronic message. The three main offences, contained with Offences Related to Competition, are:
The Electronic Commerce Protection Act – The Privacy Provisions
The Electronic Commerce Protection Act includes a noteworthy change to Canada's private sector privacy legislation (earlier posts on anti-spam provisions, enforcement, do-not-call). PIPEDA includes specific provisions dealing with the issue of consent for the collection of personal information, including the possibility of collecting personal information without knowledge or consent in certain circumstances. The ECPA adds a new provision that effectively overrides this exception – ie. it requires consent. The provisions are designed to target both spyware and the harvesting of email addresses or other collection of personal information without consent (a practice known as dictionary attacks).
The new PIPEDA Section 7.1(2) states:
The Electronic Commerce Protection Act – The Enforcement Prohibitions
The Electronic Commerce Protection Act will accomplish little if there is not a real commitment to enforcement. The enforcement provisions form the bulk of anti-spam bill (my review of the prohibitions here, the effect on the do-not-call list here). The enforcement part of the bill includes details on who does the enforcing, investigative powers, and penalties associated with anti-spam violations. The short version is that the CRTC has been given a wide range of investigatory powers, including the power to compel ISPs to preserve transmission data. Once it concludes its investigation, it can pursue a settlement or bring a notice of violation. The penalties run as high as $10 million. There are also smaller roles for the Privacy Commissioner and Competition Bureau as well as provisions to facilitate anti-spam lawsuits.
The more detailed version is:
Recent Posts
Debating the Online Harms Act: Insights from Two Recent Panels on Bill C-63 
The Law Bytes Podcast, Episode 199: Boris Bytensky on the Criminal Code Reforms in the Online Harms Act 
AI Spending is Not an AI Strategy: Why the Government’s Artificial Intelligence Plan Avoids the Hard Governance Questions 
The Law Bytes Podcast, Episode 198: Richard Moon on the Return of the Section 13 Hate Speech Provision in the Online Harms Act 
Tweets Are Not Enough: Why Combatting Relentless Antisemitism in Canada Requires Real Leadership and Action
