With the cost of cybercrime in Canada on the rise – a new report released last week by Symantec, a security software vendor, pegged the cost at $3.1 billion annually – my weekly technology law column (Toronto Star version, homepage version) reports that the Canadian government is quietly working behind-the-scenes to create a new Internet service provider code of conduct. If approved, the code would be technically be voluntary for Canadian ISPs, but the active involvement of government officials suggests that most large providers would feel pressured to participate.
The move toward an ISP code of conduct would likely form part of a two-pronged strategy to combat malicious software that can lead to cybercrime, identity theft, and other harms. First, the long-delayed anti-spam legislation features new disclosure requirements for the installation of software along with tough penalties for non-compliance. Recent comments from Industry Minister James Moore suggest that the government is ready to bring that law into effect. Second, the code of conduct would require participants to provide consumers with assistance should their computers become infected.