Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh

Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh

Privacy

By K. Latham (CC BY-NC-SA 2.0) https://flic.kr/p/edVdXR

Enforcing CASL: How To Report Spam Violations

With Canada’s anti-spam law now in effect, many are starting to ask about enforcement of the law. While no one should expect the law to eliminate spam, the goal much more modest: target the bad actors based in Canada and change the privacy culture by making opt-in consent the expected standard for consumer consents. The CRTC, the lead regulatory agency, has made it clear that the fear-mongering of million dollar penalties for inadvertent violations is not going to happen. Chair Jean-Pierre Blais recently stated:

Read more ›

July 4, 2014 9 comments News
Did you consent to your involvement in this process? by Quinn Dombrowski (CC BY-SA 2.0) https://flic.kr/p/6Ghzp2

The Benefits of Consent

Commercial email did not grind to a halt the day after Canada’s anti-spam legislation took effect and neither did the coverage about the law’s impact (I appeared on CBC’s The Current to debate the issue). Coverage included Microsoft backtracking from its earlier decision to stop security update emails, apparently taking the time to actually read the legislation and find the exception for security notification. There was also a CBC story about the Canadian Avalanche Centre, which stopped an email service after hundred of customization options became “too much of a hassle to maintain”, but the CBC used the timing to link the decision to CASL.

But what really caught my attention was this tweet from Jason Faber, the marketing manager at BoldRadius.

Read more ›

July 3, 2014 1 comment News
Message to the mail man by gajman (CC BY 2.0) https://flic.kr/p/b8fDw6

Keep Calm and Get Consent: Canada’s Anti-Spam Law Takes Effect This Week

Canada’s anti-spam legislation takes effect this week, sparking panic among many businesses, who fear that sending commercial electronic messages may grind to a halt on July 1st. The reality is far less troubling. The new law creates some technical requirements for commercial email marketing alongside tough penalties for violations, but left unsaid is that Canadian law has featured rules requiring appropriate consents for over a decade.

My weekly technology law column (Toronto Star version, homepage version)The concern over the new anti-spam law, which mirrors similar worries from 2004 when private sector privacy legislation arrived, suggests that many may not have complied with their existing obligations. As Canadians receive a flood of requests for consent from long-forgotten organizations they never realized had collected and used their personal information in the first place, the controversy over the rollout of the new anti-spam law says more about poor compliance rates with current privacy laws than it does about the new regulations.

Read more ›

June 30, 2014 5 comments Columns
LG Cookie Fresh Email Setup by Digitpedia Com (CC BY 2.0) https://flic.kr/p/8rtADu

The Canadian Anti-Spam Law Panic: Same As It Ever Was

As the Canadian media reports on the panic associated with the new anti-spam law set to take effect next week, consider the following from Macleans titled “Few Companies Prepared for New Privacy Law“:

The new law..says organizations can only collect personal information for a stated reason – and can use it only for that purpose. Among others things, that means a company that supplies a service can’t sell its list of subscribers to another company’s marketing department. Individuals must be informed, and give their consent, before personal information is collected, used or disclosed..But most firms are unaware of the new law.”

The article continues by noting that “there’s confusion over which organizations might be exempt” and that “there is no grandfather clause – all existing customer information needs to be compliant.” The message is similar in a Globe and Mail article titled “Many small firms not ready for privacy rules“, which also notes the possibility of a constitutional challenge. An IT World Canada reiterates that concern in its coverage:

most Canadian organizations are not aware of the [law]. And very few are prepared to comply.

Read more ›

June 26, 2014 11 comments News
How Europe is dealing with online privacy by safwat sayed (CC BY-ND 2.0) https://flic.kr/p/bk53au

Say Anything: The Government’s Response to its Disintegrating “Privacy” Reform Strategy

The Supreme Court of Canada’s Spencer decision is still only a few days old, but it has become clear that the ruling has left the government’s privacy and lawful access strategy in tatters. I’ve posted earlier on how the decision – which held that Canadians have reasonable expectation of privacy in their subscriber information and that voluntary disclosure of such information to the police constitutes an unlawful search – blows away the government’s plans for Bills C-13 and S-4 by contradicting longstanding government policy positions.

While there are options for the government to establish reforms that are consistent with the court ruling and that would grant police the access they say they need, government ministers have instead adopted a rather bizarre response of saying anything, no matter how inconsistent with prior positions, the court’s analysis, or public comments from authorities such as the Privacy Commissioner of Canada. There is admittedly a track record for this: Conservatives have dismissed privacy concerns from Carole Todd, the Boys and Girls Club of Canada, the Privacy Commissioner of Canada, and many more. Further, the Conservative leader in the Senate claims Spencer has “no impact whatsoever” on Bill S-4. 

Read more ›

June 19, 2014 9 comments News