Ottawa releases second set of antispam regulations

Industry Canada has released its second version of proposed regulations for Canada’s dormant antispam legislation, which supporters hope will lead to the law finally going into force.

But it isn’t clear if the latest draft, released late last week, will be the final word or when the law will become live.

There are those like University of Ottawa law professor Michal Geist, who says the new draft includes “several significant loopholes and exceptions that undermine the effectiveness of the law.

On the other side are those like Ottawa lawyer Shaun Brown, who acts for a number organizations and service providers, and says new changes have improved the regs for businesses that send commercial email.

Officially called electronic commerce protection regulations, the definitions will be used to interpret terms in the Canada Anti-spam Legislation (CASL), which was passed by Parliament in December, 2010. That act hasn’t been proclaimed as law, however, because of wrangling over the regs.

Organizations and individuals have until Feb. 4 to send comments to the government on the proposed regulations. The government’s timetable after that depends on whether it is persuaded the regs are good enough, need minor tweaking or a major overhaul.

CASL may or may not have an effect on the spam that comes into your mailbox or the malware attempting to attack your PC. Basically, it prohibits the sending of damaging and deceptive spam, spyware and other network threats from within Canada. As far as commercial email messages, it demands businesses have permission to send a person email unless there is a prior relationship.

It will be enforced by the Canadian Radio-television and Telecommunications Commission (CRTC), the Competition Bureau and the Federal Privacy Commissioner.
 
RELATED CONTENT
 
In interviews Thursday, Brown and Geist differed sharply on two of the proposed changes:

–Defining ‘personal relationships’
The law exempts commercial email between family members and those involved in personal relationships from needing consent from the sender. The definition of a family was copied from the Income Tax Act, but “personal relationship” had to be defined.

The regs specify that covers people who have had “direct, voluntary two-way communications,” and who share interests, opinions and certain other factors — unless the recipient has indicated they don’t want to receive messages from the sender.

This, Brown says, is a flexible definition that doesn’t leave loopholes for spammers.

But Geist said it is so broad that messages such as social media alerts for Facebook ‘likes’ will be exempted.

–Third-party referrals
The new regs says CASL doesn’t apply to the first commercial email sent to a person through a referral – think of a new home buyer who wants to refer a real estate broker to a friend. Brown says this change will be a boon for consultants and small businesses, allowing, for example, the broker to email a potential customer. He called it a “very positive change.”

But Geist said the exemption is unnecessary. If the home buyer wants to give a referral, it should go to the friend and not the broker. Current law covers this, he said.

This exemption will “open the door” to unwanted email messages, he argues. “This particular exemption feels like a re-writing of the law.”

Other proposed changes include broadening the exemption for messages sent between organizations, and allowing telecommunications providers to install software without consent on consumer devices to “prevent activities that the telecommunications service provider reasonably believes are in contravention of an Act of Parliament and which present an imminent risk to the security of its network.”

Brown disagrees with Geist that the new proposed regulations are full of loopholes. “These are reasonable allowances that are based on consultations with industry,” he said, “to allow for reasonable business practices which the law would inadvertently hamper.”

But Geist says the real issue is whether businesses should be required to get express consent from each individual it sends commercial messages to.

“There is no need for an exception if you’ve obtained consent,” he argues.

But he suspects the business community wants to avoid that “because there’s a genuine fear a lot of people will say no.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now