Information & Ethics committee  I just want to see it. I think it's something that could well be put into the Privacy Act. Whether it appears directly within the Privacy Act or is put into place through stand-alone legislation, either way I think it's long overdue.

Information & Ethics committee  I think because it hasn't been touched in 25 years, you're on the right track. Experience to date has left many discouraged about the prospect for broader reform, so improvements, even if incremental, are better than nothing at all. We've literally had nothing for decades.

Industry committee  Thank you, Mr. Chair. Thanks for the invitation to come and speak. My name, as you heard, is Michael Geist. I am a law professor at the University of Ottawa, where I hold the Canada research chair in Internet and e-commerce law. I'm also a syndicated weekly columnist on law and technology issues for theToronto Star and the Ottawa Citizen, and I was a member of the national task force on spam that was struck by the Minister of Industry at the time, in 2004.

Industry committee  I wouldn't have described the exceptions as narrow, actually, but quite the opposite. I believe the exceptions are very broad, and that's perhaps an attempt to strike the right balance.

Industry committee  Sure. With respect to Australia, respectfully, my reading is different. I have the Australian act in front of me, and it refers to commercial electronic messages in much the same way. I don't see a significant difference on the definitional side. Part 2, subsection 16(1), of the Australian act says: A person must not send, or cause to be sent, a commercial electronic message that...has an Australian link...and...is not a designated commercial electronic message.

Industry committee  I know that under “do not call”, educational institutions have fallen under charitable organizations, so they might well fall under the same here.

Industry committee  That's right, but our bill—I'll try to find the specific section—contains an exception for, I believe, registered charities. To my knowledge, just about every single university, for example, that might want to contact an alumnus is a registered charity. I know that's the approach under “do not call” that's being taken by all of those organizations.

Industry committee  That's right.

Industry committee  My understanding is that in Utah you had widespread abuse or attempted abuse of that provision. I think it was prisoners who were sending messages and then hoping to use that as an opportunity to file suit. While I recognize that this seems like a concern, the experience we've seen in Canada is that our litigation environment is quite different from that in the United States.

Industry committee  No, and I'm sorry if I wasn't sufficiently clear. I'm supportive of Bill C-27. My concern lies with the potential to water down the legislation. I think it does a pretty good job of striking the balance, and my fear is that some of the concerns, many of which I think are not valid once you take a look at the legislation, will result in a weakening of the legislation itself.

Industry committee  It's a great question. I think in some ways there are already frameworks in place to deal with many of these international issues. Canada has been a participant in them. Even dating back to when we were sitting as a spam task force, groups called the London Action Plan were bringing together various countries in an effort to deal with it.

Industry committee  My sense was that the minister recognized it was still early days and that there perhaps have been some growing pains with respect to the do-not-call list. I think it's more serious than that. There are more than six million numbers registered on the do-not-call list. There have been well-publicized incidents in which those numbers have been put out in the clear, and people have been misusing those numbers.

Industry committee  Sure, and I think that's absolutely right. Quite frankly, we experienced the concern as a task force ourselves. It was a year-long process. When we started the focus was almost exclusively on spam, and by the end of the 12 months, issues around spyware and phishing had really emerged as key concerns.

Industry committee  I think I'm quoted in that same piece. Another one of the concerns was that someone might want to buy software from a software vendor, and if it was outside of the 18 months, the person they're buying from might report the consumer as a spammer, which I didn't think was a particularly significant concern.

Industry committee  With respect to problems, here are two that I think highlight why in fact Bill C-27 does a pretty good job of dealing with these issues. The first problem is on this issue of whether it's opt-in or opt-out. I'm a strong supporter of our move towards an opt-in model here. As I think the minister noted, it could potentially serve as the model for the do-not-call list down the road.