Bill C-27 (Historical)

Mr. Speaker, I had the opportunity to speak to this bill earlier and there was one issue I dealt with that maybe the member would like to comment on. It has to do with directing some of the attention on the ways in which small- and medium-sized businesses themselves can help to protect their own information by having best practices, et cetera.

I would refer him to the Canadian Privacy and Data Security Toolkit for Small- and Medium-Sized Enterprises, which was produced by the Canadian Institute for Chartered Accountants and issued at the beginning of last summer. There are, in fact, audit checklists in there for businesses because if they are not part of the solution, they are part of the problem.

With regard to this bill, it is one thing to look at the problem and how we might deal with those who abuse the situation, but businesses themselves have to be proactive in protecting their own information. I wonder if the member would like to comment on the need for businesses to be part of the solution.

Mr. Speaker, this issue really needs to be taken seriously. This is a privilege, not a right, especially given that businesses and people have invested in their own computers. They are the ones paying for the maintenance, as I noted. They are also paying for the Internet service being provided.

It is very much a privilege, not a right, to interchange in such a relationship. Otherwise, what should happen is that maybe consumers should get 5¢ for every ad or some type of remuneration for doing it. That really should be what is happening if this type of behaviour is seen as a right, not a privilege.

I would argue that there are some really good models, as the member has noted. Organizations are trying to create some best practices, so that they can keep their areas lined up correctly. With the three government agencies, the CRTC, the Competition Bureau and the Privacy Commissioner, there will be a really good, strong regime to set some good examples right away rather than those that are terribly abusive. That will hopefully bring in line those who are kind of on the fringes of doing this activity.

Mr. Speaker, my question is a bit of a follow-up from the question by the member for Mississauga South, but it has to do with the whole role of businesses. Businesses have privacy officers now, and I am talking about little businesses here. A lot of them will not even know that the legislation has passed the Senate, even when it does pass the Senate.

The question I have is whether the member thought that the government should have a roll-out plan to let small businesses know about the bill and its regulations. Perhaps that would go a long way to avoiding all of the problems that will come up as a result of the bill in terms of non-compliance and perhaps people doing things inadvertently that they would not have done if they had known what the rules are.

Mr. Speaker, there have been a couple of good examples in the past. But when I think about what will happen right now, if we are lucky, the bill will go to the Senate and be passed some time in 2010. I am hopeful there will be no election and the bill will become law.

I was watching a video today about some of the crime bills that were lost when the Prime Minister called the election, despite elections being set for ourselves in the future. We hope we will not see that happen again.

Businesses will have an additional two years before it comes into full implementation, when they will have that existing business relationship that can be struck with their current client base.

I am hoping the government does roll out a program right away at the beginning so that we can get to those businesses, not wait till the last minute and then have those types of problems.

There will be flexibility with the CRTC and the Competition Bureau to determine if there are accidental breaches or whether there are habitual problems that are happening in particular companies. There are all kinds of wonderful ways that we can connect electronically, with the Government of Canada's own infrastructure system, and as well, even connecting into, for example, the chambers of commerce across this country.

There will be a lot of opportunity to engage the public with a two year period before full implementation. So we are really not looking at it immediately. It depends when it gets through the Senate. It might be 2012 or 2013 before the law would be fully implemented and protecting consumers and the Canadian economy, and that is a long time.

Mr. Speaker, my brief supplementary question is whether or not the member is satisfied with the penalties under the act. I notice that there is a right to private action. I would have liked to have seen some sort of examination of the possibility of class action because there are class action provinces in Canada. If the government does not enforce the act to its fullest, does the member think that the right of private action will actually step in as the tough enforcement mechanism?

I think it will, Mr. Speaker, but the member raises a really good point with regard to class action. That is one of the things on which we could probably have spent more time to see whether that could have evolved into part of the final structure of the bill.

We did not have much discussion on that at all, but it might be one of those things that we could look to add to the bill. I am hopeful that perhaps that would be a strengthening of the bill and that it could happen at the Senate. If not, I am hopeful that the bill stays in its current format, at least as a starting point, and then from there we could look at massaging the bill if it is not meeting the needs.

Once again, this is critical. This is not just about inconveniences and annoyances. This is a massive use of technology and the abuse that is taking place with customers. It affects the Canadian economy and it is also giving Canada a black eye right now.

Mr. Speaker, I am pleased to rise today to speak to Bill C-27, the electronic commerce protection act. This legislation enacts important restrictions to the volume and frequency of spam in business transactions. I was pleased to have the opportunity to work with other members of the industry, science and technology committee to review this legislation and respond to some of the concerns brought forward by stakeholders.

Spam, or in essence, unwanted commercial emails, is a significant problem for Canadians. Spam currently represents 60% to 80% of all email traffic around the world. The sheer volume of messages challenges the capacity of Internet service providers and legitimate businesses that conduct their activities over the Internet and by email. Most important, it has a significant negative impact on consumers. Spam is a large source of computer viruses, phishing programs designed for identity theft, deception and fraudulent business practices that target the vulnerable.

A 2003 report estimated that fighting spam cost businesses and consumers $27 billion annually in information technology spending, including increased expenditure in Internet bandwidth, storage costs, anti-spam software and user support. In May 2004 the Liberal government established a task force to lead the anti-spam action plan for Canada. The task force held public consultations and led round tables with key stakeholders in the industry.

In 2005 this anti-spam task force tabled its final report outlining 22 major recommendations, including a key recommendation to strengthen federal legislation in this area. Specifically, the task force recommended that Canada implement legislation that would prohibit the sending of spam without the prior consent of recipients, prohibit the use of false or misleading statements that would disguise the origins or true intent of the email, prohibit the installation of unauthorized programs and prohibit the unauthorized collection of personal information or email addresses.

Bill C-27 looks to implement those recommendations. The electronic commerce protection act would introduce fines for violations up to a maximum of $1 million for individuals and $10 million for businesses. It would establish rules governing warrants for information during investigation and injunctions on spam activity while investigations are ongoing.

Bill C-27 would also establish the private right of action, allowing individuals and businesses the ability to seek damages from the perpetrators of spam. It looks to prohibit the sending of commercial electronic messages or, in other words, spam email without the prior consent of recipients. The bill also looks to prohibit the use of false or misleading statements that disguise the origins and true intent of the email, the installation of unauthorized programs and the unauthorized collection of personal information or email addresses.

Bill C-27 would introduce legislation to enact all of these recommendations. We are pleased that the Conservative government has finally decided to act on the recommendations of our task force.

However, upon more detailed review of the provisions included in Bill C-27 at committee stage, there were flaws exposed in the bill and several changes were made that looked to improve and ensure that the productivity of businesses activities dependent on electronic commerce would not be impacted.

While the Liberal Party believes the bill remains unnecessarily restrictive to legitimate business in its approach in many regards, we will support the bill at third reading as action must be taken against spam. We will monitor the legislation closely going forward to ensure that it does not stifle legitimate electronic commerce in Canada.

However, the Liberal Party further notes that the fight against spam is much more than just legislation. The Liberal task force also recommended resources to be put toward coordinated enforcement of the law. As it stands, this legislation will only go as far as the willingness to enforce the law. Without additional resources toward enforcement and toward working with other nations to stamp out spam, the gains intended through this legislation will not be made.

We have yet to see how the government will put appropriate resources into enforcement. Dedicated resources should be put in place to work with Internet service providers and Canadian businesses to establish the best methods of enforcing these important regulations.

As I mentioned previously, through close review and testimony provided by witnesses at committee stage, flaws were discovered within the bill. Specifically clause 6 was found to have been written too broadly and could have suppressed legitimate business communications over the Internet. Clause 8 also defined “computer program” very broadly and could have suppressed legitimate businesses, software development and impeded legitimate Internet functions.

After considerable work, many amendments were made to improve the bill, refining measures for electronic messages, computer programs and the protection of privacy rights.

The bill, however, retains a very strict philosophy. Bill C-27 takes a very broad approach to defining a rather wide definition of electronic messages that puts the onus on individual businesses to seek exemptions if they believe their activities to be legitimate.

The proposed Liberal approach was to define known spam irritants and define them as illegal, with the flexibility to add further definition as electronic messages on the Internet evolved.

The concern with the Conservative approach is that an overly heavy-handed approach could stifle electronic commerce in Canada and negatively impact the productivity of the business community.

Overall, however, many good changes were made to the bill at committee stage. As such, the Liberal Party will support the bill at third reading.

When it was first tabled, it appeared that while stakeholders supported the concept of the bill, they were quite concerned about the details of Bill C-27. Business groups, including the Canadian Chamber of Commerce, the Electronic Software Association, various interests in the technology sector all felt that Bill C-27 was too restrictive and could hamper legitimate commerce.

With significant amendments at committee stage, these stakeholder groups now feel the legislation has better balance. However, they maintain the legislation is still heavy-handed and could suppress legitimate electronic commerce activity. Many, however, have indicated that they will look to see further amendments as the bill passes through the Senate.

The following issues in no particular order of priority present the outstanding concerns heard during the review of this legislation, but were not amended under the clause-by-clause consideration of C-27.

First, in hearings before the committee, the Canadian Bankers Association raised concerns dealing with Bill C-27 and confidentiality. In its testimony to the industry, science and technology committee the Canadian Bankers Association recommended that the electronic commerce protection act be amended to specifically protect information produced under the act from disclosure by CRTC in respect to an access to information request.

The amendment proposed by the Liberal members was under clause 29 of Bill C-27. This amendment sufficiently addressed concerns that a document produced for and then kept by the CRTC would not be available to be made public under the Access to Information Act. It also served to specifically protect the information from disclosure by CRTC in response to access to information requests that could be important for proprietary reasons.

Our ability to make this change was limited by the need for a consequential amendment to the Access to Information Act, which we were unable to move as it fell outside the jurisdiction of Bill C-27.

The next issue the Liberal members of the committee felt important to bring to the attention of the committee under its review of the bill dealt with materiality. We believed it was important to retain the standard of materiality in respect to electronic sender information and subject matter information and brought amendments to clauses 71 and 73 to include the words “in a material respect”.

The main reasons for these amendments are as follows. The first is the chilling effect on individuals and businesses doing business. Without this change, concerns remain that individuals and companies doing business in Canada will automatically face potential criminal prosecution or civil action under the Competition Act every time someone asserts that the subject matter information in a business email is somewhat misleading, whether by understatement, by overstatement or otherwise or is in some other aspect false.

The addition of “in a material respect” is consistent with the language used in the Competition Act. Without this amendment, even trivial or immaterial misstatements or representations that are false or misleading will be subject to the serious consequences in the Competition Act.

The second effect could be felt in the Competition Bureau, including materiality, which would provide the Competition Bureau with the necessary discretion to brush aside complaints raised about purported misstatements that were trivial. Given the thousands of complaints made annually to the Competition Bureau, this change would allow the immaterial or trivial representations to be automatically filtered.

Third, materiality would impact double consequence. Due to an amendment brought in by government members to clause 51, the sender of a misleading email would be held accountable twice, once under the serious consequences in the Competition Act and again under penalties to Bill C-27, by heavy penalties for a misrepresentation that may not be material.

Unfortunately, the Liberal amendments to make these important changes concerning materiality were not supported by other members of the committee, so Bill C-27 retains these potentially problematic sections.

The next major area of concern dealt with referrals for legitimate professionals. We received interventions from several organizations concerning the need for certain professionals to make and follow up on third party referrals by email. Referrals are key to many professionals' success, for example, financial advisers and realtors to name a few, and initial changes brought forward by government for discussion at committee included changes allowing clients to pass along the electronic address of a contact, family member or friend to the professional.

The amendment originally proposed by the government does include a number of conditions that must be met, which we feel will prevent abuse.

First, the sender needs to be in an existing business relationship with the referrer. The referrer needs to have a personal or family relationship with the recipient. The sender has to name the referrer and the sender is limited to sending a single message to the recipient. Unfortunately, the government decided not to present this amendment at the clause-by-clause review of the bill and did not support the Liberal amendment to include these important exemptions in the legislation.

Another area of concern for stakeholders centred around the definition of a computer program. The Liberal members presented an amendment suggesting changes to the definition of a computer program. The goal of this amendment was to ensure that a computer code meant to be compiled by a web browser, such as Flash, JavaScript or HTML, along with popular web technologies such as Java code, Flash programs, et cetera, would no longer fall under the ambit of the anti-spyware provisions.

The most effective way to exclude legitimate website codes from the anti-spyware provisions seems to be to propose a comprehensive definition, which is subject to amendment by regulation to ensure it is kept current against new and emerging online threats. The amendment proposed by the Liberal members of the committee was defeated and officials pointed to the changes made to clauses 8 and 10 of the bill to address some issues dealing with consent around computer software.

Finally, concerns surrounding the communication between regulators of self-regulated professions and their members under the electronic commerce protection bill were raised during the committee review, and Liberal members brought forth an amendment to address this issue.

As currently drafted, Bill C-27 prevents professional regulators from sending legitimate communications to their members for innocuous purposes, such as continuing legal education opportunities. In many cases, these regulatory groups are required by statute to make members aware of such opportunities.

This could be a simple oversight and could be remedied by introducing an amendment to provide an explicit exemption for self-regulated professions under clause 6. This amendment was initially contained in the draft changes brought forward by government officials for discussion at the early October meeting of the committee, but was not brought forward as an amendment by the government during the clause-by-clause review of the bill. A Liberal motion on this issue was presented at a later date, but was ruled out of order, so this oversight remains an unfortunate component of Bill C-27.

While there remains room for improvement to the bill, the Liberal Party will support the electronic commerce protection bill at third reading in the interests of taking necessary action against spam in Canada.

The concerns that I and my Liberal colleagues have articulated throughout our study of this legislation will hopefully be given some thought by the government for inclusion within regulations. The Liberal Party would have approached this bill from a different philosophy than the government has, but we also recognize it is important for the bill to move forward for the sake of Canadians. It is important that we continue to monitor technological advances throughout the progress and implementation of this legislation and any changes that are enacted to increase the productivity of Canadian business.

Mr. Speaker, what sort of advertising program does the member think the government should embark upon if we ever get to the point that this legislation passes? It has to go through the Senate. We have to avoid an election or else we will be back here discussing the same thing a year or two from now. If we do get to the point where the Senate approves the bill, what does the member think the government should do in terms of advertising to the public, advertising to small business and trying to make certain the bill actually has teeth and proper enforcement?

Mr. Speaker, we look forward to the bill moving forward. It is intended to deter spam and protect the integrity of data transmission. We would like the bill to move forward rather expeditiously. We must ensure that legitimate business is not hampered in any way. We are a society that does a lot of commerce over the Internet.

I would ask the government to embark upon discussions with the Canadian Chamber of Commerce and the networks of chambers of commerce and boards of trade and other industry associations to widely spread the information about the provisions of the bill so that it can be implemented as quickly as possible.

Mr. Speaker, I want to thank the member for St. John's South—Mount Pearl for an excellent overview of the bill and more explicitly some of the insights. It is easy to come here and talk about all the nice things the bill does, but the member raised a number of issues that the bill does not address. That is extremely important. I want to take this opportunity to thank her for thinking about the rest of us who have other responsibilities.

She raised a specific issue with regard to disclosures required for the CRTC. The hope was that they would be exempted from access to information legislation, but that provision could not be put into the bill. It does raise the point that when there are unintended consequences, a mechanism is needed.

Would the member undertake to ask the committee if it would consider writing a letter to the Minister of Justice who is responsible for the Access to Information Act to consider such an amendment to the act and failing that, to write a letter to the Standing Committee on Access to Information, Privacy and Ethics bringing the matter to the attention of the committee so that the committee may consider such an amendment?

Mr. Speaker, when we spoke of this in committee the response from officials was that there was sufficient coverage under the protections of the Privacy Act. They felt this was sufficient to cover the concerns we were raising. The Canadian Bankers Association raised the issue and thought that some of the provisions under the Telecommunications Act would have given better protection. I thank my hon. colleague for his suggestion and will certainly take that under advisement as to how we could best move forward to ensure that those provisions are in place.

Mr. Speaker, this bill is somewhat complex and it would prohibit a fair amount of activity. Its purpose as set out in clause 3 is to promote the efficiency and adaptability of the Canadian economy by regulating commercial conduct that discourages the use of electronic means to carry out certain activities that impose additional costs on businesses and consumers.

After prohibiting the sending of electronic messages unless there has been consent, expressed or implied, and prohibiting all sorts of activities, an exclusion is made for an electronic message that is sent by means of a facsimile to a telephone account.

I do not know if the hon. member is familiar with people re-sending advertising by facsimile to another individual's fax machine using the individual's paper, ink, toner and supplies. To send an electronic message all the sender does is press a button and that message can be sent to 1,000, 2,000 or 3,000 people. That would seem to cause an additional burden on people who do not necessarily want to get 500 ads for a $250 trip to Florida or wherever, and other impossible ideas that are being put forward. I see them all the time and I am sure the hon. member and others have seen them as well.

I wonder if the member could comment on that and why that might not be prohibited in this legislation as well.

Mr. Speaker, the member for St. John's East raised a very interesting question. This legislation would apply to electronic commerce. It is an anti-spam bill. Many jurisdictions around the world have anti-spam legislation. Canada is strengthening its legislation and that is why we are supporting this bill.

With respect to the member's question about whether facsimiles would fall under this bill, I would assume it would depend on whether it was sent by a fax port contained on a computer, if it is electronic commerce from the Internet itself. As to whether or not it falls under the jurisdiction of this bill would depend on whether or not it was sent from a fax port on a computer or from a telephone to another telephone.

Bill C-27 was designed to capture those types of spam activities the hon. member mentioned, but it depends on where it comes from as to whether or not it would be captured.

Mr. Speaker, I want to raise another matter. This is a new one on me which happened this past week and it is called spoofing. Someone can actually encroach on a system and create emails representing someone else. In my case, it was representing me, and it was a direct letter to the premier of Ontario concerning a tax. I did not send the message. I had it investigated. There is now the ability for someone to send an email to someone else that looks as though it came from a third party.

I am wondering whether or not that situation came up in the hearings and consideration of this bill at committee.