Bill C-27 (Historical)

Mr. Speaker, when we spoke of this in committee the response from officials was that there was sufficient coverage under the protections of the Privacy Act. They felt this was sufficient to cover the concerns we were raising. The Canadian Bankers Association raised the issue and thought that some of the provisions under the Telecommunications Act would have given better protection. I thank my hon. colleague for his suggestion and will certainly take that under advisement as to how we could best move forward to ensure that those provisions are in place.

Mr. Speaker, this bill is somewhat complex and it would prohibit a fair amount of activity. Its purpose as set out in clause 3 is to promote the efficiency and adaptability of the Canadian economy by regulating commercial conduct that discourages the use of electronic means to carry out certain activities that impose additional costs on businesses and consumers.

After prohibiting the sending of electronic messages unless there has been consent, expressed or implied, and prohibiting all sorts of activities, an exclusion is made for an electronic message that is sent by means of a facsimile to a telephone account.

I do not know if the hon. member is familiar with people re-sending advertising by facsimile to another individual's fax machine using the individual's paper, ink, toner and supplies. To send an electronic message all the sender does is press a button and that message can be sent to 1,000, 2,000 or 3,000 people. That would seem to cause an additional burden on people who do not necessarily want to get 500 ads for a $250 trip to Florida or wherever, and other impossible ideas that are being put forward. I see them all the time and I am sure the hon. member and others have seen them as well.

I wonder if the member could comment on that and why that might not be prohibited in this legislation as well.

Mr. Speaker, the member for St. John's East raised a very interesting question. This legislation would apply to electronic commerce. It is an anti-spam bill. Many jurisdictions around the world have anti-spam legislation. Canada is strengthening its legislation and that is why we are supporting this bill.

With respect to the member's question about whether facsimiles would fall under this bill, I would assume it would depend on whether it was sent by a fax port contained on a computer, if it is electronic commerce from the Internet itself. As to whether or not it falls under the jurisdiction of this bill would depend on whether or not it was sent from a fax port on a computer or from a telephone to another telephone.

Bill C-27 was designed to capture those types of spam activities the hon. member mentioned, but it depends on where it comes from as to whether or not it would be captured.

Mr. Speaker, I want to raise another matter. This is a new one on me which happened this past week and it is called spoofing. Someone can actually encroach on a system and create emails representing someone else. In my case, it was representing me, and it was a direct letter to the premier of Ontario concerning a tax. I did not send the message. I had it investigated. There is now the ability for someone to send an email to someone else that looks as though it came from a third party.

I am wondering whether or not that situation came up in the hearings and consideration of this bill at committee.

Mr. Speaker, spoofing did not come up specifically when we were reviewing this bill. We talked a lot about phishing and spamming and all the new words that are associated with electronic commerce. As the bill progresses, I am sure we are going to have a ton more of these new terms.

It would depend on how the spoofing is actually done as to whether or not it would be captured under this bill, I would assume, only because of the mechanisms and means under the bill.

The hon. member has raised an incredibly important issue. This bill is going to need constant attention. That was one of the reasons we were concerned about the bill's narrowness and its philosophy. What are we going to do with all of the new issues that arise with respect to the Internet and some of the new illegitimate spamming activities?

The member asked a legitimate question. Spoofing would hopefully be captured in this legislation depending on how it is done and the extent of it.

Mr. Speaker, I would like to ask the member whether she is satisfied with the penalties that are listed in the bill. They seem to be fairly adequate but we have to take into account criminal organizations and other organizations that may not be deterred by penalties that are not high enough.

In her opinion, are the penalties at sufficient levels to prevent criminal organizations from getting involved in this activity?

Mr. Speaker, that is an important question.

In assessing other jurisdictions, it seemed that Canada was strengthening the measures in this bill to ensure the penalties were sufficient enough and that it would deter spamming. We looked at other jurisdictions such as Australia and New Zealand that implemented similar types of legislation. They found that spamming decreased substantially as soon as the legislation was put in place. The combination will certainly be powerful to ensure that spamming is decreased.

Mr. Speaker, I am very pleased to speak to Bill C-27 at third reading. We will be supporting this bill. Hopefully it will have a very brief but successful trip through the Senate and will become law in Canada in short order. I would hate to see it held up in the Senate and/or have an election in between and then have to start over again.

As numerous members have mentioned in the debate on this bill, Canada is pretty much the last major country to bring in legislation of this kind. Having an election every two years has put us in this situation. Legislation like this should have been brought in three or four years ago, maybe even longer than that.

I was involved in setting up the e-commerce legislation in Manitoba. The bill was tabled in the Manitoba legislature on June 5, 2000. At that time Manitoba was not the first province to introduce e-commerce legislation. It was modelled on the Uniform Law Conference legislation. There was a Uniform Electronic Commerce Act. Manitoba used that chassis to build its legislation.

There may have been two or three provinces to introduce legislation before Manitoba did, but certainly when Manitoba's legislation was passed, it was the most comprehensive of its kind in Canada. That was almost 10 years ago and most other provinces, if not all, now have that basic underlying legislation. For the member who just spoke, the spam bill is a complement to that type of legislation. When legislation was first introduced in 2001, I am not even certain we knew what spam was. I do not think it was an issue at that point. When it did become an issue, I am guessing in 2003 or thereabouts, that is when the federal government took note of the problem and started to look at bringing in legislation.

In the era of computers and the Internet, we are all familiar with how fast things move. In the last 100 years the Pony Express was replaced by the telegraph system. Those things took time. There was a period of maybe 10 to 30 years where that technology was predominant. Now we are in an environment where the lifespan of technology is a year or two. Had Parliament adopted this bill two or three years ago, at that time I do not think we had heard of Facebook, Twitter or some of the other new technologies out there.

This legislation always will be a work in progress. After we pass this bill, no doubt loopholes will develop over time. We will simply have to plug those loopholes with future amendments or create an entirely new piece of legislation to deal with the problem at hand. There is a lot to talk about with respect to this bill.

On April 24, the Minister of Industry introduced this Bill C-27, An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act, in the House of Commons.

We are amending four acts in this process. The bill is called the electronic commerce protection act. It passed second reading on May 8 of this year and was referred to the Standing Committee on Industry, Science and Technology on the same day.

In addition to creating this new bill, the bill amends the four existing acts that deal with telecommunications, regulations, competition and privacy. Among other changes, these amendments designate the CRTC as the main regulator of this act, although both the Commissioner of Competition and the Privacy Commissioner will also play enforcement roles related to their respective mandates.

The bill is the culmination of a process that began with the anti-spam action plan for Canada, launched by the Government of Canada in 2004, although I thought it started around 2003. It established a private sector task force, chaired by Industry Canada, to examine the issue of unsolicited commercial email or spam.

By the end of 2004, spam, which is in many ways the electronic equivalent of junk mail, had grown to encompass 80% of all global email traffic. As has been mentioned before, bandwidth is a big issue. It is less of an issue today than it was seven or eight years ago because of all the dark fibre builds that are built by various communities and so on. We have seen an astronomical increase in the amount of bandwidth due to the dark fibre builds, due to other bandwidth proposals that have been promoted and financed by Industry Canada, which was involved in some of them.

What this has spawned at the end of the day is more spam. Just the other day we talked about the child pornography legislation. We said that there was a timeframe and in roughly the last four or five years child pornography had exploded as a problem. If we take that back, we come down to the question of bandwidth.

Ten years ago all we could get on our computers was maybe 15 frames per second. Then it became 30 frames per second. I mentioned before that the Rolling Stones was the first band to put one of its songs on the Internet. It could be seen as choppy frames when watched. Now we have full colour movies being seen on the computer. This is as a result of that enormous increase in bandwidth that has occurred just in the last half a dozen years and with that, the improvements in the technology to be able to carry that bandwidth.

Clearly, it was the great development we all said it would be. We said that tremendous bandwidth was something we would use to facilitate our electronic health records so we could put MRI images and X-ray technologies onto a hospital system and simply send it to the next hospital. It could also be used for distance education.

In fact, that is happening, but the downside of this is we have the criminal elements taking advantage of the bandwidth for their purposes. Their purposes are to use things like spam and so on for their benefit, to take money from people and to involve themselves in criminal activities.

The task force on spam, which led to the action plan, held a round table of national stakeholders in December 2004 and it solicited feedback from other stakeholders and Canadians through announcements in the Canada Gazette and in a dedicated online forum set up for this purpose. The task force issued a report in May 2005, examining the spam situation in Canada and recommended, among other measures, that legislation specifically aimed at combatting spam be created. The bill is the result of that process.

The federal government issued a news release to accompany the bill, which thanked the task force, as well as two senators who were involved in developing their own bills. Both senators have introduced bills concerning spam in the Senate during the past few years. This bill is a more extensive and complex bill than previous proposals.

What we have seen happen over the last several years is that when one bill has not had success, then the subsequent bill has been an improvement over that bill.

It will also involve several agencies in the regulation of spam, including the Competition Bureau, the Office of the Privacy Commissioner and the CRTC. In addition to setting up a regulatory scheme to deal with spam in Canada, it gives these agencies the power to share information and evidence within our international counterparts in order to deal with spam coming from outside the country. We are literally dealing with an international problem.

The government indicates in its backgrounder on the proposed legislation that the bill is intended to deter the most dangerous and damaging form of spam from occurring in Canada and to drive the spammers outside of Canada. Unfortunately, when we end up driving them outside of Canada, we just drive them somewhere else. That is why we have to work on a worldwide basis to deal with this issue.

The bill can be seen, as I mentioned before, as a complement to the e-commerce legislation that has been gradually developing in each of the Canadian provinces and territories over the last years. That e-commerce legislation set the foundation for e-commerce in the country. By the way, it was at a time when people were not yet buying things online. We were looking at ways to promote e-commerce and people were saying they were very reluctant using their credit card information on the computer to buy the product.

As part of Manitoba'S bill 31, we put in some consumer legislation which, at the time, was only in effect in three states in the United States. This consumer legislation made it a requirement for credit card companies to reimburse the customers, if they purchased something online and did not get the product. It was designed for peace of mind, to get people to accept the fact that if they used their credit card to purchase something on the computer, they need not worry. If they did not get the product, they would not be out the money. Credit card companies were held responsible and they were not happy. They came to the Manitoba government and to its committees to tell them that this was terrible, that they should not be held responsible for this.

However, we were interested in bigger fish, at that time, than the consumer part of the legislation. While that was important, the real reason we brought in the legislation in the first place was to enable the government to streamline the way businesses interacted with government and to facilitate the creation of the common business identifier. For those who know what that is, it was a means of having a common identifier for each business in dealing with governments at all levels.

Up until that time we had a common business identifier for the federal government and then we had a different business identifier for the province. If the business dealt with the province, it had one number. If it dealt with the federal government, it had another number. By streamlining this, we were able to save the province a lot of money at the end of the day by getting all the businesses transferred over to a single business identifier and that eventually led to them being able to pay their taxes and payroll deductions and so on through the Internet. Without that framework that all the provinces set up in those days, we could not have facilitated this seamlessness among the federal government, the provincial government and the business community. As a result of all of that, the business community, by and large, is filing its payroll deductions and T4s by e-file. Other dealings with the government are all being done that way.

There was at that time a major scandal in Ottawa regarding the databases. Ms. Stewart had a problem on her hands, the major Liberal boondoggle of the day. This was when we were doing this. There was some concern from the opposition about how far we were prepared to go, whether there would be problems with database sharing and so on. Whenever we try to do something, there is always a negative side of it that we have to look at, and it slows down what is a good idea.

In terms of the electronic commerce and the e-government initiatives, the common business identifier I just talked about was really low-hanging fruit for all governments to work with, because they controlled all the elements of it. So far that has been very successful. Once again, this is simply a companion bill to those original pieces of legislation.

The bill would expand the federal government's participation. The federal legislation related to e-commerce governs the basic privacy requirements for private sector organizations and electronic documents within federal jurisdictions and provinces and territories that have not yet set up their similar legislation. In a number of cases, the provinces opt to sign on to the federal legislation and therefore they avoid developing their own legislation.

As I said, Canada is the last of the G8 countries to introduce specific anti-spam legislation. Some existing Criminal Code provisions were identified by the task force as being of possible assistance in prosecuting spam cases. The task force worked with the Department of Justice and the technological crime branch of the Royal Canadian Mounted Police during 2004 and 2005 to identify the evidentiary requirements to bring a charge under the existing provisions, although when the task force report was published, these provisions had not been used for this purpose.

Other agencies, such as the Office of the Privacy Commissioner of Canada and the Competition Bureau have received complaints from members of the public about spam as well, and there has been no over-arching framework for addressing such complaints.

The listening public may not be familiar with some of these terms. They would be familiar with identity theft. Phishing is certainly a popular word these days, although a lot of people do not know what it is. There are also spyware, viruses and botnets. The bill will also grant additional right of civil action to businesses and consumer targeted by perpetrators of such activities.

The definition of phishing is the impersonation of a trusted person or organization in order to steal a person's personal information, usually for the purposes of identity theft. The only other one that I would mention is botnet, because people do not necessarily know what that is. A botnet is the collection of zombie computers used to send spam or for another purpose. A zombie is a computer that runs malware so the computer can be remotely controlled by the creator, distributor or controller of the malware.

Once again I am short of time, but I am ready and very eager to take questions from my colleagues.

Mr. Speaker, I thank the member for reminding the members about some of the specific provisions in the bill. There are still some concerns. The member for St. John's South—Mount Pearl raised a couple of the issues that were there, particularly with regard to disagreements among some of the witnesses about whether or not their privacy protection would be adequately covered.

One of the examples that she used was where reporting requirements to the CRTC would, in fact, be protected from access under the Access to Information Act. No changes are proposed to the Access to Information Act at this point. It does raise a question about whether or not the process of legislation has taken consequential implications into account. I guess that would be one example. I do not know if the member has others.

I do have some concerns that we will be dealing in an area in which the velocity of information and the kinds of technological tools that have been developed so rapidly may always be one step ahead of the legislation in this place unless we get a better process in place.

Mr. Speaker, the member is absolutely correct. That is why we have the committee process in the first place. It is so bankers and many others can come in and see that there is an exposure here. Somebody actually could file a freedom of information request and that banker information that they had given to the CRTC would then in fact be provided to the person who requested it.

I have said that, as the shortcomings of this bill and every bill that we have ever passed are noted, there will be vigilant politicians, many of them who are right here in this corner of the House today, who will be very willing and able to introduce amendments.

I have asked many questions about how this bill will deal with businesses. This is going to be a minefield and a problem for many small businesses. Certainly, businesses want to know that they can deal with their long-term clients and not have to get into trouble if they contact them. That is an issue. If a real estate agent sold a house to somebody three, four or five years ago, does the agent have the right to contact the owner?

I asked my friend from Burnaby that question because that is something to think about. Evidently, there has been an amendment put in by one of the parties to increase that period, but it still may not be long enough.

Mr. Speaker, Bill C-27 is the spam bill. We are thankful that it is finally back in the House because the NDP industry critic, the member for Windsor West, indicated that he despaired that it was ever coming back here. We know how important it is.

Should the bill pass here in the House, which it seems likely to soon, get through the Senate and become law, what is then required? I know my colleague from Elmwood—Transcona asked another member earlier about the kind of advertising program that is necessary to ensure that the public are aware of this legislation and how it would affect them, but also how businesses would be aware of the legislation and the effect that it would have on their business and the way they did business.

I know he was just asking a question about how this would affect real estate agents, for instance, who go back to their former client list and try to use it again as they pursue business. I wonder if he can comment on that aspect of what is necessary concerning this legislation.

Mr. Speaker, I know that in the case of the charity legislation, it too was one of those pieces of legislation that had to start over again with each election, and even though there are thousands of charities in the country, only a small percentage of them, after two or three times of getting the legislation through the House, even know that this legislation exists.

I am not sure exactly what the answer is here, but what I am saying is that the government has enough money to spend millions on feel-good advertising, basically just short of outright political advertising. Surely, it can put some money aside to advertise such an important bill as this to the public and to the businesses, and work out some creative ways of getting the information out there to the business community, so that it can start following the act correctly and not get itself into a situation where it is doing things it is not supposed to be doing because I do not think that most business people would want to do that.

That is where we get into the issue of real estate agents, insurance agents, and other people who have a business relationship with clients. How far back can they go to solicit the business? If an agent sold a house to someone five or ten years ago, does he or she have the right to send the owner a letter or contact the owner regarding a house sale? That was really my question there.

Mr. Speaker, I appreciate the speech of the member for Elmwood—Transcona, which gave us a lot of useful information on the legislation.

A lot of the activity that would be prohibited is currently legal, but on the other hand, a lot of the things that people complain about are actually illegal even now. If I get an email message purporting to be from the Bank of Commerce or the Royal Bank that there has been a error in my account and asking me to give my bank account number and PIN, that is obviously somebody committing a fraud. That is illegal now. I am assuming that this legislation is not going to change that and we do not need this legislation for that.

Then there is the person writing a letter saying he or she is the spouse of some former or deceased, corrupt government official in Africa and has $10 million to share with me. That is already illegal and maybe this bill can do nothing about that because it comes from Nigeria, the U.K. or some offshore account.

The first question is, would this bill stop anything coming internationally and are there mechanisms to co-operate with other governments to make that illegal here in Canada? The crime may not be committed here, for example, yet someone has access to email accounts or addresses within Canada. That was one question that I had concerns about.

Would this be something that would help that? I suppose if there were, he would have told us, but we know that when we had the do not call list, it turned into an opportunity for people to get access to all these numbers and as soon people signed up for the do not call list, they started getting calls.

Are there any fatal flaws like that in this bill that the member is aware of?

Mr. Speaker, it has never ceased to amaze me that people will go to a boat show or some show, and willingly give out all their private information to join a free draw, when they should know that the boat seller is simply going to take the card and contact them about buying a boat, and that they are all going to be winners in the draw that happens afterward.

When things are going in their favour, they are very supportive, eager and happy, but if it gets into a situation that they are not happy about, then the argument about their privacy rights or other rights becomes an issue here.

It is a big minefield for businesses when they are dealing with this type of legislation. It really depends upon the people themselves as to whether or not they want to make complaints.

This bill has a provision for people to take action on their own. There is no provision for class action here, but if the CRTC does not take action, there is a provision for an individual right of action, which the member, as a lawyer, will know is probably a valuable addition to the bill.