Electronic Commerce Protection Act

An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act

This bill was last introduced in the 40th Parliament, 2nd Session, which ended in December 2009.

Sponsor

Tony Clement  Conservative

Status

In committee (Senate), as of Dec. 15, 2009
(This bill did not become law.)

Summary

This is from the published bill. The Library of Parliament often publishes better independent summaries.

This enactment establishes a regulatory framework to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities.

It enacts the Electronic Commerce Protection Act, which prohibits the sending of commercial electronic messages without the prior consent of the recipient and provides rules governing the sending of those types of messages, including a mechanism for the withdrawal of consent. It also prohibits other practices that discourage reliance on electronic means of carrying out commercial activities, such as those relating to the alteration of data transmissions and the unauthorized installation of computer programs. In addition, that Act provides for the imposition of administrative monetary penalties by the Canadian Radio-television and Telecommunications Commission, after taking into account specified factors. It also provides for a private right of action that enables a person affected by an act or omission that constitutes a contravention under that Act to obtain an amount equal to the actual amount of the loss or damage suffered, or expenses incurred, and statutory damages for the contravention.

This enactment amends the Competition Act to prohibit false or misleading commercial representations made electronically.

It also amends the Personal Information Protection and Electronic Documents Act to prohibit the collection of personal information by means of unauthorized access to computer systems, and the unauthorized compiling of lists of electronic addresses.

Finally, it makes related amendments to the Competition Act, the Personal Information Protection and Electronic Documents Act, the Canadian Radio-television and Telecommunications Commission Act and the Telecommunications Act.

Elsewhere

All sorts of information on this bill is available at LEGISinfo, provided by the Library of Parliament. You can also read the full text of the bill.

October 5th, 2017 / 11:20 a.m.
See context

John Lawford Executive Director and General Counsel, Public Interest Advocacy Centre

Thank you, Mr. Chair.

The Public Interest Advocacy Centre, or PIAC, is a national, non-profit organization and registered charity that provides legal and research services on behalf of consumer interests, and in particular, vulnerable consumer interests, concerning the provision of important public services.

PIAC has been active on the spam file since before the anti-spam task force was constituted in 2004. We testified before this committee in relation to then Bill C-27 in 2009 in support of the legislation. We supported the legislation as passed in 2010.

Our message today is simple. Canadians benefit from some of the world’s strongest protections against spam. Canada’s anti-spam legislation generally keeps business from sending spam unless the recipient has provided express prior consent and can easily unsubscribe. This is the great Canadian innovation. Trust consumers and citizens to control their privacy in the marketplace not marketers.

Has CASL been working for consumers? Currently, the CRTC is receiving about 5,000 complaints a week about email marketers not respecting CASL. One report from spring 2015 found outgoing spam volumes from Canada dropped 37% and overall email volume, spam and legitimate email, received by Canadians also dropped about 30% in the immediate period after CASL came into full force on July 1, 2014.

Since then Canadians have enjoyed the control of their email and other electronic communications by giving their consent to email, texts, and other electronic messages only to those companies with which they deal and by being able to unsubscribe from any email list that they wish.

Companies can still reach Canadians via email. There is no commercial email ban. Consumers buying products and services or who reach out to the company in question can expect two years of emails before the existing business relationship is deemed stale and the emails must stop. While consumers have a valid contract with a company, emails are allowed during the contract and for two years after that contract ends, unless of course the consumer unsubscribes on the handy link on each of these emails.

If a company does not follow these simple rules that put consumers in control, consumers can report the spam by completing a complaint form at fightspam.ca. As mentioned, up to 5,000 consumers a week file complaints.

Spam still wastes consumers’ time and reduces their confidence in electronic commerce, as it continues to deliver not only irrelevant, unrequested marketing but also deceptive and fraudulent messages and malware. What is different now is that the CRTC, Competition Bureau, and Privacy Commissioner of Canada can pursue companies for doing all these things.

Alysia.

Immigration and Refugee Protection ActGovernment Orders

December 7th, 2010 / 10:55 a.m.
See context

Bloc

Thierry St-Cyr Bloc Jeanne-Le Ber, QC

Madam Speaker, I am very pleased to be speaking about Bill C-35, which we are debating today. We have talked a lot about immigration consultants, which are the focus of this bill.

I want to begin by speaking about the bill's title. Those following the debate since speeches started in the House this morning at about 10:20 a.m. would initially have seen it indicated on their screen that we are talking about the “Cracking Down on Crooked Consultants Act”, or the “Loi sévissant contre les consultants véreux” in French.

If they are watching now, they will probably see that we are talking about An Act to amend the Immigration and Refugee Protection Act. This was changed because, likely, at the beginning of the debate the audiovisual team was using the former title of the bill.

In committee, it was decided that the title should be changed to make it more neutral and objective. There are a number of reasons for this decision. Even though we all agree that a bill title has no legal effect and is simply a secondary element in the debate about the substantive clauses and the actual provisions of the bill, the title is still important. On one hand, the title is important from a social point of view because it can affect how people perceive the bill. On the other hand, it is important from a political point of view because it is a tool used by the government to engage in political marketing and even to change the essence and intent of a bill for its own purposes. The government is using this technique more and more.

I will discuss both cases, beginning with the one before us, Bill C-35. It seems to me that the government was using the bill's original title for political purposes. They said they would attack crooked consultants. That sounds like an opinion to me. Opinions have no place in the law. The government should stick to a technical description of what the bill does, which in this case is amend the immigration act to require people who want to practise as immigration consultants and who are not already members of a provincial bar or the Chambre des notaires du Québec to be members of a body to be designated by the Minister of Citizenship, Immigration and Multiculturalism. That is what this bill would do.

In practice, will this actually improve the situation and crack down on crooked consultants? That is a matter of opinion. Every member of the House is entitled to an opinion on the subject. I suppose that if the bill receives unanimous support, as it seems to have, that means people pretty much agree. Of course, the 308 members of the House can make mistakes. In the end, history may confirm that we have not. I do not think there should be anything subjective in the title.

If we want voters and the public to respect us, we should be humble enough to resist using bill titles to promote any messages, claims or opinions whatsoever. We must also take into account the potential social impact of an inappropriate title. In this case, they were calling it the cracking down on crooked consultants act.

Imagine consultants telling their clients to trust them because they have been accredited under the cracking down on crooked consultants act. As if. Picture the certificate hanging behind a consultant's desk, stating that the consultant has been accredited under the cracking down on crooked consultants act. That is not what the bill is about. This bill is about consultants who are not crooked. That is why the title of the bill was changed. Personally, I hope that the government will put an end to this practice, which has been observed in several House committees.

It is a ridiculous practice, one that wastes a great deal of parliamentarians' energy. In many cases, the bills do not even accomplish what is stated in the title, and that skews the democratic debate.

Since there is unanimity in the House on Bill C-35, I would like to provide a few other examples. In fact, most of the disagreement in committee was about the title.

There was Bill C-27, the Electronic Commerce Protection Act. Once again, the title was a claim. There was also the Protecting Victims from Sex Offenders Act. That is a matter of opinion; we may or may not agree that Bill C-34 will actually protect people from sex offenders. Then there is the Justice for Victims of Terrorism Act. I gave examples from different Parliaments, and there are others from the current session. We have bills pertaining to security that are named in memory of a victim whose case has nothing to do with the bill in question.

Getting back to immigration, given that this is the subject of the bill before us today, there is Bill C-49, at second reading. The title, Preventing Human Smugglers from Abusing Canada's Immigration System Act, is an opinion. In fact, most observers, including the opposition members in the House, find that the bill does not in any way deal with smugglers, but rather targets refugees. The title also refers to people who abuse the immigration system. The bill does not refer to the immigration system but to the refugee protection system. The title is completely at odds with the reality and serves as a political marketing tool.

The government has said that people support their bill. It conducted a poll and asked whether people agreed with the law to prevent human smugglers from abusing our immigration system. Everyone is evidently in agreement. The problem is that the bill does not do what the title says.

Clearly, this is a ploy on the government's part. Basically, the government is admitting that it knows very well that it will not be able to sell the contents of its bill to the public. So it is using smoke and mirrors. It is using the title as an intermediary to try and suggest that one of its bills cracks down on crooked consultants and therefore must be a good bill. It has a bill that cracks down on human smugglers, so it is a good bill.

The most pathetic title we have seen in this House was the title of a bill that was something like: an act to stop the trafficking of minors, even though the word “trafficking” was not mentioned once in the entire bill. The bill had a title that referred to the trafficking of minors, even though the bill was not about that.

Clearly, this is a recurring ploy that must stop. I am very pleased that the members of the committee agreed to stop playing the government's game. I hope the government will have the wisdom and good sense to stop playing these ridiculous little games. The parliamentary secretary talked about it and so did my Liberal colleague, the hon. member for Papineau, and I imagine my NDP colleague will also talk about it, since we tend to work very well together on that committee; we respect one another, despite our political differences. If the government wanted to demonstrate its desire to co-operate and its respect for the opposition members, it could start by giving its bills legitimate titles, instead of making these inane attempts to manipulate public opinion.

I realize that was a long digression, but I had to do it. All that being said, I will now talk about the substance of the bill.

Those who want to immigrate to Quebec and Canada, whether we are talking about refugees, economic immigrants, immigrants in the family reunification category, or people who come on humanitarian or other grounds, are often overwhelmed and not sure what to do next. They are unfamiliar with our laws and are a bit distressed by the red tape. We can relate because we cannot keep up with all the bureaucracy, requirements and regulations either. It is hard for us to keep track of our rights. Imagine what it is like for an immigrant.

There is a real and legitimate concern and many of these people seek advice on the immigration application process. The advice they are given is extremely important because it can have a significant impact on the ruling to be made and on the rest of their lives. During this process, many decide to deal with lawyers or notaries. That is what I always recommend when people knock on the door of my riding office.

However, others seek advice and representation from an immigration consultant. The problem is that, unlike notaries or lawyers, immigration consultants are not really regulated. The regulatory body for these consultants, the Canadian Society of Immigration Consultants, does not work at all; it is a colossal failure. This agency has serious governance problems and is run by people who commit flagrant abuses. They take liberties and do not administer the agency in the interest of its members or the general public. In my opinion, the Canadian Society of Immigration Consultants has to be abolished. It is beyond repair because it is fundamentally tainted by personal interests to the detriment of its members and the general public. I hope the minister will see it that way when he designates an agency.

A new organization must therefore be created that will better regulate the occupation. Let us hope that, with the new act, this organization will not encounter the same type of internal management problems and that it will have a much broader sphere of activity. Rather than controlling the relationship between the consultant and the government only from the day the application is filed to the day the application is ultimately accepted or rejected, the new act will cover the entire relationship between the consultant and the client or in other words, from the moment a client contacts a consultant or a consultant offers a potential client his or her services. This is a real improvement. However, the organization designated by the minister must do its work correctly and separate the wheat from the chaff.

We have to admit that there are some good immigration consultants; however, there are others who do not do their work properly at all. When touring the country, we were told that some consultants were abusing their ethnic proximity a little or even a lot. Someone immigrates to a new country where they do not know the system and do not know whom to trust, and then they meet someone from the same ethnic group who has successfully immigrated to Canada. Human nature being what it is, they might have a tendency to trust that person more than someone else.

Many crooked consultants—that is how the minister referred to them at the beginning—will abuse this trust. Sometimes these people do not know French or English, nor do they know the laws. People may pay a consultant thousands of dollars and that consultant will not even bother to submit their applications. They wonder why they have not heard anything, so they call the constituency office or the department only to be told that their application was never received and no one has ever heard of it. It can take years before they figure this out. There was a similar story on the news yesterday morning: a lady paid thousands of dollars but her application was likely never submitted.

We have taken a step forward. The House can pass laws, but it does not create the regulations. It is not the House that ultimately does the selection. The minister's role in that regard is very important. He must make wise choices and not usurp the will of Parliament, as has happened in the past, particularly in terms of immigration. He must comply with legislation and ensure that there is finally a real regulator that lives up to that title. Competent people are needed in order to ensure that the immigration consultants in Quebec and Canada are competent.

I have one last aside. Throughout this process, I have insisted that we must ensure that immigration consultants in Quebec are familiar with the requirements of the Quebec immigration system, which has its particularities. There is an agreement between Canada and Quebec. This must be recognized. If there are two categories of immigration consultants in Quebec, people who are submitting an application will not know whether their consultant is able to advise them on all of the possible options or just those that fall under either federal or Quebec jurisdiction. I maintain that, in dealing with immigration issues, we must always remember that the situation in Quebec is different and requires special treatment.

I would like to repeat that there is a good deal of collaboration in this committee. If there are interesting bills, we will study them. I do want to share a little frustration that is not the fault of the committee members or our chair, but it is a result of parliamentary procedure, which seriously limits us with respect to amendment possibilities. We could have developed a better bill if we had had more latitude, as parliamentarians, to make amendments that would change the bill's scope and give it a better direction. That is a problem for all parliamentarians. I hope that we will be able to have a look at this issue in the near future.

In the meantime, overall, I think that the bill before us deserves the support of Parliament.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 4:25 p.m.
See context

Liberal

Paul Szabo Liberal Mississauga South, ON

Madam Speaker, we are debating BillC-28, which I must admit is a very important bill. A number of members have had an opportunity to speak on it, but I would like to read into the record the summary of the bill. The summary of a bill is usually a fairly good synopsis of what the bill would do.

The summary of Bill C-28 states:

This enactment establishes a regulatory framework to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities.

It enacts An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act, which prohibits the sending of commercial electronic messages without the prior consent of the recipient and provides rules governing the sending of those types of messages, including a mechanism for the withdrawal of consent. It also prohibits other practices that discourage reliance on electronic means of carrying out commercial activities, such as those relating to the alteration of data transmissions and the unauthorized installation of computer programs. In addition, that Act provides for the imposition of administrative monetary penalties by the Canadian Radiotelevision and Telecommunications Commission, after taking into account specified factors. It also provides for a private right of action that enables a person affected by an act or omission that constitutes a contravention under that Act to obtain an amount equal to the actual amount of the loss or damage suffered, or expenses incurred, and statutory damages for the contravention.

This enactment amends the Competition Act to prohibit false or misleading commercial representations made electronically.

It also amends the Personal Information Protection and Electronic Documents Act to prohibit the collection of personal information by means of unauthorized access to computer systems, and the unauthorized compiling of lists of electronic addresses.

Finally, it makes related amendments to the Competition Act, the Personal Information Protection and Electronic Documents Act, the Canadian Radiotelevision and Telecommunications Commission Act and the Telecommunications Act.

Most people would recognize this as the bill to deal with spam, but actually it is much more than that. So I took the opportunity to go back and look at the representations made to the House by the minister himself when the bill first came forward. I would like to quote a brief section of his speech in which he says:

Threats to the online economy include more than just spam. They include spyware, malware, computer viruses, phishing, viral attachments, false or misleading emails, the use of fraudulent websites, and the harvesting of electronic addresses.

Here is an interesting point. He says:

These threats are not just nuisances. Some are fraudulent, some invade privacy, and some are used to infect and gain control over computers. It is estimated that spam costs the worldwide economy $130 billion a year.

He goes on to say:

The bill before us contains important provisions that will protect Canadian businesses and consumers from the most harmful and misleading forms of online threats. It improves the privacy and economic security of Canadians in the electronic environment. It offers a host of clear rules that all Canadians will benefit from. It will promote confidence in online communication and electronic commerce.

The bill before us stakes out new ground in Canada.

Here is an interesting point:

Currently we are the only G8 country and one of only four OECD countries without legislation dealing with spam. This bill will rectify that situation.

In developing the bill, we have been able to incorporate the best practices of other countries that have launched similar efforts.

That is not exactly what the members said today in debate. It is kind of interesting. In fact, some members said that we have not even put forward legislation that takes into account all of the best practices of the G8 countries that have legislation in place. We have come up short on that. As a matter of fact, it was described that we are going to be playing catch-up. That point was made several times today during debate.

It is concerning because this is a very serious problem. We are ranked fifth in the world in terms of spam. I believe nine billion spam messages are received each and every day in Canada.

There is a cost associated with it. The worldwide cost is some $130 billion. Canada is fifth and we have about 10% of that. So we are talking about a lot of money, and based on the debate in the House, which has been substantively just opposition members, not enough rigour has been put in this bill to make sure that it is effective, the wish of the minister that this is going to be a good thing. We have missed the boat a bit.

One reason is that most of these problem areas come from international origins and they are beyond the reach of the laws of Canada. So all of a sudden we have to take out all these mass emailings sent out by persons who are not resident in Canada and are outside the reach of our laws. I will speak a bit more about that later.

The other part that was discussed very substantively during the day had to do with penalties. The infractions are under clauses 43 and 44, but with regard to the penalties, it says in subclause 47(1):

Every person who commits an offence under section 43 or 44 is guilty of an offence punishable on summary conviction and is liable

(a) to a fine of not more than $10,000 for a first offence or $25,000 for a subsequent offence, in the case of an individual; or

(b) to a fine of not more than $100,000 for a first offence or $250,000 for a subsequent offence, in the case of any other person.

It seems to stop there, ostensibly, in terms of the fines.

The point made in debate was that these are just fines. The growth of spam in Canada continues and we are playing catch-up. Despite the fact that this is proposing some fines, the argument has been that it does not seem to represent a sufficient deterrent to the perpetrators of, in many cases, the frauds.

Since the year 2000, online sales for Canadian companies have increased nearly tenfold. Ten years ago, online sales in our country were less than $7.2 billion. In 2007, the sales reached $63 billion. When we consider the magnitude of the economic activity going on in these unsolicited emails, we have to wonder whether, if someone gets caught, a fine of $10,000 or even $250,000 is going to be a significant deterrent from continuing the practices of spamming and the other forms of offences.

The point has been made a number of times that we missed the boat in terms of the penalties for offences. We have not taken into account that although the CRTC and the Competition Bureau will have the tools to impose fines, we do not have criminal sanctions here. There are going to cases, undoubtedly, where we are talking about billions of dollars that have been made by companies, without the fear of any criminal prosecution, just a fine. That, I believe, is a big flaw in this bill.

Regarding the admission that it did not go as far as other G8 countries and that we are playing catch-up, this bill has been around for five years. Previously it was Bill C-27. It is now Bill C-28 under a new Parliament, after prorogation and/or an election, but we are still playing around ostensibly with the same act.

If we look at the briefing notes, it is substantially still the same act. I really have to question whether there is a strategy to deal with the whole problem. The deterrents and penalties are certainly one aspect of it.

Recently, we have been dealing with some other pieces of legislation that I had an opportunity to deal with. One I think was just yesterday, a bill on tax treaties with Greece, Turkey and Colombia. It included the fact that we would be entering into information-sharing agreements with these countries.

It turns out that Canada has tax treaties with more than 90 countries around the world. We have relationships with virtually with every major economy around the world, and we do it because we want to eliminate double taxation, we want to deal with tax avoidance issues and we want to promote trade, et cetera. It is a good thing.

Why is it that we did not discuss information-sharing agreements on Internet abuses at the G8 and G20 summits? We paid $1 billion for one of those meetings. Surely we could have talked about some substantive matters, such as a problem that is costing the world $130 billion a year. It is not insignificant. That is 130 G8 meetings. That concerns me.

In the Income Tax Act there is a general anti-avoidance provision. Because there is a concern about being behind in our ability to keep up with the changes in technology and not even up to speed with what other G8 countries have been doing, we have the situation that, given how long it takes to bring forward new legislation and make the necessary changes, the time lag is so great that it is a tremendously expensive proposition when we know that it is going to grow.

I am wondering why the government did not pursue information-sharing agreements and things like the spirit of a general anti-avoidance provision, something that would say that notwithstanding what the act says, if the government believes people have done something that gets around the rules and in fact perpetrates fraud, the process of fraud or other offences under the act, it will be able to prosecute them as well, even though it may not be specifically in the act or have been contemplated.

That is why we have regulations to legislation. Rather than putting all the items in the legislation, we put them in regulations, which we can amend by orders in council fairly quickly. We do not need new legislation.

I am not sure at this point whether there was an opportunity missed. It would have been helpful to have built in some sort of a mechanism whereby the legislation, particularly in this case, was adaptable or was able to address emerging technologies and some of the issues that are coming out.

The other bill we dealt with recently that spurred some interest with me was the requirement for Internet service providers to report websites, et cetera, that had information or depictions of the sexual exploitation of children. The whole purpose of the bill was to require Internet service providers to report those things. It is an important element in the overall attempt to deal with the sexual exploitation of children.

Could this bill not have had a requirement or obligation for people who are involved or who become knowledgeable about the people behind some of these fraudulent activities to report? Intuitively people would say, “I respect the law, but I am not sure whether I am obligated to report if I become aware”. Maybe we should understand what the consequences are if we allow it to carry on, and perhaps there should have been some initiative that would have spurred people to report when it comes to their knowledge.

One of the experiences I have recently had, which most members have had, is that we received an unsolicited email apparently from a bank, which has the actual logo of TD bank or Scotiabank, for example. It purports to be our friend and tells us our account has been suspended and we have to get in touch with the bank, blah, blah. I printed that email before I deleted it and took it to the bank, which told me those things originate offshore and there is nothing banks can do about it, and that was about it. The banks ought to play a greater role in this. This is a big part of it. This is where there are people who prey particularly on seniors, the ones who are most vulnerable. When they are sent an email that says the bank has a problem and they have to get in touch, once they press the button and respond, they are in the system. Now they are targets. Now they are at risk.

We did not deal with that. We should have dealt with that. I do not know how. I am not saying I have the answers, but we should talk about it. Are other jurisdictions doing it? If these come from offshore, it is a case where we should have entered into information-sharing agreements and worked collaboratively with countries around the world? We certainly could have agreements with the 90 countries with whom we have tax treaties on matters that are harming all of us, when someone is in one jurisdiction and doing harm in another. We have seen that with regard to Switzerland and Liechtenstein with regard to tax havens, money-laundering and all kinds of things. When are we going to start entering into serious negotiations with our partners in trade and any other country that wishes to, for mutual benefit, to deal with these things? Where is the strategy? That is what is missing.

As I indicated, the penalty regime is not quite right. The issue with regard to dealing with the international situation seems to be ignored. We do not know what the dimensions are there.

The fact that it has taken five years already to get to this point does not send a warm fuzzy signal that we are really serious about this. Why does it take so long? When we bring bills in, why do we not start them with the minister or whoever is going to present the bill to the House and deal with it right through so that there is a continuity of the debate and a consensus that starts to develop? Second reading should be an opportunity for members to alert committee members to the kinds of concerns they have. This is where some of the fodder comes from in the legislative process. We cannot make any particular motions at second reading to change things, but we certainly can make recommendations to the committee and then make sure that committee is ready to deal with it. There is no point in putting forward a bill when there are 10 other bills waiting in a hopper to get into a committee, because it will not get dealt with for months.

In scheduling the House business, a particularly important legislation such as this seems to have been an orphan. I wish it had been dealt with quickly and, when it went through committee and came back here, we did not have debate last May and some more debate in September and now again in November. The continuity of the bill has been appalling. The issues have been on the table and this is something that has the support of all hon. members, all the parties. So why does the government drag this out in terms of how it schedules the bills for debate in the House? If it really cared about it, this would have been bang, bang, bang. The House leaders should have talked to each other. In the U.K. they have discussions to decide how many speakers there are going to be, they have the speeches and they deal with it.

I would suggest it is an important bill. I support the bill. The House will support the bill. We should get on with it, but the minister should know we are very concerned that we did not go far enough and that the bill may be a false start on the resolution of a very important problem.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 3:55 p.m.
See context

NDP

Brian Masse NDP Windsor West, ON

Mr. Speaker, it is a pleasure to rise on Bill C-28, formerly Bill C-27. A little bit of history on the bill is important. This is a bill that will limit spam in this country and there are a number of different correspondence issues, not just email. There are several others I will get into later on, but it is important to recognize that this is important for Canada because we are the only one of the G7 countries that does not have a management style anti-spam bill. That is important for us to change.

New Democrats have been pushing for this for years and I want to touch at the beginning of my presentation a little bit on why we feel so strongly about the bill. It was formerly Bill C-27. With prorogation of Parliament that bill was shelved and did not go forward. We played a key role in getting that bill passed with the government. There were attempts to water it down by both the Bloc and Liberal members, but we made sure that the essence of the bill remained when there was lots of lobbying pressure from a number of different business and other organizations that rely upon electronic media. Some of it is done with good intent. Some of it is done with ill intent. But we were able to do that by taking out a provision where the government at one point was allowing a clause in the bill whereby if one had agreed to an electronic advertisement from someone that person could actually use that to go into one's computer and phish through it for further information. We had that clause taken out of the bill and compromised on that so we could move this forward.

Unfortunately, with prorogation, the government lost its opportunity and the bill died despite actually going through the chambers, and that is unfortunate because we did not get to have that legislation come to fruition. The bill reintroduced is taking quite some time in this latest government round. I am rather surprised it was not tabled during one of the first weeks post-election when we came back to the chamber. There certainly was a willingness on our side to get the bill moved forward and there were a few more changes added that were important to clean up the bill, but did not really essentially change anything. Then it moved quickly through committee and to this point in time.

It is a good opportunity for Canadians to revisit some of their rights in particular. I feel this is very much a social issue and a justice issue because when we look at the violations that go through spam it is not just the mere deleting and the pain of doing that, it is also a means of economically undermining people as well by phishing for information and privacy issues. It is important that the bill passes and I am hoping that it does so rather quickly in the other chamber when it goes there because it is critical.

What really defines New Democrats as different from the other parties in this are the rights people should have as users on computer systems and the Internet. This is something that I continually impressed on those who kept on pushing back on the bill. What I am referring to is the reality that when people buy a computer system, they pay the money. Then after that they pay for the use of the system not only through electricity, but also if it is activated on the Internet. They pay for the programs that are installed on computers that they use. They pay for all those elements out there.

At the same time, their rights were being ignored and, in my opinion, trampled on by others dumping all kinds of unwanted and unsolicited information and material, some of it even malicious, that affected computers, and that is wrong. There should be the rights of the users who pay for all of that, not just the initial outlay, but also the continuation of services every month through a provider. That is a key element that is important about this that gets overridden to a certain degree. With the explosion of the computer use and the Internet evolution, there were no rights granted to the user of any significant magnitude. As well, it allowed the introduction of a number of different commercials and even affects the performance of computers and the work people are doing by having malicious spyware and other types of things that end up on computer systems.

This is at the heart of it. Is this bill going to restore some justice to the Internet? Is it going to bring some accountability, bring Canada into this century in terms of its response and put penalties on those who do it?

For those who do not think it is a serious issue, I want to refer to a Cisco study that was done a couple of years ago. It found that there were around 200 billion messages per day and 90% of emails sent worldwide were spam. There were 200 billion messages per day being sent out to all kinds of people from all over the world and Canada, unfortunately, was one of the places that had spammers.

It was not individual people sending out that message. It was also those hijacking computers and creating what are called botnets. That is where people write programs and send out messages that would infect somebody else's computer so that people's computers become like zombies and send out a series of files, information and messages.

That happened to one of my accounts. It was hijacked and messages were sent out under my email address. A lot of people have faced this. That is why a lot of different software packages have been introduced. Because of the aggressive nature of those who are doing this, it has become an industry in itself just to police it. Various types of software are being used, which require constant upgrading to deal with all of the different infections taking place on computers.

What is important to recognize in that respect is that people are affected in a number of ways. Not only are their reputations affected by their names being tagged with material they do not approve of but it also affects the capabilities of their computers and sometimes their privacy.

There are also phishing scams to trick people. How that works is if people agree to something, there are unintended consequences that are not clear because there are no rules about that. Some people were giving out personal information, and there are those who said they knew what they were doing because they said yes.

We heard the argument from some of the people who use advertisements and so forth that once people agree, it is basically carte blanche. That is not fair and the reason is that yes, people made the mistake when they did it, but people are virtually learning on the computer every single day.

I know seniors today who are taking up the computer and its technology that they never had before, and they deserve protection from the government on that. The Internet has become very important, not only for communicating on social matters but also in allowing people to conduct their public and private affairs.

Public affairs means being connected to the world and communities and allows people to understand what is happening out there and to interact in that element, especially those who do not have the capabilities to get out any more, who do not have transportation or whatever the case may be. It is their connection to the community, and that has become clear through sites like Facebook and a whole series of other social media.

People use these avenues now to connect to their own community, not just to look at things or obtain information from across the globe, which they can do as well. It is very much part of people's lives, and those of neighbours, friends, family and so forth.

The second reason people deserve protection from the government and the forces who want fair play on the Internet is because people use it to conduct business, financial transactions such as paying bills, making investments and a whole series of things. Online elements have become critical for the daily administration of businesses and people's pocketbooks. That is key too.

There is the entertainment aspect as well, another critical part. People take part in everything from video games to movies. They can watch television now and a whole series of things. That is why with these elements of phishing, botnets and spam it is important to recognize the seriousness of it. It is not simply about deleting the thing that arrived in one's mailbox that was unwanted. It is about the abuse caused if one has those different elements affecting one's system.

New Democrats believe when a consumer buys equipment, programs and a service provider, the consumer's rights come first. That is an important difference. Technology will change even more. Some of the programs and the writers will become even more vicious. That is why it is important we start with the number one principle.

I will to refer to the international scene so we can get a clear understanding of this issue. Cisco reported that the United States was the single largest source of outgoing spam, accounting for 17.2% of all global spam. Canada was the fourth largest source with 4.7% of global spam. Behind the U.S., Turkey and Russia, Canada has a significant per capita.

The United States was referenced at 17.2% and Canada was at 4.7%. That is because the U.S. brought in what was affectionately known as the can spam bill. I hope Bill C-28 will be more effective than the American legislation, but we will see. It has been done with a bit more diligence.

Members will remember the legislation with respect to the do not call list. The government rushed it through and it failed miserably. It was an abuse on Canadians and an embarrassment to the government. We warned the government that it would not respond to the needs of Canadians.

There is a remedy. I took some criticism for supporting the government in a key vote on that legislation. I agreed to allow the minister to amend the do not call list legislation. I thought it was important for consumers to have that capability so I agreed with the government. Canadians want a do not call list that works. Improvements have been made to it and NDP members are happy with the changes.

I want to touch a bit on the types of information in the bill. I want to ensure people know that it is not just spam email defined under abuse. Instant media messaging, use net and user groups spam, web search engine spam, spam in blogs, wiki spam, online classified ad spam, mobile phone messaging spam, Internet form spam, junk fax transmissions and file sharing network spam are all included.

It is important to note that. Those who abuse these types of communication devices will be subject to a series of penalties and fines. I will get into that a bit later. There will be better enforcement power. There will be a better process to stop those who send messages in those different formats to people who do not want to receive them. It is key that be the case.

The spam that we are focusing on has a number of different cost factors. There is the overhead cost, which is electronic spamming, including bandwidth, developing or acquiring an email, wiki blog spam tool and taking or acquiring the zombie computer.

Materials used on a computer system, whether it be the actual computer itself, the server, the websites, the other tools and applications such as a dot design can get infected. They then have to be administered by new software upgrades, hardware upgrades, a series of different things depending on what the spam has done to the computer.

Say, for example, a web designer has to design another management system related to security provisions to block certain things coming in. A physical cost is going to be involved as well as a programming cost. That is basically lost productivity in the Canadian economy. There is a cost to people doing work because others have abused or caused problems maliciously.

There is also a transaction cost. The incremental cost of contacting each additional recipient when one method of spamming is multiplied by the number of recipients. There is risk of legal or public reaction, including punitive damages.

On the transaction cost, it is not only the cost of responding, but also the public image or whatever it might be. There could be any host of emails coming in that are disingenuous and presents one's company or oneself in an ill way. Often those affected have to physically spend the time to re-contact people.

Also, one's reputation may be at stake. If people have their names tagged to something they do not support, that can be very damaging to them, given some of the content that is on the Internet today. Companies can suffer from this as well. This is another cost.

As well, damage is another cost. Damage can take place in a number of different ways, from people's reputations to a community and other types of areas. For example, Canada is currently known as a spamming country. We know that other countries look at us in an unfavourable way because we have not dealt with spam in a responsible way until now.

Spam is also used in crime, and this is important. In our opinion, it is a violation of not only consumer rights, but it is crime. We have seen viruses, Trojan horses and malicious software, often with the objective of identity theft and fraud.

There are people who lose information. There is sensitive information on computers, for instance, payment of credit card bills, real estate or other types of transactions, and all types of purchases. We see more and more purchases through several different sites taking place now.

When people experience identity fraud, they face a series of things. First, they have to find out when it took place and what has gone out. As well, the damages are part of that. Whether it is credit card theft or the use of their names and IDs to do things on the Internet, that can significantly affect them.

Also, and this is important, some people are not used to using the Internet or are just learning to use it. They become pawns for those who are very clever about using this information, technology and the different types of spam. Basically, there are predators. If people are not skilled or do not know the full effects of what they are doing, it does not make it right that they are taken advantage of. The bill's increased fines and penalties will be a significant deterrent when we look at some elements that need to be changed.

I recognize the work of the 2004 national task force on spam, which went across the country. It got things going and unified Canadians around the rights of the spam bill. It is important that we recognize the task force.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 1 p.m.
See context

Liberal

Anthony Rota Liberal Nipissing—Timiskaming, ON

Mr. Speaker, it is a pleasure to speak to Bill C-28, the fighting Internet and wireless spam act, better known as FISA. It is designed to curb the flow of spam, unwanted installations of unauthorized and sometimes malicious software and the unauthorized collection of personal information. In other words, it aims at stopping spam emails. With spam emails, we do not always give prior consent and that is what makes them so obnoxious.

I have been listening to a lot of the speeches and going through the bill and it really is a dry topic. It is something that, unless one is really into the technical side of things, does not excite people until it hits our computers or our homes. That is when we really feel the impact that spam has on individuals.

I want to do a bit of a history. In 2004-05 the Liberal government of the day established an anti-spam task force and recommendations for actions were put forward. The Liberal recommendations called for the government to introduce legislation to prohibit four things: first, the sending of spam without prior consent of recipients; second, the use of false or misleading statements that disguise the origins or true intent of the email; third, the installation of unauthorized programs; and fourth, the unauthorized collection of personal information or email addresses.

I would like the members to remember these four points because they will be showing up again and it is important that we finally get there. Of all the G8 countries, Canada is the only one that does not have legislation in place yet. When we look at something like this, we have to ask why Canada has really lagged behind.

Had the government continued under a Liberal government back in 2005, we would have had legislation. However, unfortunately the NDP leader decided that in 2005, it was time to stop supporting the Liberal government of the day. I think history will look back and see where progressive thought really slowed down, if not stopped, for a number of years. It will not be pretty when people look back and see what was lost. Whether it was legislation on spam, child care or first nations rights, it will not be viewed positively.

Let us get back to Bill C-28. It was originally introduced by the Conservative government as Bill C-27, which died in prorogation. Prorogation normally is not something we speak of positively. I look at prorogation and it really was something Canadians did not want, it was something Parliament did not really want and it caused a lot of problems. However, one thing it caused was the death of Bill C-27.

Prior to the prorogation, many flaws were exposed in the bill and when it came back, the good thing was that many changes were made. Bill C-28 was introduced after the return from prorogation, with the changes to correct many flaws identified. I am pleased to see the Conservative government decided to act on the recommendations of our Liberal task force and the recommendations of the industry, science and technology committee.

Legislation in a fast moving area such as technology must be monitored closely to ensure it does not stifle legitimate electronic commerce in Canada, while accomplishing its intended purpose.

The real test of Bill C-28 will be in its implementation. How diligently will it be reinforced? What resources will be allotted? How serious is the government in protecting Canadian citizens? Those are the questions we will have to look at and really look to see how strong the legislation will be.

One of the things that the legislation calls for is periodic review of the legislation. I talked about how fast electronic media changes and how fast technology changes. That is why the legislation in particular has to be reviewed on a regular basis so it keeps up with what goes on.

In its main provisions, Bill C-28 introduces a new regulatory scheme and monetary penalties for spam and related threats such as identity theft, phishing, spyware, viruses and botnets, and it extends the rights of civil action of their victims. I know a lot of us have heard these terms, but I thought I would take the time to go through them because they are not always well understood and I want to clarify them.

I went on the Internet itself, to Wikipedia, and got some definitions of the individual terms, because I know there are people listening at home wondering, “This is wonderful, but what exactly does it mean and what effect does it have on me?” We all know about spam, which I will define at the end, but spam is just one part of it.

We hear about identity theft. Identity theft is a form of fraud or cheating of another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. The victim of identity theft can suffer adverse consequences if he or she is held accountable for the perpetrator's actions. Organizations or individuals that are duped or defrauded by identity theft can also suffer adverse consequences and losses, and to that extent, they are also victims.

Again, identity theft is one of the points that this legislation takes on. We look at the fraud in it. Someone spoke earlier and asked about the Criminal Code. This identifies it, and fraud is covered under the Criminal Code.

The other term that comes up quite often is phishing, not fishing with an “f”, but phishing with a “ph”. Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social websites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.

Phishing is typically carried out by email or instant messaging and often directs users to enter details to a fake website that looks and feels almost identical to a legitimate one. When we go somewhere on the web and see something saying it is a certain company, we want to make sure that it is real, that it is what it says it is.

Phishing basically sets up a fake facade that people think they can trust. People input information and then the information is harvested and used to hurt individuals. Whether it is taking their money or identity or causing problems for those individuals, we can see where the problem would come.

The one we hear about often is spam. That seems to be the generic one that covers everything. Spam is the use of electronic messaging systems to send unsolicited bulk messaging indiscriminately.

While the most widely recognized form of spam is email spam, the term is also applied to similar abuses in other media, including instant messaging spam, Usenet newsgroup spam, web research engine spam, spam in blogs, wikispam, online classified ad spam, mobile phone messaging spam, Internet forum spam, and junk fax transmissions.

People who have faxes in their offices have had junk fax transmissions come to them. It uses up trees by using paper, it uses up resources by using ink, and it uses up copies that the individual receiving it has to pay for. Sometimes when these transmissions are received in large number, it becomes an expense that hurts.

Social networking spam is something that people are aware of, as well as television advertising and file-sharing network spam.

We have all heard the word “spyware”. Not many people really realize what spyware is. It is a type of malware that can be installed on computers and collects little bits of information at a time, without the user's knowledge. The key is “without the user's knowledge”. Users do not know that this spyware is in their computers and it constantly transmits little bits of information. The presence of spyware is typically hidden from the user and it can be difficult to detect.

Typically, spyware is secretly installed on the user's personal computer, and while the term “spyware” suggests software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information such as Internet surfing habits and sites that have been visited, but it can also interfere with the user's control of the computer in other ways, such as installing additional software and redirecting web browser activity.

Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, or loss of Internet functionality and other programs.

We have all come across that, where we are working on something and it seems that everything is going along really well, and suddenly everything stops. What happened? There is a piece of spyware that went in there and changed things around. There is a frustration and a cost to the individual.

If someone sitting at home, likely retired, working on a computer, has a fixed income and suddenly he or she has to expend dollars to get the computer running again, there is a direct effect there.

There may be those who ask how that affects them. We have all had the frustration. We have had to bring someone in to fix the problem, if he or she can fix the problem. When the individual gets it running again, that individual has money out of pocket. On a limited income, if one is retired, it really hurts individuals directly.

Computer viruses are something that we hear of a lot. A computer virus is a computer program that can copy itself and infect a computer. A true virus can spread from one computer to another when its host is taken to a target computer, for instance because a user sent it over a network or the Internet or carried it on a removable medium such as a floppy disk, CD, DVD or USB drive.

We see a lot more of that now where we have people coming in with USB drives, collecting the information and then going to another computer. It is a perfect way to spread viruses.

I have a 13-year-old daughter who works on her computer. She brings her homework back. She will input the information and take it to school. She might be bringing back something from the school or someone else might be bringing it to the school. So we can see where a virus can cause a lot of problems for many people.

Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by other computers.

One that we do not hear much about is botnets. That is covered under this legislation. A botnet is a collection of software agents or robots that run autonomously and automatically. The term is most commonly associated with IRC bots.

The best way to describe IRC bots is when we go to a website or even an email and think we are interacting with another individual but we are not. With an IRC bot, we are basically interacting with another machine. We think that person is there responding to us. We can see the problems that could cause: someone going to one site, getting answers, building up a trust, and then suddenly finding out it is a machine on the other side.

The other thing that happens with the IRC bots is that one can access a number of people, all interacting with this one machine, so the individual is not duping people, a machine is, and the spread can cause a lot more damage because it is so pervasive.

As well, it does spread some malicious software and it can also refer to a network of computers using distributed computing software.

Anyone who has used a computer can relate to the kind of frustration that this malware can cause in some of these unwanted infiltrations into one's computer.

It is not only frustration. As I mentioned earlier, there can be a real financial loss to the individual who is using that computer and connecting and who will be affected by some of these issues.

Let us take a look at Bill C-28 again, now that we know what some of the definitions are.

Bill C-28 contains four main thrusts. It prohibits the transmission of commercial messages, basically spam, without express consent. The only conditions under which express consent is not required are those where family or prior recent business relationships exist. Messages requesting consent have to provide the names of the sender and the client on whose behalf the message is being sent, contact information for both, and a way to unsubscribe.

Quotes and estimates that are requested are not covered by this, nor are emails or follow-ups on business previously transacted.

There is one loophole or one barrier in this legislation that I would like to talk about. That is in regard to people who are in sales, such as financial advisers, real estate agents, or stockbrokers. What often happens is that they will do business with someone, and at some point, using real estate as an example, the person they are doing business with will say, “My brother, John, is looking for a house. Give him a call or get hold of him. I am sure you can help him out. You have done a great job for me, and John, who is my relative, could use your help”.

This legislation unfortunately does not allow the real estate agent to send an email to that person. He has to get express consent from the individual to whom he will be sending that email.

I was talking about how this legislation has to be reviewed on a regular basis. I think this is one of the areas we are going to have to look at and ask if it really allows business and e-commerce to continue and to flourish. We can see the barriers that are set up and the problems it would cause to people who earn a living in the sales field.

As we see this going on, I think it is important that we monitor some of the effects of this legislation. Maybe in about a year or so we should review it, see what is going on, and see what the unintended effects of this legislation will be.

The bill attempts to curtail phishing, with a prohibition on false or misleading information on the source of an email. The bill also prohibits the installation of programs to operate another's computer or the dissemination of messages on a computer without the individual's consent, and there is the option to withdraw the consent.

As we can see, it goes back to malware, the spam that we spoke about earlier and how this bill will block that.

The bill includes provisions that halt the collection of personal information, by amending PIPEDA, the Personal Information Protection and Electronic Documents Act, to include a ban on collecting or using electronic addresses obtained through a computer program designed for their collection, as I mentioned earlier, the phishing program.

So this legislation does come into play, and there are additional provisions that specify that a tougher regime under FISA take precedence over the existing Personal Information Protection and Electronic Documents Act and all the legislation that could apply.

The bill's provisions extend not only to those who violate it, but also to the agents or directors of the corporations who aid, authorize or acquiesce to the violations. The bill follows the money. That is the key right here, because when we look at a lot of this, the infractions and the invasion, it comes right back to money. It follows the money, stripping protection for those who hide behind a corporate shield.

When we look at some of the fines that are out there, the fines could go as high as $1 million for individuals and $10 million for corporations. The bill aims to accomplish ending the practice of spamming.

Will this bill end it completely? I think when there is something illegal going on, it just keeps going and going. What this does is minimize it and at least offer some protection to Canadians when it comes to spamming, phishing and the rest of the electronic malware that exists around the world and on the Internet.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 11:30 a.m.
See context

Bloc

Serge Cardin Bloc Sherbrooke, QC

Madam Speaker, I rise here today to speak to Bill C-28, once known as the Fighting Wireless and Internet Spam Act.

I would like to begin by saying that the Bloc Québécois is in favour of the principle of Bill C-28, which was previously known as Bill C-27, but which died on the order paper at prorogation. A number of minor changes have been made, but the overall text, its objectives and key elements remain the same.

New legislation that specifically targets unsolicited commercial electronic messages has been needed and requested by society as a whole for some time now. Governments, Internet service providers, network operators and consumers are all affected by the problem of spam. Preserving the efficiency of legitimate electronic commerce is a vital and pressing issue. Not only are commercial emails sent with the prior and ongoing consent of the recipient important to electronic commerce, but they are also essential to the development of the online economy.

The Bloc Québécois is pleased to see that Bill C-28 takes into account most of the recommendations in the final report of the task force on spam. On the other hand, we are upset that the legislative process has taken four long years. Computer technology is evolving at astonishing speeds, and spammers keep finding new ways to achieve their goals. Accordingly, consideration of the bill in committee should give many industry stakeholders and consumer protection groups an opportunity to express their views on the proposed Electronic Commerce Protection Act. A number of other points also need to be examined in committee and I will come back to those points later on in my speech.

The task force on spam was struck in 2004 to look into this problem, which is constantly evolving, and to find ways of dealing with it. The task force heard from Internet service providers, electronic marketing experts and government and consumer representatives.

In all, more than 60 stakeholders took part in the discussions, providing input on issues such as legislation and law enforcement, international co-operation, and public education and awareness. In addition to launching an Internet-based consumer awareness campaign entitled “Stop Spam Here” to inform users of steps they can take to limit and control the volume of spam they receive, the task force on spam presented its final report to the Minister of Industry on May 17, 2005.

Entitled “Stopping Spam: Creating a Stronger, Safer Internet”, this report calls for new, targeted legislation and more rigorous enforcement to strengthen the legal and regulatory weapons that Canada could use in the global battle against spam.

The report also supports the creation of a focal point within government for coordinating the actions taken to address the spam issue and other related problems like spyware.

Among the report's key recommendations are more vigorous legislation and enforcement and legislation to prohibit spam and protect personal information and privacy, as well as computers, emails and networks.

The proposed legislation is designed to allow individuals and companies to sue spammers and hold any businesses whose products and services are promoted using these means partially responsible for spamming activity.

In addition, new and existing resources of the organizations responsible for the administration and enforcement of anti-spam laws should be strengthened.

The task force recommended creating a centre to coordinate the government's anti-spam initiatives. This focal point would coordinate policy and education campaigns and support law enforcement efforts. It would also receive complaints and compile statistics on spam.

To curb the volume of spam reaching users, the task force developed a series of industry best practices for Internet service providers, network operators and email marketers. Examples include allowing ISPs and other network operators to block email file attachments known to carry viruses and to stop emails with deceptive subject lines.

As well, email marketers would be required to obtain informed consent from recipients to receive emails, provide an opting-out mechanism for further emails and create a complaints system. The report recommends that these groups voluntarily adopt, regularly review and enhance the best practices.

To help change people's online behaviour, the task force created an online public education campaign called “Stop Spam Here”. Launched in 2004, the website offers consumers, volunteer organizations and businesses practical tips for protecting their personal information, computers and email addresses. The task force recommended that all partners continue to enhance the site's content.

Since most of the spam reaching Canadians comes from outside the country, international measures to stem spam are vital. Therefore, the task force proposed that the government continue its efforts to harmonize anti-spam policies and to improve cooperation among all countries to enforce anti-spam laws.

Four years later, on April 24, 2009, the Government of Canada finally introduced new legislation to protect electronic commerce, namely, Bill C-27. Inspired primarily by the final report of the task force on spam, Bill C-27 established a framework to protect electronic commerce. To achieve that, the bill would enact the new Electronic Commerce Protection Act, or ECPA. Basically, this act would set limits on the sending of spam.

Spam can be defined as any electronic commercial message sent without the express consent of the recipient. It can be any electronic commercial message, any text, audio, voice or visual message sent by any means of telecommunication, whether by email, cellular phone text messaging or instant messaging. Considering the content of the message, it would be reasonable to conclude its purpose is to encourage participation in a commercial activity, including an electronic message that offers to purchase, sell, barter or lease a product, goods, a service, land or an interest or right in land, or a business, investment or gaming opportunity.

Note that the following types of commercial messages, which appear in clause 7, are not considered to be spam: messages sent by an individual to another individual with whom they have a personal or family relationship; messages sent to a person who is engaged in a commercial activity and consists solely of an inquiry or application related to that activity; messages that are, in whole or in part, an interactive two-way voice communication between individuals; messages sent by means of a facsimile to a telephone account; messages that are a voice recording sent to a telephone account; a message that is of a class, or is sent in circumstances, specified in the regulations.

This means that, under this legislation, sending spam to an electronic address—email, instant messenger, telephone or any other similar account—would be prohibited. The only circumstances under which it would be allowed is when the person to whom the message is sent has consented to receiving it, whether the consent is express or implied

In addition to being in a form that conforms to the prescribed requirements, the message will have to make it possible to identify and contact the sender. Lastly, the message must include an unsubscribe mechanism, with an email address or hyperlink, so that the recipient can indicate that he or she does not want to receive any further commercial electronic messages from the sender.

The bill would also prohibit altering the transmission data in an electronic message so that it is delivered to destinations other than that specified by the initial sender. In addition, the bill would prohibit installing a computer program on another person's computer and sending an electronic message from that computer without the owner's consent.

There are provisions for administrative recourse. Anyone who contravenes, even indirectly, any of these provisions would be liable to an administrative monetary penalty, or AMP, if the computer used is located in Canada. The maximum AMP is up to $1 million for individuals and up to $10 million in all other cases. The Canadian Radio-television and Telecommunications Commission, the CRTC, will be responsible for investigating complaints and, when necessary, imposing the penalties. Furthermore, the CRTC will have the authority to apply for an injunction if it finds that a person is about to or is likely to carry out a violation.

In order to carry out these inquiries, the CRTC would have interesting powers. It could require a person to preserve transmission data, produce a copy of a document that is in their possession or prepare a document based on data, information or documents that are in their possession. It could even conduct a site visit in order to gather such information or, if necessary, to establish whether there was a violation under clauses 6 to 9. Note that it will have to get a warrant from a justice of the peace prior to entering premises.

An individual who refuses or fails to comply with a demand under clauses 15, 17 or 19 will be guilty of an offence and subject to a fine of up to $10,000 for a first offence and up to $25,000 for repeat offences. Businesses will be subject to a fine of up to $100,000 for a first offence and $250,000 for repeat offences.

There are also private remedies. Bill C-28 provides for the creation of a private right of action, modelled on U.S. legislation, that would enable businesses and individuals to initiate civil proceedings against any person who contravenes clauses 6 to 9 of the new act.

If the court believes that a person has contravened any of these provisions, it may order that person to pay an amount corresponding to either the loss or damage suffered or the expenses incurred. If the applicant is unable to establish these amounts, the court may order the applicant to be paid a maximum amount of $200 for each contravention, up to a maximum of $1 million.

Bill C-28 also proposes an extension of the co-operation and information exchange powers for anything that has to do with the Competition Act, the Telecommunications Act or the Personal Information Protection and Electronic Documents Act.

For example, any organization to which part 1 of that act applies may on its own initiative disclose to the CRTC, the Commissioner of Competition or the Privacy Commissioner any information in its possession that it believes relates to a violation of the act. The CRTC, the Commissioner of Competition or the Privacy Commissioner must also consult with each other and may share any information necessary to carry out their activities and responsibilities in accordance with the act.

Over the years, unsolicited commercial electronic messages have turned into a major social and economic problem that undermines the business and personal productivity of Quebeckers. Not only does spam impede the use of email for personal communication, but it also threatens the growth of legitimate e-commerce.

The Internet has become an essential tool for commerce and communication in general. According to the government, the online marketplace represents an important segment of the Canadian and Quebec economies. In fact, there was $62.7 billion in sales in 2007. In 2009, e-commerce reportedly surpassed $8.75 trillion. But the Internet and e-commerce are also becoming increasingly vulnerable and threatened.

Spam accounts for more than 80% of global electronic traffic, which results in considerable expenses for businesses and consumers. Spam is a real nuisance. It damages computers and networks, contributes to deceptive and fraudulent marketing scams, and invades people's privacy. On a larger scale, spam directly threatens the viability of the Internet as an efficient means of communication, undermines consumer confidence in legitimate e-businesses and hinders electronic transactions. And in the end, everyone loses.

The need for new legislation dealing with unsolicited electronic messages has been urgent for far too long. The Bloc Québécois is pleased to see that Bill C-28 covers most of the recommendations made by the task force on spam. However, we deplore the fact that the legislative process has taken four long years. Computer technology is evolving at astonishing speeds, and spammers keep finding new ways to achieve their goal. In terms of information technology, four years is an eternity.

Consideration of the bill in committee should give many industry stakeholders and consumer protection groups an opportunity to express their views on the relevance of new electronic commerce protection legislation. The committee should also study the exchange of information between the CRTC, the Commissioner of Competition and the Privacy Commissioner. And while we want these exchanges to take place in order to maximize the efficiency of the ECPA, any personal information that is shared must always remain confidential. This is even more critical because this information could be shared with foreign states. The question of vigilance in relation to protecting commercial ties between businesses and consumers will also be studied in committee. And although the ECPA's provisions on this subject may seem to be sufficient, industry evidence must be considered because this legislation cannot slow down the use of the Internet as a catalyst for and facilitator of trade.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 11 a.m.
See context

Liberal

Scott Simms Liberal Bonavista—Gander—Grand Falls—Windsor, NL

Madam Speaker, when I was first elected in the summer 2004, spam was a burgeoning issue, but it was something that was focused. Everyone's Internet account was getting inundated with spam and solicitations of a nefarious nature. In 2004 the activity was measured at $130 billion worldwide. One has to wonder exactly how it goes from zero to $130 billion in a very short period of time.

The situation has proliferated to the point where it has become oppressive to individuals who have email accounts and certainly for small businesses with accounts. In dealing with spam and unsolicited emails, we are at a point where the system has been clogged. Now 80% of the information traffic to our computers and PDAs constitutes what we know as spam.

That was then and this is now. Not only has the situation been exacerbated by the fact that so many people are trying to get involved in unsolicited emails and are becoming much better at, the system is allowing them to become much faster and in many cases more elusive. We have several platforms by which people can do this.

As imaginative as we can be when it comes to the world as an extension of who we are, since 2004, we have had the proliferation of social media, such as Facebook and Twitter. Also an abundance of texting has taken place. We know it is not only the computer on our desks at home or at the office, it now travels with us all day no matter where we go because it is much more compact.

Back in 2004, about six months after I was elected, an anti-spam task force was established. At that time, experts were gathered because it was a pressing issue. Let us remember, it is not only the domestic issue at which we are looking. Sometimes we extensively deal in a domestic nature in the House with issues such as the economy, social security, pensions and employment insurance. Sometimes these serve as models for the world to follow, such as our Canada pension plan.

Now we are now completely intertwined with the world. As we know, electronic commerce, or e-commerce, knows no boundaries. It surpasses all that CBSA can put out there. It travels around the globe instantaneously. We are able to connect to the world in a way we never thought possible. I am not saying that is a bad thing. It is absolutely wonderful if we are to achieve a common understanding around the globe. However, it becomes problematic when we have to create domestic legislation to follow suit on international agreements. Therein lies the crux of what we are doing.

Other members have pointed out, and I would wholeheartedly agree, that we are behind the eight ball when it comes to this type of legislation. Legislation has been addressed in other G8 nations and it has gone farther than we have. Now we find ourselves in the situation where we are playing catch up with the rest of the world.

However, that is one issue. We still have to do our due diligence within the House, through debate and committee work, so we can create legislation that has teeth and is effective.

The second phase of this follows from the legislation we create in the House, and that is the enforcement of it, which is very important. This is why the myriad of agencies, as mentioned in this debate, have been brought into this in order to enforce it.

I mentioned the international component of this. Being from the east coast, primarily Newfoundland and Labrador, we have dealt with legislation on an international perspective when it comes to our fisheries. As many past politicians from Newfoundland and Labrador have said, “borders are borders, but fish can swim”, and they swim over borders.

Therefore, the international scope of this issue is much like issues of climate change. Many of the models created to govern our resources are created in international forums. For fisheries, it is the North Atlantic Fisheries Organization, NAFO. For climate change, it is the United Nations and other avenues and even the Council of Europe for that matter.

This agreement has taken place through international governance. Now we have to follow with our own domestic legislation. That goes a long way in cluing up and taking our place in the world to deal with this issue.

I have compiled some background information. My compliments to the Library of Parliament for this legislative summary. I want to congratulate Ms. Alysia Davies for compiling this information. She did a fantastic job. She is with the legal and legislative division, Parliamentary Information and Research Service.

There are a few clauses in the bill that deal with the situation at hand.

Following the work of the task force, we had the first go around with Bill C-27. When it made its way through committee, certain changes were brought forward by the committee, as well as the government and the department, which have been incorporated for the most part. That too follows a great debate. Following the prorogation, the bill died on the order paper. Now we are with Bill C-28 and we will do our due diligence yet once again.

As Bill C-27, it was known as the electronic commerce protection act. We now incorporate items that were added to the former ECPA as government amendments during its original passage when it was Bill C-27.

As with the previous bill, the new bill, called “fighting Internet and wireless spam act”, would amend four existing acts that deal with telecommunications regulation, competition and privacy. Among other changes, these amendments designate the Canadian Radio-television and Telecommunications Commission, commonly known as the CRTC, as the main regulator of the fighting Internet and wireless spam act. Also, both the Commissioner of Competition and the Privacy Commissioner will play enforcement roles related to their respective mandates.

There may be some questions. For example, one question earlier in the debate was about the Privacy Commissioner not being mandated to educate the public. That is a very valid point because then it falls within the realm of justice. That certainly needs to be brought out in the House and we need to have a thorough debate as to exactly who will to educate on what is not right, not legal and what fines may result.

My hon. colleague from Manitoba brought up the idea of prosecution for the sake of criminal charges being laid. Right now we are dealing with just fines, but that too should be addressed. In future, this may be re-addressed in this legislation.

I also want to talk about the four pillars. This is a combination of a process that began with the anti-spam action plan in 2004. That was a private sector task force, chaired by Industry Canada, to examine the issue of unsolicited commercial email, which we now know as spam.

By the end of 2004, spam, which is in many ways the electronic equivalent of junk mail, had grown to encompass 80% of global email traffic. Imagine a mailbox with 80% of its mail being junk mail. Many would say that is already happening, and in some cases I am sure it is.

Nonetheless, 80% is a high number because it is so easy and cheap to put out these emails. Typing something in, either a scam or something close to a scam, and feeding it to the masses electronically is much easier than doing it with physical paper.

The task force on spam led the action plan at a round table of national stakeholders in December 2004. We received feedback through announcements in the Canada Gazette and in a dedicated online forum. It issued a report in May 2005. That report recommended, among other measures, legislation specifically aimed at combatting spam, which we are dealing with today. It is a second incarnation of a spam act. The federal government introduced a first attempt back in the 42nd session.

I want to thank two gentlemen from the Senate who did a lot of work prior to this. First is Senator Donald Oliver. Second is former Senator Yoine Goldstein from Montreal, who did a tremendous amount of work on this issue. We owe both former Senator Goldstein and Senator Oliver a debt of gratitude.

The spam act can be seen as a complement to the e-commerce legislation that has gradually been developing in each of the Canadian provinces and territories over the past 10 years.

We owe a debt gratitude to provincial legislation that started back in 1998 under the uniform electronic commerce act created by the Uniform Law Conference of Canada. The provincial and territorial acts have thus far served as the underpinning for burgeoning e-commerce sectors across the country. We also owe a debt of gratitude to many of the respective provincial ministers for helping us create the bill in front of us today. Eventually we will deal with the enforcement aspects of it.

Basically what came from that, the main federal legislation related to e-commerce, was the Personal Information Protection and Electronic Documents Act, or PIPEDA, which governs privacy requirements for private sector organizations and electronic documents within federal jurisdiction and in provinces or territories that have not yet established their own similar legislation. This is typical for many pieces of legislation since the inception of Parliament.

As I mentioned, Canada is the last of the G8 countries to introduce specific anti-spam legislation domestically, and a lot of this came from what was negotiated in international fora. Some existing Criminal Code provisions were identified by the task force as being of possible assistance in prosecuting spam cases. The task force worked on this with the Department of Justice and the Technological Crime Branch of the Royal Canadian Mounted Police in 2004 and 2005.

This is another element of the bill that should be engaged to a greater degree. We are still on the cusp of understanding the influence that spam emails have around the world. In six years we have come a long way in electronic commerce. We have gone from the nuisance of spam email to Facebook and social media, such as Twitter and other forms of apps, iPads, and so forth. Members get the idea. The platforms are evolving, but the people who are behind the criminal aspect of spam, and some not so criminal, are adapting around the platforms that currently exist. Therefore, it is incumbent upon us to try to keep up to date, to ensure people are informed as to what they can and cannot do and to allow the government agencies, at arm's-length, to deal with the enforcement of these issues.

I mentioned the technological crime branch of the Royal Canadian Mounted Police and the requirements to bring a charge under the existing provisions. However, when the task force report was published, these provisions had not been used for this purpose, so questions remain around that.

Other agencies, such as the office of the Privacy Commissioner of Canada and the Competition Bureau, have received complaints from members of the public about spam as well and there was no overarching framework for addressing such complaints. We can see the genesis of this. At the time, the task force was able to tell them to deal with the issue of the Criminal Code and deal the fact that our government agencies are inundated with complaints and that we have to marry the two. The fine situation we have right now was a result of that. That is something we need to address at a future date.

The legislation would provide a clear regulatory scheme, including administrative monetary penalties, or AMPs, with respect to both spam and related threats from unsolicited electronic contact, including, which is the important part, identity theft, phishing, spyware, viruses and botnets. It would also grant an additional right of civil action to businesses and consumers targeted by the perpetrators of such activities. Therein lies another aspect of taking these people to court. Does it hold enough teeth is the expression and this is what I have a few reservations about.

For descriptions and analysis, clause 2, for example, contains its own definition of what we call commercial activity. It is different from the one in PIPEDA, the legislation that served as the paramount legislation for dealing with spam. It does not modify the existing definition to that act but builds on the PIPEDA wording of “any particular transaction, act or conduct or any regular course of conduct that is of a commercial character”, and adds the qualification “whether or not the person who carries it out does so in the expectation of profit”.

Therefore, we get the incentive for doing this when we talk about unsolicited emails and other nefarious activities that I described earlier, the botnets, the spyware and those sorts of things, because those are the programs that are adapting, for a nefarious nature, to solicit from us money taken under circumstances that consumers would consider to be not right. Therefore, it tries to define that for the sake of profit.

It does reflect an intention to widen the scope of who could be considered responsible under the new law in cases where spamming or other activity occurs, possibly implicating Internet service providers, or ISPs, or even those whose computers are being used for spamming without their awareness or consent. We can see how this has taken place.

A lot of situations have developed since we first started the task force about six years ago that this legislation has to address. A lot of that came out of the committee work on Bill C-27 and now enacted within this. Part of clause 2 acknowledges that.

There are also provisions discussed in further detail, which I will talk about in just a little while, but one of the situations was telemarketers and what we call the DNCL, the do not call list, which members of Parliament receive a lot of calls about. I would say that over the past six years of being here, I have certainly dealt with a lot of that and the bill would address it to an extent.

Eighty per cent of global traffic regarding spamming is an incredible amount of activity. This is what this legislation attempts to address. There are key provisions in clauses 7 to 10 and 13.

One of the situations that subclause 7(6) originally added to the predecessor bill through a government amendment that was before the House of Commons under the industry, science and technology committee specified that the prohibitions on sending a commercial or electronic message do not apply to quotes or estimates for the supply of a product, goods, a service, land or an interest or right in land, if the message was requested by the recipient. Therefore, this bill would not impede on the normal course of e-commerce.

We need to face the fact that those businesses, especially the small and medium size businesses, the SMEs, have been successful through the world of Internet and therefore we want to ensure this legislation will not impede upon their efforts to create business and to solicit in what I would call a way that is consistent with good consumer practice.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 10:40 a.m.
See context

NDP

Bruce Hyer NDP Thunder Bay—Superior North, ON

Madam Speaker, it is my pleasure to rise to speak to Bill C-28, the anti-spam bill, which was formerly Bill C-27.

I have often bemoaned the lack of co-operation in the House, but this is one case where members of all partisan stripes seem to agree.

All of us and our constituents have been inundated with unwanted spam at home and at work. Spam represents about 87% of email activity around the world. At best, it is a huge waste of time and energy. It was estimated last year that over 62 trillion, and I am trying to get my head around that number, spam emails were sent out. It is done in a variety of ways. This bill would identify and eliminate some of those ways.

This bill enjoys strong public support. It certainly has the support of the New Democratic Party. This is part of the New Democratic Party's electoral platform to move forward on a number of consumer issues that we want to see implemented as law.

There will be a push to try to weaken this bill. There are some elements in this bill that make it a really strong and good bill for Canadians and Canadian businesses because it affects our economy.

Canada is actually in the top 10 when it comes to generating and receiving spam. Canada is the only G8 country that does not have the kind of legislation that Bill C-28 represents. Once again, we are behind but we can catch up with this bill quite significantly and have one of the better models to deal with this important issue.

Approximately 1 out of 20, or 5%, of the spam in the world comes from Canada. Canada is known as a harbour for some of the big spammers. I believe we stand fourth in the world in terms of spamming, behind Russia and just ahead of Brazil. An Ipsos Reid poll found recently that approximately 130 spam messages are received by Canadians each week. That is troubling because it is up 51% from just the year before. Speaking for myself, both at work and at home I get quite a bit more than 130 spam emails.

It is not just the irritation of removing unwanted messages and solicitations; it is also time consuming. Employers are worried about the time it takes and the cost to their businesses. As a small business owner myself, I know how taxing spam can be on my computer system's efficiency. It puts my computers at risk and lowers my employees' productivity.

Some may argue that businesses have the right to inundate us with these kinds of messages, but really it is a privilege. No one has an absolute right to inundate us with emails, especially when many spammers use malware and other kinds of spyware to gain data on us regarding where we shop online, what our online consumer habits are, et cetera.

Interestingly, the bill provides for windows of opportunity for businesses with existing relationships to make that connection with their customers. One idea is an 18-month extension in terms of a previous existing business relationship. That makes sense. The Bloc moved a motion to extend that grace period on previous business relationships to 24 months. I strongly disagree with extending it to 24 months. Eighteen months is long enough.

Once this law is in place, there will be three regulatory agencies to punish spammers. The CRTC will investigate complaints. The Competition Bureau will slap on fines of up to $1 million for individuals and $10 million in all other cases. The Privacy Commissioner will get involved when people's privacy is violated.

The part about the Privacy Commissioner is important because far too often spammers have used headliners that look like many banks' headliners, and then people click on them, and I have almost done it a few times, thinking it is their bank, but it turns out that it is a spammer seeking to collect data and information on them, perhaps to create fraud.

There have been cases where people have lost money, thinking it was their own financial institution or a legitimate financial institution. They provided access to some of their monetary resources and suffered financial losses. This is shameful and should not be happening in a country like Canada.

There is going to be recourse to show those who bombard us with spam and those who have to deal with it that there will be real punishments, that it will be more than just a fine, that it is going to be significant for them to deal with and hopefully it will help to curb this behaviour.

One of the reasons that the bill will be strong is it would have those three regulatory agencies actively involved in maintaining the accountability of the actual bill. Interestingly enough, there was a bit of a debate about whether or not this bill should deal with the telephone solicitation issues. It would not. However, at the same time, it would allow the minister actually some degree of ability and capability, and quite frankly, a bit more strength to work on the do not call list.

It is also important to note that there was another issue in the bill that was defeated. It is important to recognize that, because it is an issue that people are concerned about. In the original manifestations of the bill there was a provision that would have allowed companies to go onto our computers and seek information regarding that computer site. If we had agreed to them being part of our Internet relationship, we would be consenting or allowing them to go onto our computer and access information and documents, and basically surf through our site, at times unknown to us. That issue was taken off the table as well, thank goodness.

There was great Internet discussion and blogging about this offensive piece of legislation. I was happy to see that this was removed as well. It is important because had that provision been there, as well as the other provisions I have mentioned that were taken out, I do not know whether I could have supported this legislation because it would have weakened it so much. It would have become far weaker than even the do not call registry, which is pretty weak. It is very fortunate that we were able to get consensus and push that back.

As well, there were a couple of amendments that were interesting, and I was rather curious as to how they came forward. We will see whether or not, in the Senate, they will be pushed forward again.

One of them came from the Bloc, and that was the extension of the time to actually opt out of an email subscription. The way it works is if I, for example, agree to receive an email and I have a relationship with a company, or if someone is sending me that information, then I could opt out of that later on. I would just send an email that I do not want to continue this relationship. The way the legislation was, in 10 days, I would be taken off the list. The Bloc moved a motion for it to be 30 days. The final part of the bill is now 10 business days.

If we agree to an email through our bank or somewhere else, they will instantly start spamming or sending information. Once we agree, they start flying in. I have Aeroplan points, for example, from Air Canada, and then boy, that thing rings all the time with all kinds of stuff. I have agreed to that relationship and sometimes it is helpful. Sometimes it is irritating, but I make that choice. To suggest that I want that out and that it would take 30 days to get out of that is absolute nonsense, especially with the sophistication of some of today's programs. Ten business days is more than sufficient time within which to end that relationship.

As well, it is important to reinforce the issues of how serious spam is. Spam is used in crime. Spam is also used in an organized way that affects the whole Internet capacity of the system. We just have to look at some of the botnets. This is like a zombie computer where specific programs are written to go in and turn our computers into a generator for spam, or our email address for someone else who controls a whole grid of computers.

I hope to see the bill passed and I hope to not see it watered down in our unelected Senate. One of the interesting results of the American legislation that was passed was the conviction of Robert Alan Soloway who was arrested in the United States. He was one of the world's largest spammers. Among the 35 counts that he was charged with were not only identity theft and fraud, but also money-laundering.

I want to touch on companies too because some of the market they invest in gets lost or hurt because of spamming. Some of the spamming is very particular, very effective and professional-appearing in imaging and induces people to think it is something it is not, such as, for example, the banking industry as I have already mentioned. It costs the banking industry because it loses customers. People then do not want to trust that company because others have abused the site that appeared to be theirs.

That is why we do not want to lose sight of the criminal aspect of this as well. We must move the bill through as quickly as possible. It has taken long enough to get through committee, despite the noble efforts of my colleague, the hon. member for Windsor West, who has worked hard and smart on the bill.

Let us show Canadians that the government can get useful things accomplished for Canadians.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 10:30 a.m.
See context

Liberal

Marc Garneau Liberal Westmount—Ville-Marie, QC

Madam Speaker, as I mentioned in my presentation, it was the Liberal Party in 2004 that initiated the process of looking at the very serious problem of spam. As my hon. colleague mentioned, this problem has huge cost implications for the entire planet. It is rather surprising that it has taken five years for this bill, which initially was Bill C-27, to reach third reading.

It is clear as well that Canada has not been ahead of the pack in taking the initiative to bring forward this bill. We have been a laggard on this issue. Canada is the last country in the G8 to bring forward a bill like this one. We are among only four OECD countries that do not yet have legislation on spam. The current government has been in power for almost five years and it has not given the issue of spam, with its huge cost implications, the necessary priority it should have been given.

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 10:30 a.m.
See context

Liberal

Paul Szabo Liberal Mississauga South, ON

Madam Speaker, the research has estimated that spam costs the worldwide economy about $130 billion. This is not a recent number. This is a number that has been building up over time.

If we take that together with the fact that we are the only G8 country that does not have this legislation, and one of only four OECD countries, it begs the question of where the government's priorities are. When we think of the cost of just spam alone, and if we add all of the other abuses that affect productivity, and certainly therefore the cost to persons, business, and the Government of Canada, we have to question the minister's statement when he says that in developing this particular bill, “we have been able to incorporate the best practices of other countries that have launched similar efforts”.

If that is the case, why was Bill C-27, the predecessor to this bill, not based on the good practices of all these other countries? Does it not show that the government in fact was not really serious about making good laws and wise decisions?

Fighting Internet and Wireless Spam ActGovernment Orders

November 23rd, 2010 / 10:20 a.m.
See context

Liberal

Marc Garneau Liberal Westmount—Ville-Marie, QC

Mr. Speaker, it is with great pleasure that I stand today in third reading to speak about Bill C-28. I was involved as a member of the Standing Committee on Industry, Science and Technology on the bill, which deals with a very important matter. It was known as Bill C-27 at the time and has now progressed to being Bill C-28, and it is very encouraging to see that we are now at third reading.

First of all, I would like to stress that we must act quickly to resolve the massive problem of unsolicited electronic messages, more commonly known as “spam”.

Let us go back to 2003, when the problem was not nearly as bad as it is now. A report at the time concluded that businesses spent $27 billion on expenses related to the IT personnel needed to deal with this plague.

Who of us in this chamber have not experienced that maddening moment when we have opened up our emails and discovered that a fairly large number were unsolicited, were trying to interest us in something we were really not interested in, were trying to sell us something? Who of us have not experienced the time it has taken to get rid of these unsolicited emails? Of course many of us have now had to purchase software to try to control so-called spam, and this is adding to our annoyance with the whole thing. Even today, the ingeniousness of some people still manages to circumvent even the best spam software, and we still occasionally receive spam messages even with that best software.

Spam represents, according to the experts, 60% to 80% of all email traffic around the world. Clearly this situation is a major challenge for consumers, businesses, governments and Internet service providers. Yet the issue at hand is not limited to spam and, therefore, legislation must also remedy the use of false or misleading statements that disguise the origins or true intent of the email, the installation of unauthorized programs and the unauthorized collection of personal information or email addresses.

Whether spam comes in the form of unsolicited emails, viruses hidden in attachments—which is often the case—phishing, misrepresentations or the use of fraudulent websites, the government must take action to ensure that Canada does not fall behind.

How can we be the only G8 country and one of only four OECD countries that has not introduced legislation on spam? No one can deny the magnitude of this problem that goes beyond the simple annoyance of receiving unsolicited emails.

This practice also has huge costs for users in terms of the cost of receiving emails and text messages, as well as in terms of the users' storage capacities. Furthermore, this interferes with computer systems, which can have consequences on businesses, governments and individuals. When spam floods and completely paralyzes systems, these practices have more serious effects than anyone could imagine on the way society functions.

We often do not realize how vulnerable we are, which is why we must act quickly. In this case, there is no point reminding members that when the Prime Minister prorogued Parliament at the beginning of the year, he ruined our chance to act quickly.

The Liberal Party of Canada has not only always been concerned by this serious problem but has been very proactive on this matter. In fact the Liberal government established an anti-spam task force in May 2004 that held public consultations and round tables with key industry stakeholders. This Liberal initiative led to the 2005 anti-spam action plan for Canada, which was a call to action.

The plan comprised specific recommendations, requiring the implementation of legislative measures that: prohibit the sending of unsolicited commercial electronic messages; prohibit the use of false or misleading statements that disguise the origins or true intent of the email; prohibit the installation of unauthorized programs; and prohibit the unauthorized collection of personal information or email addresses.

Bill C-28 and the initiatives announced by the Conservative government followed through on the recommendations made by the Liberal anti-spam task force of 2005. However, it is worth mentioning that Bill C-27, as originally submitted by the current government, contained a number of flaws. Fortunately, the Standing Committee on Industry, Science and Technology did outstanding work and proposed recommendations that significantly improved the bill. With these amendments and with further changes recently proposed in Bill C-28, we believe the bill is achieving its main objectives.

Bill C-28 introduces legislation to deploy most of our recommendations, and therefore we are pleased to say that the government has finally decided to act on the recommendations brought forth by our task force. This said, care must taken and we will continue to monitor the legislation closely to ensure that it does not stifle legitimate electronic commerce in Canada. It is important to emphasize that the fight against spam is much more than just legislation.

The industry committee also discussed how important it is that the government take responsibility for a cohesive approach once Bill C-28 is passed. What good is this law if the authorities overseeing it cannot take action because they lack resources? What specifications will be given to the various entities that will enforce and implement the law?

The minister must submit a comprehensive enforcement plan outlining the roles of these entities, such as the CRTC, the Competition Bureau and the Office of the Privacy Commissioner of Canada. The fact is that with this many stakeholders, Industry Canada's role as coordinator will be extremely important. We must give this department the proper tools, both from a human resources and an organizational perspective.

In short, it is essential that there be a coordinated approach involving industry partners, affected organizations and concerned stakeholders in order to implement this bill, and it is in this context that the government needs to take action. It needs to provide the mechanisms to ensure that this legislation is enforced effectively. Enforcing this type of law is complex. It needs to be reviewed periodically so that we, as legislators, can cover all eventualities, such as technological advances.

I should also point it that it is becoming essential and urgent to coordinate our legislation with various countries and engage with the international community in order to harmonize measures to achieve agreed-upon objectives. Canada must now take its place and become a leader in this area.

The Liberal task force also recommended that resources be put toward co-ordinated enforcement of the law, since we all know that legislation will only go as far as the capacity and willingness to enforce the law. Hence it is of the utmost importance that the government put appropriate resources into enforcement, in its determination to work with other nations to stamp out spam.

It is also imperative that the government dedicate resources to clearly establish codes of practice. The Liberal Party of Canada will, without fail, be on task to assure that these elements are not forgotten as the process moves forward.

I am confident that we are on the right track. The members of the Liberal Party will continue to work to ensure that this bill is in line with the expectations of the people.

Fighting Internet and Wireless Spam ActGovernment Orders

November 22nd, 2010 / 6:20 p.m.
See context

Liberal

Rodger Cuzner Liberal Cape Breton—Canso, NS

Mr. Speaker, I appreciate the comments from the member for Richmond—Arthabaska.

I am pleased that the Canadian chambers of commerce have decided to support the bill. I know when it was presented to the House in past machinations of what it is now as BillC-27, a great number of concerns were raised. Amendments have been made. One problem that had been identified with past legislation was the sending out of spam prior to any kind of approval or consent from the recipients. We wanted to prohibit the use of false and misleading statements that disguised the origins or the intent of the email and the insulation of unauthorized programs.

I am sure that every member of the House has received calls from constituents with regard to some of these vexatious annoyances. When one tries do some work on the computer there are these types of things and they are annoying.

Does the member think that Bill C-28 addresses with sufficient rigour the one that is of most concern, the one to prohibit the unauthorized collection of personal information? I know there are various laws to protect personal information. Specifically with regard to the Internet and the use of online services, does the member believe that with the checks and balances this is adequately addressed within the legislation?

Fighting Internet and Wireless Spam ActGovernment Orders

November 22nd, 2010 / 6 p.m.
See context

Bloc

André Bellavance Bloc Richmond—Arthabaska, QC

Mr. Speaker, I am pleased to speak again to Bill C-28.

My colleagues may think I have become an expert on spam. I want to reassure them and the people who are watching us that I am not a spam expert and I have certainly never sent any spam. I have received spam, though, as I said in my previous speeches on this issue. People who work in offices today, especially decision makers, receive so much spam that there was a need for legislation on this issue, which is why the Bloc Québécois supports Bill C-28, the Fighting Internet and Wireless Spam Act.

I am not necessarily going to repeat all the criticisms the Bloc Québécois has offered in speeches in the House. But I do want to remind hon. members—and the Conservative member who spoke before me said this himself—that Bill C-27, which preceded Bill C-28 and concerned the same issue, died because the government prorogued Parliament, which is why Canada is so far behind other countries today when it comes to anti-spam legislation.

Better late than never, as I always say, but the damage that has been done is still there. People who have suffered losses, especially financial ones, because of all this spam will never get their money back. It is time to act, and we need to act as quickly as possible. We will see how quickly we can deal with this in committee. We will also see whether the government is willing to listen to people who might have improvements to make to this bill.

The Bloc Québécois supports Bill C-28. We will listen to the relevant testimony in committee. This speech may give me the chance to draw some conclusions, which I had not had time to do. In our speeches, we often get sidetracked and end up not having enough time to say everything we planned to say. As I touched on earlier, over the years, unsolicited commercial electronic messages have turned into a major social and economic problem that undermines the individual productivity of Quebeckers. People all across Canada have the same problem.

Spam is a threat to the growth of legitimate electronic commerce. Clearly, new technologies can be practical. If legal businesses want to communicate by email legitimately, we must not stop them from doing so. However, spam is something else entirely. Fraud is not the only danger. Some companies harass people, which is a huge waste of time for people in offices trying to get rid of these unwanted emails.

Spam accounts for more than 80% of global electronic traffic, which results in considerable expenses for businesses and consumers. In light of this situation, legislation to protect electronic commerce is reasonable and appropriate.

On another note, some clauses of the bill are still problematic. We would like further information about the national do not call list. The current list is doing the job it is supposed to do, and it is used by millions of people. Compliance with the national do not call list required many companies to reorganize their resources and make a large financial outlay. Could we not use the existing list?

I do not know what mechanism might make that possible, but that can be covered in committee. A number of parallels may be drawn between the system proposed for emails and the existing system for telephone calls. For example, I have had my name taken off call lists, but that does not means that marketing companies cannot get in touch with me. There are certain categories of businesses that can do so. Political parties are one example. Since I subscribe to newspapers, they can call me. I am not completely sheltered from receiving calls. However, people who incessantly phone during supper to sell all sorts of things are now breaking the law.

As I said, could we not use this list to cut the cost of creating a whole new list? We will have to wait and see.

It might be worth looking into. Speaking of the do not call list, consumers should understand that registering will reduce but not eliminate all telemarketing calls. There are certain kinds of telemarketing calls that are exempt from the rules. The exemptions include telemarketing calls made by or on behalf of political parties, riding associations and candidates; Canadian registered charities; and newspapers of general circulation for the purpose of soliciting subscriptions.

Telemarketing calls from organizations with whom people have an existing business relationship are also exempt. A person is considered to have an existing business relationship with a telemarketer if they purchased, leased, or rented a product or service in the last 18 months from the telemarketer, have a written contract with the telemarketer for a service that is still in effect or expired within the last eighteen 18 months, or asked a telemarketer about a product or service within the last six months. In those cases, people can expect to receive calls at home.

Telemarketers may also call those who have provided express consent to be called. Express consent includes permission on a written form or an electronic or online form, or verbal permission. The do not call list rules do not apply to telemarketing calls made to businesses.

If you do not want to be called by a telemarketer making an exempt call, you can ask to be put on the telemarketer’s internal do not call list. Every telemarketer is required to maintain such a list and respect wishes not to be called. Organizations conducting market research, surveys, or public opinion polls are not required to keep their own specific do not call lists.

I am explaining all this to say that it is possible to have our telephone numbers taken off telemarketing lists. This list is working well. The very same principle should apply to email. Text messages can also come under this category. I think that Bill C-28 covers text messages as well as email.

I would remind the House that Bill C-28 was inspired by the final report of the task force on spam, which was created in 2004 and did an enormous amount of work. I have already had the opportunity to address some of the 22 recommendations made by the task force. Of course I will not list all of them here in the House, but I have already mentioned a couple of them. I would like to revisit some other, very interesting recommendations. Most of the 22 measures recommended to the government have been accepted and included in Bill C-28.

There are some very interesting recommendations regarding legislation, regulation and enforcement. The federal government was told it should establish in law a clear set of rules to prohibit spam and other emerging threats to the safety and security of the Internet—for example botnets, spyware and keylogging—by enacting new legislation—which will be done when Bill C-28 is passed—and amending existing legislation as required. It is worth noting that this bill also amends a number of other pieces of legislation, including the Competition Act, which I will talk about a little later, if I have the time. Of course this new legislation will affect the Competition Bureau.

It is important for people to know that they will have some recourse when it comes to sending and receiving unwanted emails. This is also covered in the final report of the task force, which was made up of experts, government officials and marketing experts, as well as leading experts in the field of these new technologies.

According to the task force on spam, the following penalties and remedies should be applicable: new offences created should be civil- and strict-liability offences, with criminal liability possible for more egregious or repeated offences. There should be meaningful statutory penalties for all offences listed in the recommendation. They also said that there should be meaningful statutory damages available to persons, both individuals and corporations, and that there should be meaningful statutory damages available to persons who bring civil action. The businesses whose products or services are being promoted by way of spam should also be held responsible for the spamming. Responsibility should also rest with other third-party beneficiaries of spam.

This leads us to the issue of private recourse. People should know that they will have rights once this bill is passed. Bill C-28 provides for the creation of a private right of action that would enable businesses and individuals to initiate civil proceedings against any person who contravenes articles 6 to 9 of the new act; this is found in clause 47 and onward. If the court believes that a person has contravened any of these provisions, it may order them to pay an amount representing either the loss or damage suffered, or the expenses incurred. If the applicant is unable to establish these amounts, the court may order the applicant to be paid a maximum amount of $20 for each contravention, not exceeding $1,000,000. This is found in clause 51.

That may seem a bit high, but in one of my earlier speeches on Bill C-28, I mentioned an individual from Montreal who was found guilty by a California court of hacking into the Facebook social networking site. This individual, who managed to send a slew of spam messages through Facebook, was fined $1 billion. Yves Boisvert wrote about this case in an article in La Presse, which I have quoted here before. The article said that this individual will never be able to pay $1 billion, but it served as a good scare for all those who use websites, social networks and email addresses to defraud or embezzle people and get away with it. These people flood us with unwanted emails or text messages, which are becoming increasingly popular, as I mentioned earlier. We all get them on our telephones. The individual in question in this case will perhaps not pay the fine, but he will certainly not have any desire to start up again.

Bill C-28 also proposes an extension of the co-operation and information exchange powers for anything that has to do with the Competition Act, the Telecommunications Act or the Personal Information Protection and Electronic Documents Act. Earlier I said that I had some examples about the Competition Bureau. For example, any organization to which part 1 of that act applies may on its own initiative disclose to the CRTC, the Commissioner of Competition or the Privacy Commissioner any information in its possession that it believes relates to a violation of the act. The CRTC, the Commissioner of Competition or the Privacy Commissioner must also consult with each other and share any information necessary to carry out their activities and responsibilities in accordance with their respective acts.

And if agreements are signed to this effect, this information could be given to the government of a foreign state, an international state or government organization or one of their agencies, if the information is useful in ensuring compliance with laws that address conduct substantially similar to conduct prohibited in our laws. It is important that countries continue to consult more often in order to end this scourge of spam or at least reduce it; it will be difficult to eliminate it entirely.

On one hand, agreements must specify that the information can only be used to assist an investigation or proceeding in respect of a contravention of the laws of a foreign state that address conduct that is substantially similar to those I just spoke about. On the other hand, they must ensure that the information will remain confidential and cannot be otherwise shared without the express consent of the person responsible for the communication. These two conditions are fundamental to preserving the privacy rights of those concerned.

I said earlier that it was important to remember why countries enacted such laws, which are becoming increasingly strict. When a new technology comes on the scene, it is not always possible to know exactly how people are going to adjust to it and what powers the courts will have to deal with all the fraud and abuse that can be perpetrated with this new technology. But some countries have reacted much more quickly than we have, and we need to use their experience to help the victims of these unwanted emails. Spam is a real nuisance. It damages computers and networks, contributes to deceptive marketing scams and invades people's privacy. That list alone shows just how serious a problem spam can be.

More generally, spam poses a direct threat to the viability of the Internet as an effective means of communication. It undermines consumer confidence in legitimate electronic commerce and hampers electronic transactions. In the end, everyone loses.

I do not know whether it is because of my age, but when I buy things on the Internet, I am always reluctant to give my credit card number. It always gives me pause. If hon. members are like me, they wonder whether everything is secure or whether someone somewhere is looking at what they are doing on their computers. Maybe I watch too many movies—even though I do not have that much spare time—but I know there are hackers out there who can play around in people's home or office computers. Not only can they create computer problems, but they can also access the personal information of people who are using sites legitimately to purchase items.

In any event, like everyone else I got up to speed and managed to do my banking transactions, my transfers and all that on the Internet. So far, so good. However, before buying anything on the Internet with a credit card number, I check as much as possible to see whether the site is secured. So far, things have worked out well, but I know that everyone knows someone who has been a victim after making this type of transaction. We have to restore public confidence to ensure that those who have a legitimate business can make a living and that consumers can benefit from this properly.

New legislation to regulate unsolicited email has been needed for far too long now. The Bloc Québécois is pleased to see that Bill C-28 addresses most of the recommendations from the final report of the task force on spam.

Since I am being asked to wrap up, the time has come to talk about how we are behind on legislation that has been passed around the world. I am talking about the United States, Australia and Great Britain, for example. We must nonetheless proceed carefully. I invite people to read a very interesting article in La Presse about the Competition Bureau and how it has started to attack social networks. This September 25 article by Isabelle Massé addressed advertising on social networks and the importance of taking action.

I do not have enough time to quote it as much as I had hoped to, but it is worth reading this article that shows that the Competition Bureau has been able to take action. With Bill C-28, other organizations will be able to take even more consistent and concerted action.

As I was saying, it is time to take action.

Fighting Internet and Wireless Spam ActGovernment Orders

November 22nd, 2010 / 5:50 p.m.
See context

Conservative

Dave Van Kesteren Conservative Chatham-Kent—Essex, ON

Mr. Speaker, I am pleased to rise in my place today to speak to Bill C-28, a bill that passed second reading as the fighting Internet and wireless spam act, or FISA. With this legislation, we would be providing Canadian consumers and businesses with a regulatory and legal regime that would help drive spammers out of Canada but permit legitimate online commerce.

Hon. members will recall that Bill C-28 recently received support from all sides of the House. In fact, several members pointed out the importance of passing this bill quickly. Indeed, we have been working for some time now to produce and implement legislation to reduce spam and related online threats that discourage the use of electronic commerce and undermine privacy.

The origins of this bill, after all, go back to the work of the task force on spam. The task force recommended that strong action be taken against unsolicited commercial emails, as it recognized that spam was becoming more than just a nuisance. It has become the means by which viruses, trojans and worms are spread through the Internet and it undermines confidence in the digital economy.

The task force made its recommendations, and Industry Canada followed up with its own consultations. In the last Parliament, Bill C-27, the electronic commerce protection act, or ECPA, was introduced in April 2009. The House unanimously passed Bill C-27 at third reading last November and it was sent to the other place on December 1, 2009.

The fundamentals of the former Bill C-27 and this Bill C-28 remain the same. With the new parliamentary session, Industry Canada took the opportunity to fine-tune some of the features of the bill before reintroducing it as Bill C-28. For example, given the more focused consent regime in the bill, it was necessary to make it clear that Bill C-28 takes precedence over the Personal Information Protection and Electronic Documents Act with respect to consent.

In review by the Standing Committee on Industry, Science and Technology, all parties stood behind the principles of this bill and there was good discussion about how some of these principles would be applied. For example, realtors and other businesses would need to change some business practices with respect to third party referrals as a result of requirements for consent in Bill C-28.

Committee members also expressed concern that the government allocate sufficient resources to administer the new rules. As hon. members will recall, the CRTC, the Competition Bureau and the Privacy Commissioner will all have their respective roles in combatting the effects of spam and related online threats. These three enforcement agencies would be able to collaborate with each other and their international counterparts as a result of this bill.

The government has committed that all three agencies will receive additional funding and personnel to fulfill this role. In addition, Industry Canada will establish a spam reporting centre and support the Office of Consumer Affairs at Industry Canada in providing resources for education and awareness.

When it came time to go through the clause-by-clause study, every clause but one was passed by the committee. As per the report from the Standing Committee on Industry, Science and Technology, clauses 2 through 92 were carried. Clause 1 was defeated. It would seem that there was unanimous consent in the committee and I believe in the House on the importance of this bill and the effect it would have on countering Internet and wireless spam and related online threats.

However, where the committee could not find its way to agree was on the short title of the bill. As outlined in clause 1, the short title of Bill C-28 is the “Fighting Internet and Wireless Spam Act”. The name was intended to reflect the concern that cellphone and other wireless spam has joined Internet spam as a source of malicious infections that undermine consumer confidence in the digital economy.

The government does not believe the short title of the bill should impede the progress of a much needed law. Canadians have waited a long time for legislation that would give spammers nowhere to hide in Canada. In the interest of having this bill move quickly through the House and on to the other place, we will support changing the short title of the bill to the name by which it was known under Bill C-27 in the last session.

The short title of the bill has been restored to what it was in the last session of this Parliament when Bill C-27 had succeeded in making its way through the House and to the other place but died on the order paper when Parliament was prorogued last December.

The change to the short title in clause 1 of the bill was the only change requested by the Standing Committee on Industry, Science and Technology. Clauses 2 to 92 remain the same. So we now call the bill the electronic commerce protection act, ECPA for short.

The fact that clauses 2 through 92 passed through the clause-by-clause study without amendment indicates the wide support this bill has from all parties in this House. In fact members from both sides of the House are eager to see this bill pass into law so that we can help eliminate spam and related threats from the Internet and from cell phones.

This bill is about reducing spam and related online threats that discourage the use of electronic commerce and undermine privacy. The Internet has become a powerful medium for communication in the economy, but it has also become more vulnerable with the rapid growth and increasing sophistication of spam and other online threats.

Unsolicited commercial email can carry associated threats like malware, spyware, phishing and various viruses, worms and Trojans. In fact the hon. member for Davenport pointed out during second reading that the Kroll Global Fraud Report maintains that cyber theft has overtaken physical theft as a criminal act.

The Government of Canada is committed to the passage of this bill. Over the past years, it has worked both with the industry committee and in the House to create effective anti-spam legislation as a critical element of Canada's digital economy. The goal has been to make Canada a leader in anti-spam legislation by providing a more secure online environment for both consumers and businesses.

Under the bill before us, the CRTC would be responsible for enforcing the no-spam provisions, the violations involving the alterations of transmission data in an electronic message, and prohibitions against installing software or causing it to be installed without consent.

The Competition Bureau would extend its powers under the Competition Act to prevent misleading and deceptive online practices. The bill contains amendments to the Personal Information Protection and Electronic Documents Act that would enable the office of the Privacy Commissioner to take measures against the unauthorized collection of personal information through hacking or illicit trading of lists of electronic addresses.

The bill before us would create an effective regulatory regime that would permit legitimate online commerce while protecting consumers and businesses through rigorous safeguards. It would provide powers to the CRTC and the Competition Bureau to administer administrative monetary penalties for those who violate the law. It also proposes a private right of action, which would allow individuals and businesses to take civil action against those who violate the law.

The end result would be to promote consumer confidence in online commerce, by protecting both consumers and Canadian businesses from unwanted spam and related online threats.

We saw one recent example of the power of the right of private action when a California court rendered a judgment against a Montreal-based Internet marketer. The marketer had posted spam messages on Facebook. This judgment was recently upheld by the Quebec Superior Court, which ordered the marketer to pay Facebook more than $1 billion in fines. It is unlikely the marketer will ever be able to pay the fine, but the judgment certainly sent a powerful signal to spammers.

During the debate at second reading, the hon. member for Bonavista—Gander—Grand Falls—Windsor reminded us that fighting spam is not the responsibility only of the designated enforcement agencies but is also the responsibility of businesses, citizens and all members of society writ large. I believe the Facebook judgment demonstrates how businesses are ready to take action against spammers.

The bill before us is part of a wider government strategy to build consumer confidence and put Canada at the forefront of the digital economy.

Last May, the hon. Minister of Industry launched a nationwide consultation on the digital economy. Industry Canada has been evaluating the input and advice, and the minister has indicated he will make further announcements in the coming weeks and months on steps we will take to put Canada at the forefront of digital economy.

We can reduce spam and related online threats through a concerted, co-operative approach involving the public sector and the private sector. We will continue to work closely with our domestic and international partners to address threats to online commerce.

I urge hon. members to join me in supporting Bill C-28.

November 2nd, 2010 / 11:40 a.m.
See context

Bloc

Robert Bouchard Bloc Chicoutimi—Le Fjord, QC

I have a quick question about the application of this legislation for a business that offers services, sells products or does soliciting. Currently, there are no regulations on email. Has a deadline been set? It seems a deadline of 24 months was requested. Bill C-27 spoke of 12 months and I believe we agreed on 18 months. Is that still the case?