Bill C-27 (Historical)

Thank you very much.

As a preface to all of our comments, we'd like to emphasize for the benefit of the committee that we agree wholeheartedly with the intent of the legislation. I think there's general consensus that spam wastes time, energy, and significant resources, is a source of fraud, and makes it difficult for legitimate business to be conducted online. Notwithstanding that, we do have some serious concerns about Bill C-27 and exactly how it's implemented. I'll briefly delve into each of them, but we will of course be available for questions.

First of all, we think the legislation is a little too broad. What it does is take all commercial electronic messages and outlaw them subject to some hard-to-manage exceptions that are simply based on explicit consent, which can be altered significantly in regulations; personal or family relationships, which also are defined in the regulations that we haven't seen; and implied consent, which doesn't quite accord with what you would think implied consent means--it means simply an existing business relationship.

We're also concerned that the legislation itself is inconsistent with related regimes and other statutes that it actually seeks to amend. “Existing business relationship” is a concept that's entrenched in the national “do not call” list, but it's treated differently for the purposes of this statute. “Commercial activity” is also a term that is central to the Personal Information Protection and Electronic Documents Act but is defined differently in this statute for purposes that aren't necessarily clear on their face as to why one needs to have different definitions of the same term.

Consent, which is obviously a concept that's central to the privacy provisions in PIPEDA and is central to this piece of legislation, is radically different from one to the other. We think this presents problems because many of the businesses that are going to have to deal with compliance with the Electronic Commerce Protection Act, PIPEDA, and the Competition Act are the same people who are going to be using the exact same terms, but for very different purposes or with different meanings, which makes it difficult to manage.

Otherwise, the statute is also a bit hard to follow, and we're concerned that too much of it has actually been left to the regulations. This is a statute of general application. It's going to apply to pretty well every business and it's designed to be for the benefit of every single consumer. In our view, businesses should be able to pick up the statute and have a very strong understanding of exactly what it is they have to do and what it is they can't do. Likewise, consumers should have the ability to pick up the statute and understand what their rights are and what their remedies are.

It's our feeling that too many important provisions are being left to the regulations, which may be sensible in the sense that this is a rapidly moving area. There are some central concepts that could be and should be entrenched in the statute, with regulations being left to deal with issues that come up and to deal with loopholes that might not have been foreseen.

We're also concerned that the statute may in fact actually, on its face, violate the charter, simply based on a violation of the freedom of expression provisions contained in paragraph 2(b) of the charter for anything that regulates communication that conveys expression. You may not think that most of the spam that arrives in your inbox actually conveys meaning, but the courts would find otherwise. In order to be justified, it has to meet a strict test under section 1 of the charter, the most important provision of which is that it has to be minimally impairing, so it has to be very finely tuned legislation.

We're concerned that the way it's drafted so broadly may mean that it actually might not survive a charter challenge. While we agree wholeheartedly with the intent of the legislation, we don't want to be back here in a couple of years because it has been struck down as being unconstitutional. In our view, it needs to be fine-tuned in that regard.

A number of fixes could be proposed, which we'd be happy to talk about at greater length. The most important one would be not to limit implied consent. I think you've probably heard this from others. Consent is a concept that we've been dealing with under privacy legislation for quite some time. People have a pretty good idea of it. You've been dealing with it in the medical context as well. A reasonableness standard can be put in place.

Before I run out of time--and I apologize for being a bit long-winded--I'm going to hand it over to my colleague Mr. Alexander-Cook.

We believe the anti-spam provisions are too broad as they relate to business-to-business communications. Where a business makes its e-mail address public and the address is not accompanied by a statement that commercial messages are not welcome, Bill C-27 should treat this as implied consent by the business.

Electronic communications have evolved to be a convenient, quick, and cost-effective way to communicate employment opportunities. One way our members grow is by recruiting new financial advisers through electronic communications. We propose that clause 6 be amended to include an exemption for electronic communication that has as its sole purpose information regarding legitimate employment opportunities.

IFIC supports the proposed penalties. The maximum penalty for a violation is $1 million in the case of an individual and $10 million in the case of any other persons. For violations of clauses 7 and 8, where prohibited actions have the potential to result in large-scale system damage or fraud, these are at the right level.

In the case of clause 6, we believe the penalties are excessive and out of scale to the potential harm caused by a breach. The penalties for contravening clause 6 should be different from the penalties applicable to a contravention of clauses 7 and 8. Within clause 6, we would also propose much smaller deterrent penalties for those businesses that are simply using electronic means as a supplement to their business efforts and where individual violations are not harmful.

IFIC supports the right of public action for violations of clauses 7 and 8 where prohibited actions have the potential to result in large-scale system damage or fraud, but for clause 6, the right of public action seems unnecessary, excessive, and potentially open to abuse. We propose that the right to a public action be limited to violations under clauses 7 and 8.

As noted earlier, the investment industry has rules in place governing communications with the public. The Mutual Fund Dealers Association and the Investment Industry Regulatory Organization of Canada require that all sales communications from their members to the public must first be approved by an officer of the member company. We believe these requirements, together with the provisions of Bill C-27, provide the necessary protection to the public on matters of content as well as the need for sanctions. Accordingly, we recommend an exemption to clause 6 for industries where existing regulatory structures are in place.

We all recognize that technology has changed the way we interact, both on a personal and a business level. Whereas in the past we would have met friends and made new personal or business contacts through dinners, meetings, and other gatherings, today we are doing it through technology. Cyberspace has redefined how we communicate and interact.

Our concerns about the overly broad application of this legislation could be corrected by very simple amendments, primarily in clauses 6 and 10, to provide exemptions and safe harbours for referral business, ongoing fiduciary relationships, business-to-business communications, employment opportunities, and established social networking relationships, together with a refinement of the penalties and private right of action to target the actual wrongdoing in cyberspace.

Thank you for listening. We look forward to your questions.

Bonjour. My name is Paul Vaillancourt.

The proposed clause 6 prohibits one-to-one e-mails of specifically directed marketing communications, which are not by their nature intrusive in the lives of recipients and do not create economic harm. My clients are my best sources of new business. A financial adviser like me regularly sends e-mails as a follow-up to a referral from an existing client to a friend or a family member who is looking for a financial adviser. In fact, such referrals are crucial to my business.

E-mails are an efficient means of contacting potential new customers based on referrals without being a nuisance to the recipient. In years past, we used the postal service to follow up on referrals. E-mail has replaced the old technology of writing letters, but it is essentially the same thing. In addition to being less expensive, less intrusive, and more environmentally friendly, it is an accepted, indeed an expected, form of introduction. Individuals are able to access the information at their convenience and have complete control to respond or not.

Clause 6 should be limited to those who target individuals or entities through mass e-mails, where there is no reasonable identifiable relationship between the recipient and the sender. Where the recipient has been referred to the sender, there should be a specific exemption allowing the sender to contact the referred individual or entity. Regulations pursuant to this legislation could be developed to prevent abuse of this exemption and to ensure there was indeed a referral.

Subsection 10(4) of Bill C-27 defines “existing business relationship”. That definition may be sufficient for relationships based only on contract dates or specific sales operations, but it is ill-suited to a consultant service relationship where the consultant has a fiduciary responsibility to contact and inform his client. This type of relationship should be viewed differently.

In many cases, our relationship with the client is linked to an investment made by the client that is followed by none of the operations targeted in subsection 10(4). Consequently, we recommend that in the case of persons who have a fiduciary relationship with the client, the 18-month period targeting subsequent communications begin when the professional relationship or the consultancy relationship ends.

Canadians are world leaders in the use of social networking sites such as Facebook, Twitter, LinkedIn, clubs, and associations. The proposed legislation does not contemplate the popularity and widespread use of these social networking groups or the fact that these groups already effectively govern the boundaries of the communications. The definition of “existing non-business relationship” in subclause 10(6) should be expanded to include members of established electronic social networks to better reflect this emerging reality.

Thank you, Mr. Chair. We appreciate the opportunity to speak with you today.

My name is Joanne De Laurentiis. I'm president and CEO of the Investment Funds Institute of Canada. I'm joined by Paul Vaillancourt, who is an independent financial consultant who runs his own successful business here in Ottawa. We will share our comments this afternoon.

The Investment Funds Institute of Canada is the national association of the Canadian investment funds industry. Like Paul, individuals representing our members work in almost every town and city across Canada. IFIC's mutual fund manager members manage over $560 billion in mutual fund assets, and 70% of these assets are held in retirement saving vehicles and are helping Canadians build their wealth.

We believe the clauses in Bill C-27 that combat and punish illegal and harmful activities and that damage the trust surrounding electronic commerce are necessary. We support the recommendations in clauses 7 and 8 regarding the prohibition of the altering of transmission data and the unauthorized installation of computer programs on another's computer. We also support the proposed amendments to the Competition Act to prohibit misleading commercial e-mails and amendments to PIPEDA regarding the use of e-mails collected through selected computer programs.

We are here to encourage you to better balance the protection of individuals and businesses from unwanted e-mails while still allowing responsible communications by legitimate businesses to their potential clients and customers. We think this can be accomplished with several simple amendments.

Thank you, Frank.

Mr. Chair, the stated purpose of the bill is to regulate the commercial conduct that discourages the use of electronic means to carry out commercial activities. Everyone, I think, agrees that this is an important objective, so it is equally important that we avoid restrictions that would have the effect of discouraging or making impossible exactly what the bill seeks to protect.

Our contention is that within an opt-in framework contemplated by Bill C-27, greater flexibility can and in fact should be provided as it relates to the means of obtaining consent. As we noted in our written comments that were circulated earlier in the summer, the proposed restrictions threaten to undermine the viability of commercial communication by electronic means. The problem is that in a great many instances people will simply not use one medium to give consent to communicate in another medium.

In the life and health insurance industry, and I think more generally in the financial services industry, many contacts are developed through referrals. By and large, the referral process is an informal process, and that sets up an important disconnect. The person being referred may be quite happy to be contacted by e-mail, but it is extremely unlikely that many will be willing to take the time and effort to write out express consent or take the initiative to contact an adviser.

We appreciate that there is a concern that e-mails intended to obtain consent could be misused. But it is important to keep in mind that e-mails following up on a referral need to clearly identify the person who is sending them. Our suggestion is that e-mails to obtain consent be permitted if they clearly state the purpose and do nothing else to promote the sender's services or products.

It's important to keep in mind that an e-mail that's doing this must clearly identify the sender who is using the e-mail for these purposes. So if there is any misconduct, if they're deviating from any of the restrictions you care to put in place, their identification is all over the e-mail. This fact should be more than enough to discourage misuse.

Mr. Chair, the use of electronic communication has important economic and environmental advantages. It would be unfortunate if the restrictions in Bill C-27 had the effect of forcing businesses to rely on more costly and less environmentally friendly ways of communicating with prospective customers. An important step in avoiding this outcome is to permit e-mails intended to obtain consent.

The industry greatly appreciates this opportunity to contribute to the committee's review of Bill C-27. I would like to thank you for your attention. We'd be happy to answer any questions you might have.

Thank you, Mr. Chairman and members of the committee. I would like to thank the committee very much for giving us this opportunity to contribute to your review of Bill C-27, the Electronic Commerce Protection Act.

My name is Frank Zinatelli, and I am vice-president of legal services and associate general counsel of the Canadian Life and Health Insurance Association. I am accompanied today by my colleague Peter Goldthorpe, who is the CLHIA's director of marketplace regulations issues. We welcome this opportunity to make constructive contributions to the committee as you seek to develop your report to Parliament on this important bill.

By way of background, the Canadian Life and Health Insurance Association represents life and health insurance companies accounting for 99% of the life and health insurance in force across Canada. The industry protects 26 million Canadians and some 20 million people internationally.

With your permission, Mr. Chairman, we would like to make a few introductory comments.

In August, we submitted written comments to the committee. Several of the matters were technical in nature and involved providing greater clarity and certainty to the language of the bill. We trust that these are relatively free of controversy and will be addressed by the committee.

This afternoon we would like to focus our remarks on a broader issue. The issue is the proposed restrictions on obtaining consent by electronic means, and my colleague Peter Goldthorpe will now address this.

Thank you, Mr. Chairman.

Good afternoon, members of the committee. The Desjardins Group thanks you for giving it this opportunity to share its views on bill C-27 with you today.

First of all, allow me to briefly introduce the organization we represent. Desjardins Group is ranked 26th among the 50 most reliable financial institutions in the world, according to the list entitled “World's 50 Safest Banks 2009”. With total assets of approximately $160 billion, it is the largest cooperative financial group in Canada and the 9th largest in the world. Supported by its network of caisses in Quebec and Ontario, as well as the contributions of its subsidiaries, several of which are active across Canada, it offers a complete line of financial products and services to its 5.8 million individual and business members and clients.

Desjardins Group is also a hub of expertise in wealth management, life and health insurance, property and casualty insurance, services for businesses large and small, securities, asset management, venture capital and cutting-edge technology, all within an integrated service model that is one of a kind in Canada.

It must be noted that Desjardins Group has been concerned for quite some time about the problems caused by spam proliferation. The bill is without a doubt an initiative that targets more reliable, safe and secure electronic commerce. However, Desjardins Group believes that some of the bill's provisions will do more to restrict legitimate electronic commerce than to dispel the efforts of ill-intentioned users of this technology.

Bill C-27 needs to be adjusted in such a way as to slow down the proliferation of spam while allowing for the development of electronic commerce and the competitiveness of the Canadian economy. As regards consent, section 2 of the bill is excessively limiting and poses a threat to legitimate electronic commerce. Under the bill, it would be prohibited to send an electronic message requesting consent to receive commercial electronic messages. Desjardins Group believes that it is unrealistic to think that Canadians will give express consent to receive commercial electronic messages on their own initiative. Being far too restrictive, the prohibition of electronic messages requesting consent should be stricken from the bill.

As well, the bill should recognize that certain commercial practices do not constitute unsolicited commercial electronic messages. For example, a company should be able to solicit a client if it has first received a referral. It should be able to do the same if it holds an individual's email address as part of a prior business relationship, where the individual has not withdrawn his or her consent for solicitation purposes, or when a potential client contacts a company to obtain information and does not withdraw his or her consent. Electronic communications following referrals are common practice, they are legitimate and appreciated by clients. As such, the recognition of implied consent should be added to the bill with the possibility of such consent being regulated thereafter.

Another major source of concern not only for Desjardins Group, but for all Canadian companies are the clauses related to the Do Not Call List. We understand that the government does not plan to implement those clauses at this time, but their mere presence within the bill is worrisome. In this respect, it is important to remember that those subject to the act and their partners in government worked for three years on establishing effective regulations for this tool and significant financial and labour resources have gone into achieving compliance. It is therefore quite astonishing that the longevity of the Do Not Call List could be jeopardized just one year after coming into effect. Given these considerations, Desjardins Group recommends that a detailed study and public consultations be carried out before making any modifications to the DNCL.

In conclusion, in Desjardins Group's view, the current text of the EPCA will threaten legitimate electronic commerce.

Quite honestly, the bill seems more geared to protecting service provider bandwidth than electronic commerce itself. With this in mind, we believe that it is essential for certain parameters to be readjusted and for more flexibility to be added to the ECPA in order for it to achieve its intended objectives without discouraging growth in the Canadian economy.

Thank you for your attention.

My colleagues and I would be happy to answer your questions.