Bill C-28 (Historical)

Mr. Speaker, the one thing I would seriously consider doing in the bill is finding a way to ratchet up the response into the Criminal Code. It is not that everything that happens in this bill has to be criminalized, all the bad stuff, but we need to find a way to take an accumulated happening or event, either by size or quality, and allow it to be moved into the Criminal Code. At least we would be able to hammer down pretty seriously on Canadian-based perpetrators of what I call these anti-social activities.

That is what I would have done. I would have provided a step up into the Criminal Code for some of the more egregious breaches of the prohibitions we have here.

Mr. Speaker, I am very pleased to speak to Bill C-28. I enjoyed the remarks by the member for Scarborough—Rouge River. He made some valid observations in the beginning about the fact that the delays of the government in bringing the bill to fruition were in some way unavoidable because of the election. However, sometimes delays can actually work out to one's benefit.

I note that because of this process involving a previous bill dying and then the government re-forming it as Bill C-28, the fact of the matter is some improvements were actually made along the way.

Coming out of the committee there were some improvements, even one that the government made itself as a result of representations made by presenters to the committee. They resulted in amendments to the bill.

I know governments oftentimes introduce legislation and they themselves bring in a number of amendments at the committee stage, so it is a process to get it right, a process that involves in many cases correcting oversights and making amendments as we progress.

At the end of the day, we may actually have a better bill than we would have, had we gone with the earlier versions.

We have not heard from the government very often during these debates. One of the questions I would ask is: How many actual cases have not been dealt with because of a lack of this type of legislation?

This type of legislation has been in the pipe since 2004. There were two senators involved with bills of their own. As has been pointed out, we are the only country in the G8 that does not have legislation of this type at this point.

Therefore I would be interested in knowing what the experience has been with the other countries in the G8, with their type of legislation, and how many consent orders have been dealt with in their jurisdictions and how many fines have been collected. If in fact they have jail provisions, how many people have actually gone to jail in any of those G8 countries?

However we have not had any representations from any government members about those particular issues. Surely we could learn from the other countries that have this legislation. If in fact there has been an increase in one type of activity over another in one of those G8 countries, I would assume that the government would have been quick enough to respond and would have been able to cover that off in our legislation.

Having looked at the legislation, I see it is quite comprehensive. The NDP members support the legislation over and above the questions that we have about it on the issue of the jail provisions. It is quite a substantial bill and deals with many areas that need to be dealt with.

Another point I would like to make is that this is a relatively new area. The technology has expanded so much. It has only been since 1995 that emails have become a regular occurrence and certainly e-commerce has been on the radar only since 1999.

At the provincial level, 10 years ago we were looking at bringing in e-commerce legislation, and in Manitoba around 10 years ago we brought in Bill 31, which I mentioned before in the House, which was the best e-commerce legislation in the country at the time. It was following the Uniform Law Conference. I believe that all of the provinces in Canada have since followed suit and brought in their own type of legislation to deal with those substantial issues.

However, that was a response to e-commerce in 1999 when it was very new and people were reluctant to purchase things online. We brought in some consumer friendly amendments to that bill. One of the provisions was that anyone in the province of Manitoba who purchased a product or service online and did not receive the product or service, the credit card company would have to back it up and compensate the customer.

The credit card companies had some concerns about that but it was something that we copied from at least four states in the United States that had that type of legislation in 1999. Those were the beginnings of e-commerce legislation. Today, e-commerce has burgeoned and exploded in spite of any type of legislation. I do not think I could point to many thousands of people in Manitoba who would even know we put in that protection for them in that bill.

That was only part of why we brought in the bill in the first place. We were dealing with the whole issue of databases, which is very controversial. It was shortly after the Jane Stewart experience in Ottawa with databases. However, what we were trying to do was come up with a common business identifier so that businesses in the country could deal with the federal tax department through a single business number. By doing that, we had to have a legislative framework in place to begin dealing with, not only within the government but within companies in Manitoba and the federal government, taxation issues, making corporate tax payments, the whole issue of T4 slips, records of employment and all those sorts of business type issues.

The governments of the day were looking at low-hanging fruit, things that they could control. They were looking at their own government to start with, but the view was to expand out to the private sector companies to try to make them more efficient and make the government more efficient. Before we went with the SAP computer system, we had no idea that the Department of Industry was giving a grant to a company that was in arrears with our taxation department and not paying its PST. In fact, that was happening. I am not sure what systems are now being used through federal government departments, whether it is SAP or a different ERP system, but we wanted to ensure we knew what we were doing in our own house.

This was a very controversial type of legislation that we had to deal with. We had to deal with the sharing of databases. We had interjurisdictional issues. We also had to deal with the existing silos within the provincial government where each department was saying something different. For example, finance was saying that it could not do this because of certain reasons and justice was saying something else. In each department there were five or six involved in the legislation. Since each one had its own concerns, we needed to get them together and say that this was the way we were going and that we would need to accommodate to the changing environment.

That is a big problem and it is a big problem with the federal government as well.

We have had to do a lot in this whole area and the federal government was under a lot of pressure. Why did it wait so long when seven of the eight G8 countries have had legislation dealing with spam for a number of years?

At the end of the day, it is time to pass this legislation and get it through. Some debate will continue about whether we went far enough. There are some provisions that I will get to later but there are so many provisions to this legislation that it is impossible to deal adequately with them in a 20 minute time period. However, a lot of provisions in the legislation may provide some sort of upset or cost to our nation or to the businesses in the country. We will only know over time whether that will be the case.

I know that in dealing with legislation, governments try to the best job it can to have an open process by having witnesses come before committee to give expert testimony. Provincially, we have a system where we allow almost anybody to come and make a 10 minute presentation on a bill.

Having said that, we would have a similar bill to this where we would do a round of consultations over the course of a year and then we would have the hearings and the press coverage. Still, at the end of the day, a year down the road after we had passed the legislation and had the regulations in force, people in the affected business communities would come forward and say that they knew nothing about the legislation and that it was a total mystery to them. They would accuse the government of bringing in the legislation and causing them a lot of problems without having proper consultation, when in fact we could prove that we did a lot of consultation.

In the spite of the fact that we have done all this work and that it has taken so much time, I still anticipate that we will have some problems at the end of the day with people or companies saying that they did not know about it, even after all of the speeches and the consulting that has been done.

Some adjustments may be necessary. For example, small businesses are very concerned about the relationship they will have or will continue to have with their previous clients. The new laws put some restrictions on how they can deal with their clientele. Before the do not call list came into effect, it was routine for a business to contact its customers, in-house, over the phone or through the mail, regarding other products. However, they cannot do that anymore because it is not allowed.

The way the system works now is that customers need to give their agreement for the business to approach them. This will cause a lot of stress for businesses in the country. Every time the government comes out with a new set of regulations, businesses that are doing what businesses do best, which is conduct business, will need to retool their operations and re-educate their employees on what is involved. There is no end to the questions being asked about whether companies can contact previous clients and under what conditions they can be contacted.

We introduced the do not call registry but the government found that the system did not work so well. I think it is working a little better now. However, in the initial periods, some people who were put on the do not call list found that they were receiving more calls after they were on the list than they were before being put on the list. People were accessing the do not call list.

This bill would deal with the do not call list. As a result of the much improved wording in the bill, the government has the option to phase out the do not call list over a period of time. When that time comes, the government can simply invoke the provision of the act that allows it to eliminate the do not call list. The do not call provisions are covered under this bill.

The bill has a lot of good things with respect to the definitions and the wording. With the volume of clauses and changes in wording that we are dealing with, it is impossible to get into all of the minutia in a 20 minute presentation.

A lot of good improvements have been made to the bill. Three or four years ago, people were not aware of some of the technical terms and technology issues, so it is possible that this legislation will be outdated before it comes into effect.

I have mentioned the issue of fines a few times but I want to deal with it again. I want to look at the case involving Facebook. The fellow who had a $1 billion judgment against him by Facebook for spamming, basically turned it into a media extravaganza for himself. He was on all the national television networks as a result of it. He laughed at Facebook. Facebook spent a huge amount of money on lawyers and chasing him down to get this $1 billion settlement and he just declared bankruptcy. If we are dealing with the likes of that fellow and other people like him, how in the world will we be able to deal with them by passing this type of legislation? Let us take a look at what is being contemplated in this bill in terms of enforcement.

I do not have any complaints about it. It is a good idea to look at consent orders. However, we can always be suspicious of regulators who deal with consent orders because they may show favouritism to their friends or may not fine people who should be fined. People who co-operate and people the regulators like will get a consent order and a cease and desist order but no fine. People not in their favour may get fined.

Nevertheless, let us assume for a moment that consent orders are a good idea and will solve a lot of problems. If the consent order does not work, the backup is a $1 million maximum penalty for individuals and $10 million for corporations. That is not bad but I do not know of any corporation that can afford a $10 million fine that will be guilty of spamming in the first place. These big companies have lawyers. They know the law. They will not be spamming in the first place.

Who we will have spamming are offshore people, people who are hard to catch, people who do not have any assets or people who hide their assets. A consent order will not stop them. Fines will not stop them. It seems to me that only a jail sentence will put the skids on some of these people--

Order, please. We will now move on to questions and comments with the hon. member for Vancouver Kingsway.

Mr. Speaker, it is very difficult to hold senders of spam accountable for their mass mailings. We all know that the barrier to entry is very low. Spammers are numerous and the volume of unsolicited mail has become astronomically high in the country. We have already heard the figure of some two billion spam messages a day in Canada alone.

The cost of spam should not be underestimated in lost productivity and fraud. Those costs are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with that deluge. A recent study from California demonstrated how spammers profited from their activities by shifting the costs traditionally borne by marketers to the recipients of spam, which are namely Internet providers and Internet users.

My hon. colleague has already commented on the need to have tough sanctions to deal with this, which I think is quite positive in many respects. However, there is an absence in the bill of any criminal sanction. Could he tell us what his feelings are with respect to having criminal sanctions added to the bill so we can ensure we can deal with this problem?

With civil penalties, the people have to be found. Many are companies that are set up in houses or in the cyber world. We may have no real ability to track them down. We may be unable to get at their assets. In fact, they may have no assets. Civil action against entities like that simply will not work.

Could the member comment further on the need for criminal sanctions as a real means of getting at this problem?

Mr. Speaker, I also wish the bill would be sufficient in the form it is right now. As I said, I look at the consent orders and think they should solve a lot of the problems. I think a lot of people would be reasonable. The fines are good as well. I do not have any problem with the $1 million for individuals and $10 million for companies. However, I do not see how that would solve the issue of somebody declaring bankruptcy and not paying the fines.

Some sort of criminal offence and jail time should be in the bill to stop people like that from spamming. In future, we may have to revisit the bill and add that in.

I want to mention the private right of action. This is another important part of the bill because it creates a private right of action for individuals who have been affected by contraventions of Bill C-28. A person who alleges that he or she is affected by an act or omission that breaches the key provisions of the act might apply to a court for an order of compensation. This is another outlet for people who think an issue is not being dealt with by the government. There would be a private right of action. It is important for those who are watching today to know that.

Mr. Speaker, I want to focus on spam and its use in crime. Spam can be used to spread computer viruses, Trojan horses or other malicious software. The objective may be identity theft or even worse, for instance, advance-fee fraud and other kinds of commercial fraud transactions.

Some spam attempts to capitalize on human greed, while other attempts use the victim's inexperience with computer technology to trick them, for example, phishing.

In May 2007 one of the world's most prolific spammers, Robert Soloway, was arrested by U.S. authorities. He was described as one of the top ten spammers in the world. He was charged with 35 criminal counts, including mail fraud, wire fraud, email fraud, aggravated identity theft and money laundering.

We also have to take this issue seriously, not only in terms of the irritation and costs that are borne by consumers and Internet providers in our country in extra overhead, transaction costs and damage to computer and community channels, but we have to recognize that this has an important criminal element as well.

Could my hon. colleague talk about the need to control spam and the effect it may have in terms of being a tool to deal with fraud and other crimes in our country?

Mr. Speaker, as I mentioned, because of the lack of government speakers on this bill, we have been unable to determine what the government's thought process was in developing it and whether it consulted with the other seven of the G8 countries to hear what their experiences were with similar legislation and whether it solved a lot of the problems. Hopefully, the government is building on the positive experiences of those other countries.

Let us look at the example of the do not call list. That was very well-intentioned legislation. However, it backfired right away. People on the do not call list were getting more calls than they had been before.

The government has dealt with that issue in this bill. We will be able to phase out the do not call list in favour of the bill. We have brought in very good wording in a lot of the sections do deal with expanding areas in technology. I see a lot of very good parts of the bill, which is why I, my colleague and the NDP support the bill. However, we do have some cautions, and we have mentioned them many times now, about the lack of criminal sanctions in the bill. We perhaps should have looked at that, but time will tell.

As to how many cases we have missed in the past because of a lack of this type of legislation, we do not know. I would have expected the government to explain that to us through its speakers to the bill had there been any. We would have liked to have been alerted to the fact that one of the reasons the government brought in the legislation was to deal with a number of issues in Canada. However, we never heard any examples of missed opportunities. If we have not had any missed opportunities, if we have not had any bad experiences, then what is the need for the legislation?

There should have been more background information and more updates from the government. I am familiar with some ministers in provincial governments who routinely give opposition briefings, and that is very important. Yet I know under the Conservatives in Manitoba, some ministers would give briefings and some would not. However, the ministers who gave briefings were rewarded for it because the members of opposition had a better understanding of the provisions of a bill. They could make suggestions for improvements to it and it was a less confrontational approach. However, other ministers have a very bad attitude. They do not want to help the opposition at all. They do not want to share any information. At the end of the day, they pay the price for not co-operating.

I am not sure just how many ministers in the Conservative government provide briefings on bills to members of the House. If they are not doing it right now, they should consider it. If they are doing it, that is really good. However, they could at least have informed us about some of the reasons for coming in with this bill.

We do not have a lot of problem with the bill. Barring another prorogation of the House by the Prime Minister by the end of the year or a quick election, hopefully this legislation will be in place. When we see what sort of regulations are promulgated by the government, then we will have a better idea of where the government is headed with it. At the end of the day, only time will tell whether this was a good move. If it was not, there is always the opportunity for a future government to bring in amendments to the bill if we find there were some areas that we missed.

Mr. Speaker, it is a pleasure to speak to Bill C-28, the fighting Internet and wireless spam act, better known as FISA. It is designed to curb the flow of spam, unwanted installations of unauthorized and sometimes malicious software and the unauthorized collection of personal information. In other words, it aims at stopping spam emails. With spam emails, we do not always give prior consent and that is what makes them so obnoxious.

I have been listening to a lot of the speeches and going through the bill and it really is a dry topic. It is something that, unless one is really into the technical side of things, does not excite people until it hits our computers or our homes. That is when we really feel the impact that spam has on individuals.

I want to do a bit of a history. In 2004-05 the Liberal government of the day established an anti-spam task force and recommendations for actions were put forward. The Liberal recommendations called for the government to introduce legislation to prohibit four things: first, the sending of spam without prior consent of recipients; second, the use of false or misleading statements that disguise the origins or true intent of the email; third, the installation of unauthorized programs; and fourth, the unauthorized collection of personal information or email addresses.

I would like the members to remember these four points because they will be showing up again and it is important that we finally get there. Of all the G8 countries, Canada is the only one that does not have legislation in place yet. When we look at something like this, we have to ask why Canada has really lagged behind.

Had the government continued under a Liberal government back in 2005, we would have had legislation. However, unfortunately the NDP leader decided that in 2005, it was time to stop supporting the Liberal government of the day. I think history will look back and see where progressive thought really slowed down, if not stopped, for a number of years. It will not be pretty when people look back and see what was lost. Whether it was legislation on spam, child care or first nations rights, it will not be viewed positively.

Let us get back to Bill C-28. It was originally introduced by the Conservative government as Bill C-27, which died in prorogation. Prorogation normally is not something we speak of positively. I look at prorogation and it really was something Canadians did not want, it was something Parliament did not really want and it caused a lot of problems. However, one thing it caused was the death of Bill C-27.

Prior to the prorogation, many flaws were exposed in the bill and when it came back, the good thing was that many changes were made. Bill C-28 was introduced after the return from prorogation, with the changes to correct many flaws identified. I am pleased to see the Conservative government decided to act on the recommendations of our Liberal task force and the recommendations of the industry, science and technology committee.

Legislation in a fast moving area such as technology must be monitored closely to ensure it does not stifle legitimate electronic commerce in Canada, while accomplishing its intended purpose.

The real test of Bill C-28 will be in its implementation. How diligently will it be reinforced? What resources will be allotted? How serious is the government in protecting Canadian citizens? Those are the questions we will have to look at and really look to see how strong the legislation will be.

One of the things that the legislation calls for is periodic review of the legislation. I talked about how fast electronic media changes and how fast technology changes. That is why the legislation in particular has to be reviewed on a regular basis so it keeps up with what goes on.

In its main provisions, Bill C-28 introduces a new regulatory scheme and monetary penalties for spam and related threats such as identity theft, phishing, spyware, viruses and botnets, and it extends the rights of civil action of their victims. I know a lot of us have heard these terms, but I thought I would take the time to go through them because they are not always well understood and I want to clarify them.

I went on the Internet itself, to Wikipedia, and got some definitions of the individual terms, because I know there are people listening at home wondering, “This is wonderful, but what exactly does it mean and what effect does it have on me?” We all know about spam, which I will define at the end, but spam is just one part of it.

We hear about identity theft. Identity theft is a form of fraud or cheating of another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. The victim of identity theft can suffer adverse consequences if he or she is held accountable for the perpetrator's actions. Organizations or individuals that are duped or defrauded by identity theft can also suffer adverse consequences and losses, and to that extent, they are also victims.

Again, identity theft is one of the points that this legislation takes on. We look at the fraud in it. Someone spoke earlier and asked about the Criminal Code. This identifies it, and fraud is covered under the Criminal Code.

The other term that comes up quite often is phishing, not fishing with an “f”, but phishing with a “ph”. Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social websites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.

Phishing is typically carried out by email or instant messaging and often directs users to enter details to a fake website that looks and feels almost identical to a legitimate one. When we go somewhere on the web and see something saying it is a certain company, we want to make sure that it is real, that it is what it says it is.

Phishing basically sets up a fake facade that people think they can trust. People input information and then the information is harvested and used to hurt individuals. Whether it is taking their money or identity or causing problems for those individuals, we can see where the problem would come.

The one we hear about often is spam. That seems to be the generic one that covers everything. Spam is the use of electronic messaging systems to send unsolicited bulk messaging indiscriminately.

While the most widely recognized form of spam is email spam, the term is also applied to similar abuses in other media, including instant messaging spam, Usenet newsgroup spam, web research engine spam, spam in blogs, wikispam, online classified ad spam, mobile phone messaging spam, Internet forum spam, and junk fax transmissions.

People who have faxes in their offices have had junk fax transmissions come to them. It uses up trees by using paper, it uses up resources by using ink, and it uses up copies that the individual receiving it has to pay for. Sometimes when these transmissions are received in large number, it becomes an expense that hurts.

Social networking spam is something that people are aware of, as well as television advertising and file-sharing network spam.

We have all heard the word “spyware”. Not many people really realize what spyware is. It is a type of malware that can be installed on computers and collects little bits of information at a time, without the user's knowledge. The key is “without the user's knowledge”. Users do not know that this spyware is in their computers and it constantly transmits little bits of information. The presence of spyware is typically hidden from the user and it can be difficult to detect.

Typically, spyware is secretly installed on the user's personal computer, and while the term “spyware” suggests software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information such as Internet surfing habits and sites that have been visited, but it can also interfere with the user's control of the computer in other ways, such as installing additional software and redirecting web browser activity.

Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, or loss of Internet functionality and other programs.

We have all come across that, where we are working on something and it seems that everything is going along really well, and suddenly everything stops. What happened? There is a piece of spyware that went in there and changed things around. There is a frustration and a cost to the individual.

If someone sitting at home, likely retired, working on a computer, has a fixed income and suddenly he or she has to expend dollars to get the computer running again, there is a direct effect there.

There may be those who ask how that affects them. We have all had the frustration. We have had to bring someone in to fix the problem, if he or she can fix the problem. When the individual gets it running again, that individual has money out of pocket. On a limited income, if one is retired, it really hurts individuals directly.

Computer viruses are something that we hear of a lot. A computer virus is a computer program that can copy itself and infect a computer. A true virus can spread from one computer to another when its host is taken to a target computer, for instance because a user sent it over a network or the Internet or carried it on a removable medium such as a floppy disk, CD, DVD or USB drive.

We see a lot more of that now where we have people coming in with USB drives, collecting the information and then going to another computer. It is a perfect way to spread viruses.

I have a 13-year-old daughter who works on her computer. She brings her homework back. She will input the information and take it to school. She might be bringing back something from the school or someone else might be bringing it to the school. So we can see where a virus can cause a lot of problems for many people.

Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by other computers.

One that we do not hear much about is botnets. That is covered under this legislation. A botnet is a collection of software agents or robots that run autonomously and automatically. The term is most commonly associated with IRC bots.

The best way to describe IRC bots is when we go to a website or even an email and think we are interacting with another individual but we are not. With an IRC bot, we are basically interacting with another machine. We think that person is there responding to us. We can see the problems that could cause: someone going to one site, getting answers, building up a trust, and then suddenly finding out it is a machine on the other side.

The other thing that happens with the IRC bots is that one can access a number of people, all interacting with this one machine, so the individual is not duping people, a machine is, and the spread can cause a lot more damage because it is so pervasive.

As well, it does spread some malicious software and it can also refer to a network of computers using distributed computing software.

Anyone who has used a computer can relate to the kind of frustration that this malware can cause in some of these unwanted infiltrations into one's computer.

It is not only frustration. As I mentioned earlier, there can be a real financial loss to the individual who is using that computer and connecting and who will be affected by some of these issues.

Let us take a look at Bill C-28 again, now that we know what some of the definitions are.

Bill C-28 contains four main thrusts. It prohibits the transmission of commercial messages, basically spam, without express consent. The only conditions under which express consent is not required are those where family or prior recent business relationships exist. Messages requesting consent have to provide the names of the sender and the client on whose behalf the message is being sent, contact information for both, and a way to unsubscribe.

Quotes and estimates that are requested are not covered by this, nor are emails or follow-ups on business previously transacted.

There is one loophole or one barrier in this legislation that I would like to talk about. That is in regard to people who are in sales, such as financial advisers, real estate agents, or stockbrokers. What often happens is that they will do business with someone, and at some point, using real estate as an example, the person they are doing business with will say, “My brother, John, is looking for a house. Give him a call or get hold of him. I am sure you can help him out. You have done a great job for me, and John, who is my relative, could use your help”.

This legislation unfortunately does not allow the real estate agent to send an email to that person. He has to get express consent from the individual to whom he will be sending that email.

I was talking about how this legislation has to be reviewed on a regular basis. I think this is one of the areas we are going to have to look at and ask if it really allows business and e-commerce to continue and to flourish. We can see the barriers that are set up and the problems it would cause to people who earn a living in the sales field.

As we see this going on, I think it is important that we monitor some of the effects of this legislation. Maybe in about a year or so we should review it, see what is going on, and see what the unintended effects of this legislation will be.

The bill attempts to curtail phishing, with a prohibition on false or misleading information on the source of an email. The bill also prohibits the installation of programs to operate another's computer or the dissemination of messages on a computer without the individual's consent, and there is the option to withdraw the consent.

As we can see, it goes back to malware, the spam that we spoke about earlier and how this bill will block that.

The bill includes provisions that halt the collection of personal information, by amending PIPEDA, the Personal Information Protection and Electronic Documents Act, to include a ban on collecting or using electronic addresses obtained through a computer program designed for their collection, as I mentioned earlier, the phishing program.

So this legislation does come into play, and there are additional provisions that specify that a tougher regime under FISA take precedence over the existing Personal Information Protection and Electronic Documents Act and all the legislation that could apply.

The bill's provisions extend not only to those who violate it, but also to the agents or directors of the corporations who aid, authorize or acquiesce to the violations. The bill follows the money. That is the key right here, because when we look at a lot of this, the infractions and the invasion, it comes right back to money. It follows the money, stripping protection for those who hide behind a corporate shield.

When we look at some of the fines that are out there, the fines could go as high as $1 million for individuals and $10 million for corporations. The bill aims to accomplish ending the practice of spamming.

Will this bill end it completely? I think when there is something illegal going on, it just keeps going and going. What this does is minimize it and at least offer some protection to Canadians when it comes to spamming, phishing and the rest of the electronic malware that exists around the world and on the Internet.

Mr. Speaker, the authorities intend to deal with violators as much as possible by way of undertakings, to have people voluntarily quit doing what they are doing. That may solve a lot of the problems but then our backup is the fines. I say the fines are high enough at $1 million and $10 million.

The question comes down to the fact that violations are not criminal offences. We can talk all we want about vicarious liability of directors and officers of corporations, but in the recent Facebook case, the spammer was ordered to pay $1 billion, but the gentleman simply laughed at the system and declared bankruptcy. So, what good is a fine of $1 million? What good is it for the authorities to go after the guy and ask him for an undertaking to cease and desist and stop what he is doing? If that does not work and fines do not work, what is going to work? This is a well-known case that got national coverage in the last few weeks.

The bill would do absolutely nothing to deal with this issue. If we already have an example before the bill is even passed, then how many more of these little guys are going to do what that gentleman succeeded in doing?

Mr. Speaker, the hon. member for Elmwood—Transcona talks about criminalizing people, putting people in jail because they have done something. If they are taking part in a fraudulent act, the Criminal Code will cover it. If they are trying to defraud someone of money, this is an instrument in catching those individuals and pressing the criminal charges that apply. They are not getting off scot-free.

Let us take a look at sending out spam. What is the intent of this legislation? The intent is to stop spam. The individual the member referred to sent out millions of spams. I do not know what the number is but it was a huge number and it was very annoying. What is the intent of this legislation and how would this do it? It would cause him first to declare bankruptcy. He would be shut down. Second, he would stop spamming. When we look at it, for most people declaring bankruptcy is a bit of an inconvenience, if not a complete embarrassment. It would cause someone to stop.

If someone is a repeat offender and causes problems over and over and keeps spamming, bankruptcy can only be declared so many times and suddenly the person has a problem coming up with money. I am not sure what we are going to get as we cannot get blood from a stone. The intent of the legislation is not to criminalize someone unless it goes to the next step and there is fraud committed. The intent is to stop the spamming from continuing and that is what the bill would accomplish.

Mr. Speaker, my colleague from Nipissing—Timiskaming is an esteemed member of the industry committee. He piloted through committee substantive changes to the original version the government had for this bill, such that with amendments, it has become very palatable to all of us here. However, we all recognize there is still work to be done. The hon. member quite rightly has pointed out there may be areas within the legislation as it exists which will fall short not just of being able to curb the presence of spam in all of its various characterizations, but also to stop it from appearing on our computers, which is in essence why I introduced the bill originally in 2003.

Has any thought been given to ultra enforcement? How do we get around the problem which will no doubt occur of enforcement in other nations from where a lot of spam now emanates? More important, how does this legislation envisage the next step which is coordination among other nations?

Mr. Speaker, the member made a good point.

In 2003 we started working on this while the Liberal government was in power. Now in 2010, after five years of Conservative rule, we are finally getting around to enacting it. A lot of progressive legislation has fallen by the wayside and we are trying to get some of it back. This is a small step in the right direction.

Internationally, Canada no longer has the same esteem it had prior to the 2006 election when the Conservatives took over. That we know. We have heard it. I travel to Europe and other places. People have asked me what has happened to Canada. They say that Canada used to be an open country where people discussed things and came to an agreement, but suddenly it has become difficult to deal with Canada. I am speaking of countries in Europe, South America, all around the world. They are wondering what is going on.

One thing about Bill C-28 is that we would have to co-operate with other countries. We would have to talk to other countries and negotiate with other countries. We do not want another Camp Mirage situation to happen with this legislation.

It is important that the Conservatives start opening up when dealing with other people. They cannot just dig in their heels and say it is their way or the highway. It may sound good to some people, but not to most people, that here in Canada there is a government that can dig in its heels and do whatever it wants. The government has to be open. It is not about black and white. There are different shades of grey and the government has to negotiate to come to an agreement that works.

That is one of the keys of this legislation. It has to do with individuals in the government negotiating with other governments so that we can come to agreements and settlements that work so that the people of Canada can be protected from spam and other malware in the Internet.

Mr. Speaker, all Canadians know that the Internet is an extremely important public resource. It has acquired profound importance to Canadians not only as a news gathering tool and a communications tool but as a form of commerce. When we talk about spam, we are talking not just about an irritant, but about something that has a grave and critical potential to harm Canadians in many different ways.

Some of the overhead costs of electronic spam include bandwidth and developing and acquiring spam tools or taking over and acquiring a host or zombie. The transaction costs for each additional recipient once a method of spamming is constructed can be immense.

Could my hon. colleague elaborate on the critical importance of the Internet to Canadians and why this piece of legislation is important? In his opinion, how could it be improved?

Mr. Speaker, the member for Vancouver Kingsway raised an excellent point.

Spam and a lot of the malware can make up 60% of the email transactions that take place.

I come from northern Ontario which is very limited on bandwidth. Some of the smaller communities have to download through a telephone cable. It is not universal high-speed yet. I was talking to someone not too long ago who lives about 100 kilometres from Ottawa who is still on dial-up.

This large volume of malware, spyware and spam slows everything down. Sixty per cent is wasted. If we could get rid of a lot of the spam, open up that bandwidth and put stuff through that people want to receive, our overhead would be much lower.

E-commerce is very important for isolated communities. We have to encourage it so that everybody has access to the same items and so that a business can be run from anywhere in the country, not only in major centres. Getting rid of a lot of spam and opening up the bandwidth would allow everyone to compete equally. It is an important resource. It is a public resource. It is an essential resource.