Industry Committee on June 11th, 2009

Yes, I think it does.

First of all, I think this is a good-news story for business, not a bad-news story. There are many businesses that want to rely upon electronic communication and have been undermined by the extent that spam has become a problem in this country. This, I think, will go a long way towards dealing with that issue. Think, for example, of the Canadian banking industry, which has invested very heavily in electronic banking only to find that the phishers have sent out a lot of messages purporting to come from the banks, which are suddenly now sending out messages to their customers warning them not to respond to these messages. That's not good for business and for the huge investments that have been made in that industry. So I think this is good news for business.

Unquestionably, there are going to be some sectors that in the past have been able to send out all sorts of messages—I think ultimately undermining confidence for others—which are going to face a problem. I believe your colleague Mr. Wallace, on Tuesday, recognized that in the context of real estate agents. If I want a real estate agent, I'll contact a real estate agent. I think specifically that when someone is selling a house, what they don't want is twenty spam messages from every real estate agent in town. That's a feature of this legislation; it's not a problem with it.

The task force report was a unanimous report that included representation from the marketing community, from the business community, from the consumer community. We're talking about as broad a cross-section as I think you could get on this issue. It's unanimous that Canada needs to do a number of things—not just legislation, for there are other things needing doing, but legislation was a key component. It is now the last piece of the puzzle yet to be implemented.

I think what we see with Bill C-27 is consistent with what a unanimous task force report envisioned, which was broad, tough, anti-spam legislation to finally bring us up to how people are dealing with this on the world stage.

If I may interject here, I'm representing, combined, several hundred marketers as well. Under the policies and practices that our clients are already working within, they are collecting consent. They are falling already within the legislation, under the implied definitions or under the expressed definitions we already are seeing.

What we are looking at and what Mr. Geist has implied already is that those people who are already doing the bad things that we want to stop are undermining the channel of communications. For every legitimate e-mail you're getting, you may be getting five that you don't want. That's what we want to stop. It's the legitimate marketers who are doing the right things already, working with this law and already taking these actions.

The concern is that there are any number of subject matters that you find with respect to spam. The presentation referenced some of them, whether it's body part enlargement or otherwise. But fake real estate scams, property in some country, are included in that list. People send out spam messages, preying often on seniors and others, to suggest that they have a once-in-a-lifetime real estate deal, in the hope that they might lure them in.

My concern here was to recognize some of the concerns that may have been expressed from some in the legitimate real estate community. I'm not trying to suggest in any way that anyone involved in the legitimate real estate community is sending out these messages, but simply that if there is any thought of carving out that notion of real estate, you have to be awfully careful, because suddenly you're opening the door potentially to full legalization for what is a known area for fraudsters to operate in.

There are also scams on things such as “Craigslist” around apartments for rent. They'll have a too-good-to-be-true, large apartment for rent at a very affordable price. People will send first and last months' rent from out of city, show up, and there's no apartment. This is something else that supports the idea behind real estate kinds of scams that are perpetrated on the Internet.

Not at all; if you have an active relationship with your antivirus provider and give them consent—because of course what you want is for them to send you updates every month, so you give them the consent, saying “send me updates every month”—and they do that, this can continue until you decide to withdraw your consent.

In talking about the 18 months, or the six months, we're talking about instances in which you haven't provided consent; instead, what we are doing is implying that you would agree to having this sent, even though you never really said that you would. For something like antivirus software, though, surely the whole point of it is having regular updates as new viruses emerge. Surely the consumer is going to consent to those regular e-mails.

With respect to the do-not-call list, you've highlighted a big problem. You're right, the big problem is that Canadians can register their phone number on a Canadian list, but once someone exits the jurisdiction, the ability of the regulator to do very much about it is very limited. In fact, it gets even worse in Canada, because people register their numbers, the list exits the country, and suddenly you're getting phone calls back into Canada.

I've argued in a couple of pieces that Canada ought to be talking, at a minimum, with the United States about creating what would effectively be a North American do-not-call list, or perhaps even better, just some sort of mutual recognition. The U.S. faces precisely the same problem: that an operator may put their number on a U.S. do-not-call list, but somebody comes up to Canada and tries to call into the United States. It seems to me, since we share the same calling numbers, that at a minimum we ought to think about creating some sort of situation whereby Canada and the U.S. will jointly enforce, so that you can't easily escape to the U.S.

On the issue of spam, you're right again. There are jurisdictional challenges. That's why I mentioned right off the bat, from the beginning, that this will not solve all spam problems. There are still going to be people spamming from other countries. But at a minimum it's going to clean up our own backyard; it's going to address the Canadian-based, homegrown spam, and I think that step is long overdue.

You say it's the only difference as if that's a small thing; it's an enormous thing. First off, there is the ability, in some instances, to ask to not receive certain unsolicited “real space” mail as well, although admittedly, lots of it still seems to make it through the door. There is a huge difference, because in the case of direct mail, physical marketing, the costs are being borne by the sender, and those are sizeable costs. They are not going to send out billions of pieces of paper, because the cost is too great, for a very low return. They really require some kind of legitimate return.

In the case of electronic messages like spam, it actually flips: the cost is almost costless from the perspective of the sender. Indeed, as they use things such as botnets and the like to send out their messages, in many instances it truly is costless. We bear the cost.

We bear the cost sometimes just in delayed time, but it's more than that. Our Internet service providers almost uniformly subscribe to various filtering services, costs that are ultimately borne by the consumer. Almost all network providers have to maintain additional equipment just to deal with the excess spam that isn't the legitimate stuff. We ultimately pay the price.

And it's not just network providers. Think of the schools, think of the hospitals that set up their own networking infrastructures, which at the end of the day are being forced to pay for this. I'd argue it's not an “only” here; it's a pretty significant cost that's being borne, and it's a clear cost shift from the person doing the marketing to the person who's on the receiving end, even though they never ask for it and in many instances don't want to have anything to do with it.

Well, it's not the only difference; it's one reason there needs to be some action here. But there are other areas too, and in some ways they are related to cost. Think again about the success rates that are needed. Almost any legitimate business, if we're going to talk about businesses, is going to need some kind of reasonable return rate in order to enter into the venture. If no one ever comes into my store, the store is going to go bankrupt. If no one ever responds to my physical marketing, or if I get a very low return rate, I'm going to stop that marketing.

That's not what happens here. Here, you can send and send and send. You just need to grab that one person, that gullible senior citizen who gets this message and is told that someone desperately needs help and there's a pot of gold at the end of the rainbow, and suddenly the life savings are gone. We laugh, because we wonder who is ever going to be silly enough to fall for this, but people do. We haven't had the legislation in place to deal with these kinds of scams, much less the unwanted marketing, now going on for years.

I think you asked me the same question when I appeared before you in the ethics committee around the Privacy Act. So it's not always about copyright with me.

Oh, oh!