Thank you very much.
As a preface to all of our comments, we'd like to emphasize for the benefit of the committee that we agree wholeheartedly with the intent of the legislation. I think there's general consensus that spam wastes time, energy, and significant resources, is a source of fraud, and makes it difficult for legitimate business to be conducted online. Notwithstanding that, we do have some serious concerns about Bill C-27 and exactly how it's implemented. I'll briefly delve into each of them, but we will of course be available for questions.
First of all, we think the legislation is a little too broad. What it does is take all commercial electronic messages and outlaw them subject to some hard-to-manage exceptions that are simply based on explicit consent, which can be altered significantly in regulations; personal or family relationships, which also are defined in the regulations that we haven't seen; and implied consent, which doesn't quite accord with what you would think implied consent means--it means simply an existing business relationship.
We're also concerned that the legislation itself is inconsistent with related regimes and other statutes that it actually seeks to amend. “Existing business relationship” is a concept that's entrenched in the national “do not call” list, but it's treated differently for the purposes of this statute. “Commercial activity” is also a term that is central to the Personal Information Protection and Electronic Documents Act but is defined differently in this statute for purposes that aren't necessarily clear on their face as to why one needs to have different definitions of the same term.
Consent, which is obviously a concept that's central to the privacy provisions in PIPEDA and is central to this piece of legislation, is radically different from one to the other. We think this presents problems because many of the businesses that are going to have to deal with compliance with the Electronic Commerce Protection Act, PIPEDA, and the Competition Act are the same people who are going to be using the exact same terms, but for very different purposes or with different meanings, which makes it difficult to manage.
Otherwise, the statute is also a bit hard to follow, and we're concerned that too much of it has actually been left to the regulations. This is a statute of general application. It's going to apply to pretty well every business and it's designed to be for the benefit of every single consumer. In our view, businesses should be able to pick up the statute and have a very strong understanding of exactly what it is they have to do and what it is they can't do. Likewise, consumers should have the ability to pick up the statute and understand what their rights are and what their remedies are.
It's our feeling that too many important provisions are being left to the regulations, which may be sensible in the sense that this is a rapidly moving area. There are some central concepts that could be and should be entrenched in the statute, with regulations being left to deal with issues that come up and to deal with loopholes that might not have been foreseen.
We're also concerned that the statute may in fact actually, on its face, violate the charter, simply based on a violation of the freedom of expression provisions contained in paragraph 2(b) of the charter for anything that regulates communication that conveys expression. You may not think that most of the spam that arrives in your inbox actually conveys meaning, but the courts would find otherwise. In order to be justified, it has to meet a strict test under section 1 of the charter, the most important provision of which is that it has to be minimally impairing, so it has to be very finely tuned legislation.
We're concerned that the way it's drafted so broadly may mean that it actually might not survive a charter challenge. While we agree wholeheartedly with the intent of the legislation, we don't want to be back here in a couple of years because it has been struck down as being unconstitutional. In our view, it needs to be fine-tuned in that regard.
A number of fixes could be proposed, which we'd be happy to talk about at greater length. The most important one would be not to limit implied consent. I think you've probably heard this from others. Consent is a concept that we've been dealing with under privacy legislation for quite some time. People have a pretty good idea of it. You've been dealing with it in the medical context as well. A reasonableness standard can be put in place.
Before I run out of time--and I apologize for being a bit long-winded--I'm going to hand it over to my colleague Mr. Alexander-Cook.