Evidence of meeting #72 for Industry, Science and Technology in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was casl.
A recording is available from Parliament.
12:20 p.m.
Conservative
Jim Eglinski Conservative Yellowhead, AB
I have a question for Mr. Barratt. We're all clear that violations under Bill C-28 are not criminal offences. Have you had any problems with private hackers going into the system and spamming or using people's programs and so on to spam? Have you had any violations in that way, where you had to go...? I notice under the act that you can go to court and get an injunction to force a person. Have such things occurred?
12:20 p.m.
Director, Electronic Commerce Enforcement, Canadian Radio-television and Telecommunications Commission
It's definitely something we see. Network security is always evolving, and there are lots of institutions out there that aren't always on the cutting edge, or that through no fault of their own have some vulnerability in their system. We've definitely seen universities and other public institutions where somebody takes control of their email server and just shoots emails out, rapid fire, to everyone.
That's something we look at when we're investigating, to make sure of where the emails actually came from, that the institution was in fact the sender. Part of our job is to work with our partners and make sure institutions are aware when that happens, so that we can give them a bit of guidance or at least point them in the right direction in terms of how to secure their facilities and their infrastructure.
12:20 p.m.
Conservative
Jim Eglinski Conservative Yellowhead, AB
Have there been any violations? Have you charged anybody? There's a pretty good penalty system that you have out there.
12:20 p.m.
Director, Electronic Commerce Enforcement, Canadian Radio-television and Telecommunications Commission
A lot of times in cases like that, the person who actually committed the violation is not going to be readily found or be within the area.
12:20 p.m.
Liberal
The Chair Liberal Dan Ruimy
Thank you.
We're going to move to the final five minutes, for Mr. Stetski.
12:20 p.m.
NDP
Wayne Stetski NDP Kootenay—Columbia, BC
Thank you. I want to go back to the do-not-call list for a minute. Do you think it's still desirable to bring the do-not-call list under the Electronic Commerce Protection Act?
12:20 p.m.
Director General, Marketplace Framework Policy Branch, Strategy and Innovation Policy Sector, Department of Industry
Again I would say we're agnostic on that view. The original reason the do-not-call list had the capacity to be brought under CASL was that our view was that voice over Internet protocol, which would constitute an electronic message, would necessarily bring messages sent through VoIP under CASL. As we've seen, that hasn't necessarily come to be the case, so phone calls that are not electronic messages are still being received. Insofar as those continue, the do-not-call list provisions still apply.
12:20 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
From an enforcement perspective, we are enforcing the do-not-call list . It's a very mature program. It works very well. As my legal counsel pointed out, I have a broader suite of enforcement tools available to me under CASL, so that would be one of the advantages for sure. I really don't have a view as to whether it should or shouldn't. The two programs are very different and would require some study, I would suspect.
12:20 p.m.
Senior Legal Counsel, Canadian Radio-television and Telecommunications Commission
Thank you.
I just want to add one thing, which is that the Telecommunications Act provisions permit the chief compliance and enforcement officer to have more flexibility, thanks to the tools he has at his disposal. He can have a staff member issue a request for information letter, and the party has to respond. They have no opportunity to appeal or any recourse.
CASL, and this is a good thing in some cases, has many different appeal mechanisms built into it, so that causes a lot of delay to investigations. We issue a preservation demand or a notice to produce, and the party has an opportunity to appeal to the commission, and then even to the Federal Court of Appeal. So although he has more powers at his disposal in CASL, the Telecommunications Act is more nimble and the investigations are less complex. For the most part, although they are becoming more complex with spoofing, the Telecommunications Act provisions work really well.
That's my comment. Thank you.
12:20 p.m.
NDP
Wayne Stetski NDP Kootenay—Columbia, BC
Thank you.
I'd like to try to benefit my constituents as best I can with my last question.
A couple of years ago, there was a phone scam going around communities, where it was supposedly the CRA on the end of the line. You had two hours to write them a cheque or they'd be at your door arresting you. I contacted the RCMP and reported it as a spam and a scam, and they said there was really not much they could do about it because the source of the phone calls changed too quickly and they couldn't really track them.
What should people do if they get a phone call or a spam email? How should they deal with it, moving forward? Do you have that same problem trying to track down sources of spam that the RCMP said they had with phone calls?
12:20 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
Most definitely we have the same challenges. I like to think we do a good job at the commission and informing Canadians about those types of scams, phone calls, emails, etc. There is no easy answer. The easy answer is if you get a call or an email from your bank or CRA, or anyone you have a relationship with, if you feel remotely uncomfortable, ask to call them back. If you call back the legitimate phone number that you've found on a website or on the back of your bank card, etc., they will let you know if they were really trying to contact you or not.
We certainly work with a lot of legitimate companies that have been victims of these things, such as CRA. We work with our federal partners to make sure the message is out there that the CRA will never contact you that way, for example. The banks do a very good job. They even post on their websites that these are the current scams and they'll never contact you this way. Unfortunately, Canadians should just be on their guard a bit when they're giving personal information over the phone or via email.
12:25 p.m.
NDP
Wayne Stetski NDP Kootenay—Columbia, BC
I just have a very quick comment.
I continually receive spam, but I don't think I've ever received an email advising on what we should do with spam, so I'm wondering about the educational role that you have. If you could send me and my constituents an email on how to deal with this, then we would not consider you to be spamming us.
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
I'll deem that as your consent.
12:25 p.m.
NDP
Wayne Stetski NDP Kootenay—Columbia, BC
Yes, you could. Quite seriously, though, I continually get spam, but very little education on what to do with it.
12:25 p.m.
Liberal
The Chair Liberal Dan Ruimy
On that note, I'd like to thank all of our guests for coming in today. It's extremely valuable information, and it will really help us understand the direction in which we need to go.
I would also like to thank our vice-chair for being very cordial and allowing us to continue with our testimony.
We're going to take a break and then we'll go in camera.
I'm just curious. Out of the MPs here, how many have people shadowing them?
I'm going to ask a question because I'm not sure. Do you want to keep your shadows here for this portion?
We have shadows from the University of Toronto, but nobody else.
12:25 p.m.
Liberal
The Chair Liberal Dan Ruimy
Are we all agreed that our shadows can stay? Thank you.
We're going to suspend for two minutes.
[Proceedings continue in camera]
