You're exactly right. The legislation, as the goals were articulated, was to help protect consumers against malware, spyware, phishing, and to the extent that it covers that, those goals are appropriate and CASL does address that. The problem is that by expanding the ambit of CASL, the focus is not on addressing the real problems. So we have the CRTC going after a company because they've failed to have an unsubscribe, or there was a bounce-back, and they didn't give effect to it, when they could be spending their technical resources in trying to protect Canadians against cybersecurity.
My point is that the act is too broad and it's unfocused and it's leading to unfocused enforcement by the CRTC.
On the computer program side, the prohibitions against installing computer programs make it illegal to do things that Parliament would absolutely want legitimate organizations like Microsoft and other big software companies to do. I lobbied very hard for that in the regulations, and we ended up with a very narrow regulation that recognizes the problem but only if you're in a specific category. If you're in any other business, you can't protect your customers. We have to fix that.