:
It is moved by Mr. Masse that Mr. Chong be elected chair of the committee.
Are there any further motions?
Is it the pleasure of the committee to adopt the motion?
(Motion agreed to)
The Clerk: I declare the motion carried and Mr. Chong duly elected chair of the committee.
Some hon. members: Hear, hear!
The Clerk: Before inviting Mr. Chong to take the chair, we will now proceed to the election of the vice-chairs.
I am now prepared to receive motions for the position of first vice-chair.
Mr. Lake.
:
We'll have it in public then at the meeting on Wednesday next week.
Without further ado, we'll now go to the order of the day, pursuant to the order of reference of Friday, May 8, 2009, to study Bill , an act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act, and the Telecommunications Act.
In front of us today we have a number of witnesses from various organizations. They include Paul Misener from Amazon.ca; Tom Copeland from the Canadian Association of Internet Providers; Chris Gray and Jason Kee from the Canadian Intellectual Property Council; Geneviève Reed and Anu Bose from Option consommateurs; and finally we have Nathalie Clark and William Randle from the Canadian Bankers Association.
Welcome to you all.
We'll begin with five minutes of opening statements from each of the organizations represented, beginning with Amazon.ca.
:
Thank you very much, Mr. Chairman.
Thank you for inviting me to testify at this hearing on this very important topic and on this most excellent bill.
On behalf of Amazon.ca, let me add my voice to the chorus of praise, congratulations, gratitude, and support for your work on this matter and for Bill .
I could easily spend my five minutes complimenting various features of the bill, but I believe my appearance here will be more valuable to you and your committee if I may suggest two areas for improvement with modest changes.
The first area is with respect to the consequences of honest mistakes. We have long said that honest e-mail mistakes should not be punished; that problem spammers wilfully and intentionally spam; and that reputable companies should be able to e-mail their customers without fear of legal retribution for honest mistakes. The market already provides very strong disincentives. Honest mistakes also aren't the source of the real spam problem; our e-mail boxes aren't barraged with messages from companies that accidentally sent them. Again, problem spammers wilfully and intentionally spam.
This is already recognized implicitly in Bill , the purpose of which is “to promote compliance with the act, not to punish”. It's also somewhat more explicitly recognized in the defence sections of the bill, proposed subsections 33(1) and 54(1).
At your June 18 hearings, CRTC Chairman von Finckenstein said the question of whether someone should be fined will be answered considering whether there was a “wilful breach” of the law. To make the bill clearly state the chairman's understanding, with which I agree, I suggest that proposed subsections 20(1) and 51(1) be amended so that only those who have wilfully contravened the act are subject to fines or damages. At the very least, the bill should be clarified in the defence sections using the words of Senator Goldstein's bill, Senate Bill 202, in section 22: “A person shall not be found to be liable for a violation...or if the violation was due to inadvertence or based on an honest mistake of fact.”
These simple changes, courtesy of Senator Goldstein's wise drafting, would go a long way to clarifying in Bill the consequences of honest mistakes.
The other area that could use improvement is with respect to the duration of implied consent based on purchase. In Bill , implied consent based on a purchase would expire after only 18 months. We believe that in the best interests of consumers, this period is much too short. First of all--and this is not a criticism, mind you--18 months is arbitrary, as already has been acknowledged before this committee. It's not a magic number, demonstrably different from 17 or 20 months, or 36 months. But most importantly, 18 months is much too short. It is not in line with consumer expectations and customer-friendly practices. Two obvious areas are: first, the production cycles--particularly for creators, such as authors and bands--can be much longer than 18 months. Joan Thomas won the most recent Amazon.ca First Novel Award for her book Reading by Lightning. Shouldn't consumers who bought this book be notified of her next book, even if it takes her many years to write it?
Likewise, product life cycles--for example, cars, headphones, computers--are often much longer than 18 months. Consumers expect notifications about new works or replacement products at the appropriate time, not at 17 and a half months. So from a consumer perspective, indefinite duration of this implied consent would be best. A limited period actually could increase commercial e-mail. Sellers may rush to beat an artificial deadline, causing a barrage of e-mail at 17 and a half months.
It's also hard to believe that limited-duration implied consent would make much difference. Our in-boxes are not full based on purchases in the distant past, and for the rare exceptions, consumers may opt out or block. If we must have limited-duration implied consent based on a purchase, five to seven years would be best for consumers in order to take into account production cycles and product life cycles.
I look forward to your questions.
Thank you again, Mr. Chairman.
:
Thank you, Mr. Chairman. I am grateful to the committee members for allowing me to address you today concerning .
In addition to being the chair of the Canadian Association of Internet Providers for the last nine years, I have for almost 15 years been an Internet service provider in Cobourg, Ontario. I've been involved with the problem of unsolicited commercial e-mail, or spam, since it was first recognized as having the potential to cause harm and cost organizations and individuals millions of dollars each year to combat.
In 2004 I was invited to be a member of the ministerial task force on spam. In 12 short months we developed a tool kit approach to combatting spam, and the recommendations we presented to the Minister of Industry in May 2005 have been adopted by many nations around the world.
While junk e-mail is by far the most prevalent of online ailments facing Internet users, the Electronic Commerce Protection Act also recognizes that a seemingly benign e-mail message is often the precursor of greater viruses, such as Trojan horse programs, identity theft, fraud, and other criminal activity.
CAIP has several areas of concern that I'd like to bring forward today. Most of these are focused on enforcement. We are happy that the oversight of the ECPA will rest with Industry Canada. In my opinion, there isn't another department within the Government of Canada that has the experience with electronic communications that Industry Canada has. Our first concern regarding enforcement, however, lies in the enforcement agencies named in . While the chosen agencies have had some influence in electronic communications in the past, the will or ability to enforce their individual mandates has at times not been effective. In some instances, they have lacked the tools, mandate, or resources needed; in other instances, they simply failed to apply the tools at their disposal.
Our primary concern in this regard is with the Canadian Radio-television and Telecommunications Commission. We realize that a new function within the CRTC is being developed to accommodate this new mandate. But given the commission's adversity to enforcement of decisions and orders under its traditional telecom mandate, we have reservations regarding the willingness of the commission to exercise its new powers under . Despite precedent, it is my hope that these fears will not be realized and that the CRTC will gain a new appreciation of the powers bestowed upon it.
We have fewer concerns with the role played by the Office of the Privacy Commissioner and the Competition Bureau. In fact, we're pleased that their mandates have been reinforced with additional clarity, tools, and resources through and other legislation. Certainly, the privacy commissioner has shown significant leadership in combatting spam to date, and the Competition Bureau has long been the watchdog consumers could turn to regarding deceptive marketing and truth in advertising. We trust that through the focus on spam that Bill C-27 provides, the leadership will continue.
With multiple enforcement agencies, however, there can come multiple agendas. In this instance, there can be no turf wars if we want to be successful. The bill quickly gained legs because parliamentarians of all stripes saw value in the effort and benefits in the outcome. Our enforcement agencies must keep this example in mind as they undertake their new duties to protect Canadians online.
CAIP would like to suggest that the three agencies consider developing a trilateral task force to implement and manage their new responsibilities, rather than attempting to work in isolation. The benefit of this approach would be a reduction in duplicative efforts, more timely and effective management of complaints, better coordination of information exchanged between agencies, better use of investigative resources, and better use of financial resources.
Our second concern over enforcement has to do with the coordination of international efforts. To be effective, coordination must go beyond these hallowed halls and beyond this country. Electronic crimes know no boundaries—their perpetrators do not respect international borders. Cyber criminals do not work nine to five in the eastern time zone—they're international in scope, plying their trade 24/7, 365 days a year. Fortunately, by many estimates there are only a few ardent spamming operations in the world. Unfortunately, they operate simultaneously in many countries in nearly every continent, using unwitting Internet users as their pawns.
Despite being one of the first nations to develop a tool-kit approach to dealing with spam, we are one of the last major economies to fully implement a spam strategy based on the recommendations of the task force. The countries that have adopted these recommendations have gained expertise and developed resources capable of benefitting Canada.
The ECPA permits Canadian enforcement agencies to exchange information with other like-minded international agencies. We'd encourage the agencies to seize this opportunity and exploit the international expertise available to them in fulfilling their mandates. Because Canada is a relatively small source of spam, it is only through open and coordinated cooperation with other like-minded international enforcement agencies that we will be able to make progress in the control of spam.
Our third concern over enforcement is in the delivery of an appropriate and measured response when dealing with offenders. It would be our hope that legitimate Canadian business owners who make honest mistakes in deploying their online marketing strategy don't become the target of overzealous enforcement simply because they are the low-hanging fruit and easy to identify. It's the egregious spammer and nefarious e-mailer for hire that we hope will be the target of enforcement.
Rather than accumulating quick numbers and claiming great success by pursuing SMBs, we would encourage all three enforcement agencies and Industry Canada to undertake a concerted business and consumer awareness campaign to educate Canadians about the ECPA. Education is far more effective and less expensive than the cost of enforcement.
Finally, there are several simple things to remember that we think will help in developing regulations that will successfully enable enforcement of the ECPA. One, focus on the egregious perpetrators. Two, focus on the intent of the action, not necessarily the action itself. Three, focus on well-defined activities deemed to be dangerous, while at the same time providing the ability to expand those defined activities as technology changes. Four, focus on education of e-mail marketing etiquette. Five, focus on the use of enforcement as a measured and targeted tool based on the harm caused, not the inconvenience perceived. Six, adopt the best practices in legislation, regulation, and enforcement of other jurisdictions. Seven, develop a legislative and enforcement response that protects Canadians and doesn't burden them with unnecessary red tape and confusion in pursuing justice. And finally, develop a legislative and enforcement response that doesn't create criminals or create financial burden when there was no intent to defraud or harm.
Thank you.
My name is Chris Gray. I am the director of the Canadian Intellectual Property Council.
Appearing with me today is Jason Kee, a steering committee member with the CIPC. He is also the director of policy and legal affairs with the Entertainment Software Association of Canada.
It is a pleasure to be able to present the views of the Canadian Intellectual Property Council and our members on Bill .
The CIPC was founded in 2008 under the authority of the Canadian Chamber of Commerce to unite businesses and press for an improved intellectual property rights regime in Canada. While our focus of late has been on the copyright consultations and seeking better border enforcement to fight counterfeit goods, we also need to monitor other legislation that could affect businesses, such as this one.
The CIPC and all in the business community support the notion of eliminating spam. As we all know, spam is a nuisance to almost everyone. For a business, especially a small business, it can slow down legitimate business practices and it takes time to delete. However, there are some concerns about Bill that need to be addressed, and we're pleased that the committee is taking the time to get it right and consider amendments to the legislation that will make it acceptable to all.
Working with the Canadian Chamber of Commerce and other business associations, we've submitted amendments to the committee members for consideration. While we support the bill's objective of deterring the most dangerous forms of spam, such as phishing and malware, that discourage reliance on electronic means of carrying out commercial activities, we can't support the bill as currently drafted.
This new Electronic Commerce Protection Act may render thousands of commonly used computer applications illegal. It would submit Canadian businesses to potential fines of up to $10 million and potential civil action. This new bill would also amend the Personal Information Protection and Electronic Documents Act to submit Canadian businesses to civil suits relating to violations of the act. This bill would potentially prohibit the formation of new business relationships over the Internet or through e-mail. It would also severely limit the use of the Internet for the distribution of software and software updates.
I'm now going to turn this over to Jason to discuss some more specific concerns we have.
:
Thank you very much, Chris. Thank you, Mr. Chair.
I would like to reiterate the CIPC's support for the objectives of the bill. The Minister of Industry has clearly signalled that strengthening Canada's digital economy is a top priority for Canada and that encouraging reliance on electronic commerce by addressing issues such as spam, phishing, and malware is an important component of it. However, the broad scope of the current bill, the absence of exceptions for many socially and commercially valuable business practices, and unwieldy consent requirements collectively capture an array of legitimate activity. When coupled with massive administrative monetary penalties and statutory damage provisions, both of which impose a tremendous level of potential liability on businesses for any breach of the bill, the bill may actually have the opposite effect, actively discouraging electronic commerce in Canada and impeding the development of our digital economy.
Over the course of the committee's study of Bill C-27, a general consensus has emerged among the business and legal community that the bill should be amended so that it properly addresses the egregious and harmful forms of spam, phishing, and malware that it's intended to target while at the same time limiting its impact upon legitimate activity. To this end, as Chris mentioned, we have submitted a series of recommended amendments to the bill for your consideration. However, in the interests of time, I'm going to focus my own remarks on two key issues, namely address harvesting and anti-malware.
In terms of address harvesting, the ECPA seeks to ban the collection or use of electronic addresses obtained through address harvesting programs, as well as the collection and use of personal information obtained by telecommunications. However, the new prohibition is so broad as to prevent the collection and use of electronic addresses and other information, such as IP addresses, for legitimate purposes such as law enforcement, which will undoubtedly have very serious consequences on the ability to fight such computer crimes as child pornography and identity theft. This would also prevent the collection and use of information for legitimate private purposes, such as collecting information online to investigate instances of defamation or of potential trademark or copyright infringement or to send messages in connection with the protection of such rights.
Consequently, the address harvesting provisions should be limited to collecting address information or personal information for the purpose of sending unsolicited commercial messages, and at a minimum, the exceptions under PIPEDA for collection and use of personal information should also apply.
Regarding anti-spyware, the provisions in the bill make it illegal for anyone to install a computer program on another's computer system without express consent. While the intent of this is to prohibit installation of such malicious software as viruses, worms, and Trojan horses on individuals' computers, the definition of “computer program” is so broad as to capture any form of data, be it text, software, code, or otherwise, that causes a computer to perform a function when executed.
Consequently, it applies to the installation of an entire operating system, to the addition of a single feature in an individual piece of software, and to everything in between, including firmware updates, patches, upgrades, add-ons, etc. It applies regardless of the circumstances under which the program is installed—either installed by a professional technician, by an end-user, or via automatic update—or how it might be delivered, either being pre-installed on the device, purchased or retailed or delivered by electronic transmission, or of whether it's malicious or beneficial.
Further, it applies to any computer system, which not only includes personal computers, but also any form of consumer electronics, such as mobile phones, digital audio and video recorders, video game consoles, even most modern appliances in automobiles. If the intention is to prohibit forms of malware that discourage the reliance on electronic means of carrying out commercial activities—
:
If the intention of the bill is to prohibit forms of malware that discourage reliance on electronic means of carrying out commercial activities, the sweeping prohibition goes far beyond what would be required and would have the potential of doing considerable damage to the development, sale, and distribution of commercial software in Canada, thus potentially doing more to discourage electronic commerce in Canada and the development of our digital economy than the malware it purports to target.
Lastly, all computer programmers must receive express consent from the user before a program is installed and must disclose the function, purpose, and impact of each individual computer program for that consent to be valid. Accordingly, each individual computer program that's installed must be individually identified and the function, purpose, and impact of each described prior to obtaining consent. Most software routinely installs and executes a multitude—potentially hundreds or even thousands—of small computer programs during the course of its operations in order to work. Obtaining express consent from the user, including a description of the specific function, purpose, and impact, each time a program is installed and executed would simply not be technically feasible; moreover, it has the potential of being highly disruptive to the end-user's experience and could even disrupt the operation of the software itself.
Rather than institute a general, sweeping prohibition, the anti-malware provisions of the ECPA should be expressly targeted to clear instances of malware or spyware that causes harm to the end user and should provide a specific and exclusive list of computer functions that are considered to be spyware activities, as is done in the case of many anti-spyware laws that have been passed by individual U.S. states. Alternatively, the provisions of the ECPA should be narrowed to only apply to computer programs installed on another system for malicious purposes.
I would like to thank the committee for the opportunity to speak here today. I look forward to any questions you may have and to working with you to improve this important bill.
:
Mr. Chair, Mr. Vice-Chair, members of the committee, thank you for this opportunity to present out views on Bill C-27, the Electronic Commerce Protection Act.
Option consommateurs dates back to 1983. We are a non-profit association with a mission to promote and to defend the interests of consumers and to ensure respect of their interests. Our head office is in Montreal. We also have an office in Ottawa.
The Task Force on Spam submitted its report to the federal Minister of Industry more than four years ago. The Task Force consisted of the ten official members, of whom I was one, drawn from private industry, government and the non-governmental sector. About 100 others with a deep-rooted interest in the question also contributed. The Task Force submitted a unanimous report in which it recommended, among other things, the drafting of a stand-alone law that would clearly address spam, spam-related offences and emerging threats such as spyware and botnets.
We therefore welcome the tabling of Bill as a first step in improving Canadian consumer confidence in electronic commerce.
It is the recipients, namely Internet Service Providers, business and consumers, who bear the cost of massive volumes of commercial email, not the senders. And these direct costs—bandwidth, filtering technology, the hiring of extra staff—and indirect costs—loss of productivity, loss of genuine messages, corruption of information technology infrastructure and identity theft—are as numerous as they are hard to quantify.
Fraudulent use of email addresses directly undermines the public confidence necessary for electronic commerce. Spam violates two different principles of privacy protection: the collection and use of information and the Internet user's right to withhold consent to such collection. Spam is also an important vector for phishing attacks which enable Internet criminals to carry out identity theft. According to the OECD, spam levels are high enough that they are undermining user confidence in email and other electronic media as well as creating a negative impact on global communications networks.
This situation makes it urgent that Parliament adopt clear precise legislation banning the sending of unsolicited and unauthorized commercial emails—as stipulated in subsection 6.1; modification of message headers—section 7; the installation or use in an individual's computer of programs without that individual's consent—section 8; misleading and fraudulent representations—section 71; the use of computer program for searching for, and collecting, electronic addresses and the use of an individual's electronic address collected by such a program—section 78; as well as the unauthorized use of a computer for the purposes of collecting personal information—section 78. It is just as important that this legislation should allow commercial email only if the consumer has clearly agreed to receive them.
In discussion groups and in a Canada-wide survey which we conducted in 2004, Canadian consumers expressed a preference for a system requiring a consumer's explicit prior consent before any commercial email is sent. We would have preferred a strict regime of explicit consent, but we consider that the thrust of sections 10 through 13 of the bill represents a reasonable compromise between explicit and implied consent in cases of an existing business relationship. For the sake of greater clarity on the point of implied consent, we recommend the addition of the following clause after clause 10.4:
In the case of “existing business relationships“, an implied consent is valid only if the recipient provides his or her own details directly and if the goods or services being marketed are similar to those previously sold to him or her,
The bill incorporates the Task Force on Spam's recommendations, firstly, that the new offences created by the law should be covered under civil status and secondly, that there be a provision allowing individuals and businesses to lodge private actions. The high financial penalties in the proposed legislation strike us as severe enough to discourage spammers.
Bill C-27 also incorporates several amendments to the Competition Act and to the Personal Information Protection and Electronic Documents Acts which will help to counter spammers' methods and practices more effectively.
Overall, the drafting of Bill seems to have been based on the best regulatory practices of Canada's many commercial partners who have already adopted legislation against spam and its harmful consequences.
As you undoubtedly know, the effectiveness of any legislation depends on its enforcement. As such, additional resources must necessarily be provided along with any new statutory provisions. Furthermore, this draft legislation calls for increased coordination among existing agencies named in the bill and involves the creation of a national coordination centre to monitor and report on the law's effectiveness, to support national and international cooperation, to work with industry to analyze trends in electronic threats and to develop awareness and education programs.
Finally, there is one element which needs the attention of parliamentarians and of the Government of Canada. Canadian consumers need a simple and effective complaint mechanism.
The new legislation has made provision for establishing new monitoring and new electronic risk analysis mechanisms. These will help bolster consumer confidence in electronic commerce and will help prevent potentially even more dangerous threats from developing.
Thank you very much.
:
Thank you, Mr. Chair and members of the committee. Thank you for inviting us to be here with you today to contribute to your study of Bill , the proposed Electronic Commerce Protection Act, ECPA.
[Translation]
We welcome this opportunity to comment on this important bill.
[English]
My name is Nathalie Clark. I am the general counsel and the corporate secretary of the Canadian Bankers Association. With me today is Bill Randle, our assistant general counsel.
In the submission we have provided to the committee, we have commented on Bill in some detail. But in these opening remarks, I will briefly review our main concerns with the bill.
In recent years, criminals abused e-mail both to deliver spyware, which can steal personal information from its targets, and to send counterfeit messages that lure individuals into disclosing personal information that results in identity theft.
[Translation]
It is widely recognized that these types of spam are a significant threat to individuals, businesses and the Canadian economy. For several years, the CBA has encouraged the government to introduce legislation to address the most malicious forms of spam.
Canada is the only G8 country that does not currently have specific anti-spam laws and the banking industry agrees that legislation is required to protect consumers and businesses from these dangerous and damaging forms of spam.
[English]
As a result, we welcome the government's decision to proceed with draft anti-spam legislation and we support the stated goal of Bill to promote the efficiency and adaptability of the Canadian economy by regulating commercial conduct that discourages the use of electronic means to carry out commercial activities. We note, however, that Bill is clearly more extensive and restrictive than similar legislation in other jurisdictions, including the United States.
We are concerned with the broad range of the bill and the potential negative impact that some of its provisions may have on legitimate business activities. In particular, we believe the opt-in framework proposed in the bill, combined with the need--with some limited exceptions--to obtain express consent from a person to send them a commercial electronic message, will have a negative impact on the ability of legitimate businesses to market their goods and services electronically. Most importantly, express consent cannot be obtained by sending an e-mail or other electronic communications to a person requesting consent. It can only be obtained in some other manner through some prior contact with the recipient. In other words, a business cannot send an unsolicited electronic message seeking consent to send more messages.
We recommend, therefore, that Bill be amended to allow the sending of an initial contact message without consent, while strengthening the content requirements of the initial contact message to ensure it is consistent with the principles of the do-not-call list legislation and the anti-spam legislation of other countries.
We acknowledge that consent can be implied when there is an existing business relationship--we welcome this exception--but believe some changes are needed to the definition of “existing business relationship”. We also recommend an amendment to extend the exception to affiliates of a company with which a person has a business relationship.
[Translation]
We note that express consent is required every time a “computer program” is installed, even when there is an existing business relationship. We would like some clarification that tools such as “cookies” are not included in the definition of “computer program” set out in the bill.
[English]
There is an extensive system of administrative monetary penalties set out in the bill as well. While we accept that there is a need for an enforcement regime, including penalties for persons who breach the provisions of the act, we believe that some aspects of the regime, and especially the penalties proposed in the bill, are excessive and would discourage businesses from engaging in legitimate marketing activities. This could have the effect of stifling the development of legitimate electronic marketing and could adversely affect the ability of businesses to reach their consumers.
The bill states that the purpose of these substantial AMPs is to encourage cooperation and compliance with the legislation and is not to punish. If that is the primary objective of the AMP provision in , we recommend that the CRTC be given the ability to suspend an AMP for a period of time, and if the persons subject to the AMP satisfy the CRTC that they have made changes to comply fully with the law, then the AMP could be withdrawn.
The bill also includes a private right of action that allows for statutory damages without proof of loss. We believe that the appropriate enforcement regime is government based. We do not support a private right of action, as we believe that these actions are generally motivated more by private monetary considerations than by general deterrence, and that a private right of action will have a chilling effect on businesses that wish to engage in legitimate marketing activities. While the bill provides for various factors to be considered in assessing damages under a private right of action, legitimate businesses are still put to the significant cost and task of defending themselves in this context. In particular, the private right of action that allows for statutory damages without proof of loss will encourage class actions that will lead to substantive legal costs and reputational risk for businesses.
[Translation]
Summing up, the CBA stands firmly behind this legislation that protects individuals, businesses and the Canadian economy from the serious threat of malicious forms of spams. We are very pleased to have had this opportunity to work closely with the government and with members of Parliament to ensure that Canada is no longer the only G8 without specific anti-spam laws on the books.
[English]
Thank you once again for providing the CBA with the opportunity to offer our views on . We would be pleased to answer any questions.
I'd like to point out that it's my understanding that today is International Translation Day, and I know, just based on both languages going on here very quickly, that the translators have certainly earned our acknowledgement today. I just want to acknowledge the translators.
Voices: Hear, hear!
Mr. Anthony Rota: And I want to thank the witnesses for coming out today, of course.
My first question is to Mr. Misener and Mr. Gray.
One of the concerns with this bill is that it is very broad and encompasses absolutely everything. One of the concerns that has come up is that something so broad will really compromise a lot of our Canadian companies. Really, on an international basis, much of the malware or the e-mail that comes in that is unwanted is coming from outside the country. What does this do to Canadian business? Does it compromise us? Does it tie our hands behind our backs and ask us to market unfairly from outside the country? If you could comment on that, I'd appreciate it, Mr. Misener, and then Mr. Gray.
I would have to answer simply no, I don't believe it does compromise the ability of Canadian businesses to compete and do well. Amazon.ca is generally happy with the provisions here. We've articulated a few areas where there are some pro-consumer practices that are already expected by consumers that might be foreclosed by some of the provisions, but with the minor modifications I've suggested, I think Amazon.ca will have no problem competing in this environment.
We fully recognize that there are needs for international cooperation, and I think that's been roundly applauded. The idea that we would somehow want to isolate ourselves and cut ourselves off from the rest of the world is a bit naive, because so much of it does come from overseas. So there is the need for international cooperation.
When I spoke before as part of the Canadian delegation at the OECD event in Seoul last year, I mentioned this need for international cooperation. We fully support that.
I too would like to mention the fact that it is International Translation Day. I want to thank the interpreters because I rely on great deal on their services.
I would also like to thank each one of the witnesses for coming here to testify this afternoon.
My first question is for Mr. Paul Misener. You can let me know if I am giving an accurate synopsis of your presentation. You stated that there should be no restrictions or limits on business-to-business emails and that between a business and a consumer or client, the period of implied consent for contact should be five years. Could you clarify this five-year period for me? Does the clock start when the file is opened, or when the last email or communication is sent?
Have you thought about this timeframe? Would the clock start running immediately on this five-year period you are proposing, or is there a transition phase to allow for the application of the provisions?
I have a quick point in relation to Mr. Gray and Mr. Kee.
One of you mentioned some installation issues that you had, and we've heard similar concerns from other groups with the software that's on the computer needing to have things installed from time to time to allow it to run properly. I know that's something we'll be looking at with the amendments. We've identified that there may be an issue there.
Mr. Misener, in relation to your comments around clause 10 and the 18-month window, I'd make a quick clarification. The 18-month window applies only in the case of the implied consent, so the idea of this existing business relationship.... If you, through that existing business relationship, simply ask the person buying the book or whatever it might be that they're buying for express consent, then you have that consent forever.
Is that an unreasonable expectation that a company would simply ask for that express consent so they get it, and if a new book comes out four years later, they don't have to ask again because they've gotten the express consent at the time of the original purchase?
It's potentially reasonable, but here we've already recognized that there is a consumer expectation arising out of a purchase. This is a transaction. This isn't simply a matter of visiting a website or just receiving an e-mail; this is someone going and actually making a purchase. There is an expectation now that consumers would want to maintain some sort of relationship. It could be argued that this ought to be entirely an opt-in bill, but it's not, and it should not be. I think consumers would expect that they wouldn't have to go through the friction of providing express consent at their first purchase. Otherwise, this implied consent section wouldn't be here in the first place.
All I'm suggesting is that if we're going to have an implied consent regime, which I think is entirely reasonable and matches consumer expectations, it ought to match their expectations on the back end as well, which is to suggest that at 17 and a half months, there's not a barrage of e-mails coming in by sellers trying to maintain their buyers, but rather that it more appropriately matches product cycles and product life cycles.
:
Right. And I understand the concern.
As a consumer myself, I just think that when I do purchase something, whether it be online or not, I actually don't expect that I will receive e-mails from the company that I purchased from for the rest of my life because I've made that one purchase. I think it wouldn't be that difficult for someone to actually ask me for my express consent at that time. Then if I do want to do it, I would simply put a check mark on the box, and then expect to receive the e-mails. That's just a point from personal use.
For Ms. Clark, I just want to clarify something. First of all, you pointed to the American legislation, in terms of an example, and said that it is different from other legislation in terms of the way it deals with things, and that it deals with some things harder than other legislation.
Now, David Fewer, who was here last meeting from the Canadian Internet Policy and Public Interest Clinic, said--and I'll quote him--that “this bill is a significant improvement over the U.S. legislation, the CAN-SPAM legislation”, which, frankly, he referred to as the “do not hesitate to spam bill”.
Voices: Oh, oh!
Mr. Mike Lake: He said that if we were to move in that direction, we'd be going in the wrong direction.
Do you agree with Mr. Fewer that the American legislation doesn't go far enough, that we need to learn from other pieces of legislation that have been passed, and maybe mistakes that have been made, in terms of our drafting of this legislation?
My first question is for Mr. Misener. Your definition of a consumer is basically someone engaged in purchasing from somebody else. Now the unfortunate thing with that is it could apply to just about anything anywhere, because we're a consuming society. It would apply to everything from food to stores, shops, and so forth. Your business happens to be a very successful one in terms of marketing and using the Internet, especially in the early days and with the convergence of media and the products you sell.
I looked at your request to change the 18-month period of implied consent, and I guess the question I would have is, yes, I could have bought a book and enjoyed it, but I could also have bought a book and not liked it. So why should you have that right to have the next one, as it were, come my way?
Voices: Oh, oh!
:
Well, it might be an incentive for businesses actually to have the warranty time be the time they can contact you back. From a consumer perspective, I would argue that.
Now if I could move to Mrs. Clark and Mr. Randle, I think there's been a point missed in all of this. For example, I buy my own computer, I pay for the Internet service, and I go to my bank online and end up paying a service fee for that, and then I face a pop-up window with a survey question I have to answer before I can even get into my own bank account.
Isn't it really a privilege to be able to send me an e-mail on a service that I'm paying for, on equipment I've bought, through a medium I control, and on business transactions I am paying a premium for with an institution to begin with? Shouldn't it be the other way around? Isn't it really just a privilege that you can actually send somebody some information about a new product or service?
:
Quite frankly, some of that need is because so many banks in my riding have closed, so that your options are much more limited. It's been a changing environment that has also led to some of the need out there.
My problem, really, is that I consider it to be spam that I have to answer a question of a survey on my behaviour, which goes into another file somewhere else, to get into my own account. I find that offensive, because I'm paying for that account. I think Canadians deserve a lot more credit. They can surf your Internet site and find out what's available to them and decide when and how they need to use it. I think we've turned this upside down.
Do I have time for one last quick question? Thank you, Mr. Chair.
I do want to send this out generally to everybody here, because I think it is important as an updating part of the software. I have PlayStation 3. I grew up in the gaming age. They send me a message to update my computer or my game, and I have to accept, then move through a statement and accept that statement, and then the download automatically happens. My understanding is that this process is what's being requested for other things. Maybe this would actually wake up Microsoft to release a product that's actually finished on the market. I would like to hear if that is not a reasonable way to approach update of software, of your information. I'll turn it over to the table here.
Thank you to all the witnesses for being here today and for taking the time to review this piece of legislation and to give us some detailed suggestions on how we can improve it.
I'd like to ask Mr. Copeland a couple of questions, if I may, around enforcement, because you spent most of your presentation talking about that, and we haven't really delved too much into that.
I'm intrigued by your trilateral suggestion. Could you please expand upon that, as to what your suggestion would be? If you look at some of the enforcement, especially for civil liabilities and the offences thereunder, CRTC is involved and the courts are involved. Can you talk a little bit about your view on what I think you called the “trilateral task force” to manage this?
Moving to having consent now--this is in case we haven't had consent and we're in a serious situation--I'd like to question Mr. Misener and Mr. Gray specifically around these consent provisions. There are a number of people who think the consent provisions are too narrow and are out of the context of the international community. If you look, for example, at the New Zealand spam act, probably both implied and express consent are interpreted a little differently. If we consider what has been adopted by PIPEDA and quoted from the spam task force, it defines implied consent much more broadly than this proposed act. The consent is “...where consent may be reasonably inferred from the action or inaction of the individual.”
Do you think the consent provisions in this proposed act are too narrow? I think you have asked for some changes in length of time, but have you reviewed the consent provisions?
Then, Mr. Gray, could you add a comment to that?
Since this probably will be my last time to speak to witnesses who've come before the committee on this legislation, I do want to take the time to thank you; and not just you, but also, given the subject matter, all the people following this online.
I do want to thank all of the witnesses who have been before us over the time we've been studying this bill, because it is extremely important that we get this right. I know we've heard some suggestions through our hearings that we'll definitely be considering as amendments when we move forward here. So thank you for that.
In terms of some of the conversation today, I think it's important that we remember that as we talk about consumers and businesses in this context, it's not an oppositional discussion. In fact, many of the consumers, maybe even most of the consumers we're talking about in this context, are businesses in terms of the Internet.
It's been said that the cost to Canada of the problem that we're trying to solve here is upwards of $3 billion a year in terms of the effect of spam and some of the things we're trying to stop with this legislation. It's a very significant problem, a problem that renders e-mail communication in many cases almost meaningless as we clog the pipelines that transfer information back and forth.
I guess I want to get a comment from Mr. Copeland and Mr. Misener on the economic potential of the Internet. I think it's suitable to close with a big-picture conversation about the economic potential of the Internet and how this ECPA will affect Canadians' ability to use the Internet to our long-term economic advantage.
I would briefly add that Amazon.com established Amazon.ca about seven years ago. The whole purpose was to be able to better serve our Canadian customers, featuring Canadian content, particularly Canadian authors, musicians, and movies.
We want to ensure that we're able to communicate with them efficiently. This bill, we believe, would go a long way to removing the chaff so that communications are better between businesses and our customers.
We applaud your efforts here, we really do. My suggestions are not an overall criticism of the approach with the bill itself but just a few tweaks to make it better. I honestly believe these would improve the bill, but you've got a great piece of legislation before you already.
[English]
Thank you very much to our witnesses for appearing today.
We must adjourn; it's 5:30 p.m. However, just before we do, I have two points of information for committee members.
First, the clerk has distributed to members of the committee contact information for personnel or members who wish to suggest amendments to Bill , which we are studying today. Before you submit your amendments to the clerk, so that all members can have them in both official languages, we strongly suggest that you consult with the legislative clerk and legislative counsel to ensure that the wording of your amendment is proper and in good form.
Secondly, we received an invitation from the International Astronautical Federation for a parliamentarian event in Taejon, Korea, concerning climate change. If any members, individually or in a larger group, are interested in attending this event, talk to the clerk and she can put you in touch with the international organization.
Without further ado, this meeting is adjourned.