:
Good afternoon to members of the committee. I hope you all had good weeks in your constituency.
Welcome to the 34th meeting of the Standing Committee on Industry, Science and Technology. We are meeting today pursuant to the order of reference of Friday, May 8, 2009, to study .
Welcome to our three groups of witnesses on our first panel, which will meet until 5 p.m. We have Mr. Yves Morency, vice-president, government relations; Mr. Bernard Brun, senior counsel, commerce and technology, Desjardins sécurité financière; and Yvan-Pierre Grimard, government relations adviser. All three are with Mouvement des caisses Desjardins.
We also have with us today Mr. Frank Zinatelli, vice-president of legal services and associate general counsel; and Mr. Peter Goldthorpe, general director of marketplace regulations issues. Both are with the Canadian Life and Health Insurance Association Inc.
Finally, in our third group of witnesses on our first panel we have Ms. Joanne De Laurentiis, president and chief executive officer; and Mr. Paul Vaillancourt, independent financial adviser. They are with the Independent Funds Institute of Canada.
Welcome to all three groups. We will begin with the Mouvement des caisses Desjardins and an opening statement of five minutes.
:
Thank you, Mr. Chairman.
Good afternoon, members of the committee. The Desjardins Group thanks you for giving it this opportunity to share its views on bill with you today.
First of all, allow me to briefly introduce the organization we represent. Desjardins Group is ranked 26th among the 50 most reliable financial institutions in the world, according to the list entitled “World's 50 Safest Banks 2009”. With total assets of approximately $160 billion, it is the largest cooperative financial group in Canada and the 9th largest in the world. Supported by its network of caisses in Quebec and Ontario, as well as the contributions of its subsidiaries, several of which are active across Canada, it offers a complete line of financial products and services to its 5.8 million individual and business members and clients.
Desjardins Group is also a hub of expertise in wealth management, life and health insurance, property and casualty insurance, services for businesses large and small, securities, asset management, venture capital and cutting-edge technology, all within an integrated service model that is one of a kind in Canada.
It must be noted that Desjardins Group has been concerned for quite some time about the problems caused by spam proliferation. The bill is without a doubt an initiative that targets more reliable, safe and secure electronic commerce. However, Desjardins Group believes that some of the bill's provisions will do more to restrict legitimate electronic commerce than to dispel the efforts of ill-intentioned users of this technology.
Bill needs to be adjusted in such a way as to slow down the proliferation of spam while allowing for the development of electronic commerce and the competitiveness of the Canadian economy. As regards consent, section 2 of the bill is excessively limiting and poses a threat to legitimate electronic commerce. Under the bill, it would be prohibited to send an electronic message requesting consent to receive commercial electronic messages. Desjardins Group believes that it is unrealistic to think that Canadians will give express consent to receive commercial electronic messages on their own initiative. Being far too restrictive, the prohibition of electronic messages requesting consent should be stricken from the bill.
As well, the bill should recognize that certain commercial practices do not constitute unsolicited commercial electronic messages. For example, a company should be able to solicit a client if it has first received a referral. It should be able to do the same if it holds an individual's email address as part of a prior business relationship, where the individual has not withdrawn his or her consent for solicitation purposes, or when a potential client contacts a company to obtain information and does not withdraw his or her consent. Electronic communications following referrals are common practice, they are legitimate and appreciated by clients. As such, the recognition of implied consent should be added to the bill with the possibility of such consent being regulated thereafter.
Another major source of concern not only for Desjardins Group, but for all Canadian companies are the clauses related to the Do Not Call List. We understand that the government does not plan to implement those clauses at this time, but their mere presence within the bill is worrisome. In this respect, it is important to remember that those subject to the act and their partners in government worked for three years on establishing effective regulations for this tool and significant financial and labour resources have gone into achieving compliance. It is therefore quite astonishing that the longevity of the Do Not Call List could be jeopardized just one year after coming into effect. Given these considerations, Desjardins Group recommends that a detailed study and public consultations be carried out before making any modifications to the DNCL.
In conclusion, in Desjardins Group's view, the current text of the EPCA will threaten legitimate electronic commerce.
Quite honestly, the bill seems more geared to protecting service provider bandwidth than electronic commerce itself. With this in mind, we believe that it is essential for certain parameters to be readjusted and for more flexibility to be added to the ECPA in order for it to achieve its intended objectives without discouraging growth in the Canadian economy.
Thank you for your attention.
My colleagues and I would be happy to answer your questions.
:
Thank you, Mr. Chairman and members of the committee. I would like to thank the committee very much for giving us this opportunity to contribute to your review of , the Electronic Commerce Protection Act.
My name is Frank Zinatelli, and I am vice-president of legal services and associate general counsel of the Canadian Life and Health Insurance Association. I am accompanied today by my colleague Peter Goldthorpe, who is the CLHIA's director of marketplace regulations issues. We welcome this opportunity to make constructive contributions to the committee as you seek to develop your report to Parliament on this important bill.
By way of background, the Canadian Life and Health Insurance Association represents life and health insurance companies accounting for 99% of the life and health insurance in force across Canada. The industry protects 26 million Canadians and some 20 million people internationally.
With your permission, Mr. Chairman, we would like to make a few introductory comments.
In August, we submitted written comments to the committee. Several of the matters were technical in nature and involved providing greater clarity and certainty to the language of the bill. We trust that these are relatively free of controversy and will be addressed by the committee.
This afternoon we would like to focus our remarks on a broader issue. The issue is the proposed restrictions on obtaining consent by electronic means, and my colleague Peter Goldthorpe will now address this.
Mr. Chair, the stated purpose of the bill is to regulate the commercial conduct that discourages the use of electronic means to carry out commercial activities. Everyone, I think, agrees that this is an important objective, so it is equally important that we avoid restrictions that would have the effect of discouraging or making impossible exactly what the bill seeks to protect.
Our contention is that within an opt-in framework contemplated by , greater flexibility can and in fact should be provided as it relates to the means of obtaining consent. As we noted in our written comments that were circulated earlier in the summer, the proposed restrictions threaten to undermine the viability of commercial communication by electronic means. The problem is that in a great many instances people will simply not use one medium to give consent to communicate in another medium.
In the life and health insurance industry, and I think more generally in the financial services industry, many contacts are developed through referrals. By and large, the referral process is an informal process, and that sets up an important disconnect. The person being referred may be quite happy to be contacted by e-mail, but it is extremely unlikely that many will be willing to take the time and effort to write out express consent or take the initiative to contact an adviser.
We appreciate that there is a concern that e-mails intended to obtain consent could be misused. But it is important to keep in mind that e-mails following up on a referral need to clearly identify the person who is sending them. Our suggestion is that e-mails to obtain consent be permitted if they clearly state the purpose and do nothing else to promote the sender's services or products.
It's important to keep in mind that an e-mail that's doing this must clearly identify the sender who is using the e-mail for these purposes. So if there is any misconduct, if they're deviating from any of the restrictions you care to put in place, their identification is all over the e-mail. This fact should be more than enough to discourage misuse.
Mr. Chair, the use of electronic communication has important economic and environmental advantages. It would be unfortunate if the restrictions in had the effect of forcing businesses to rely on more costly and less environmentally friendly ways of communicating with prospective customers. An important step in avoiding this outcome is to permit e-mails intended to obtain consent.
The industry greatly appreciates this opportunity to contribute to the committee's review of . I would like to thank you for your attention. We'd be happy to answer any questions you might have.
:
Thank you, Mr. Chair. We appreciate the opportunity to speak with you today.
My name is Joanne De Laurentiis. I'm president and CEO of the Investment Funds Institute of Canada. I'm joined by Paul Vaillancourt, who is an independent financial consultant who runs his own successful business here in Ottawa. We will share our comments this afternoon.
The Investment Funds Institute of Canada is the national association of the Canadian investment funds industry. Like Paul, individuals representing our members work in almost every town and city across Canada. IFIC's mutual fund manager members manage over $560 billion in mutual fund assets, and 70% of these assets are held in retirement saving vehicles and are helping Canadians build their wealth.
We believe the clauses in Bill that combat and punish illegal and harmful activities and that damage the trust surrounding electronic commerce are necessary. We support the recommendations in clauses 7 and 8 regarding the prohibition of the altering of transmission data and the unauthorized installation of computer programs on another's computer. We also support the proposed amendments to the Competition Act to prohibit misleading commercial e-mails and amendments to PIPEDA regarding the use of e-mails collected through selected computer programs.
We are here to encourage you to better balance the protection of individuals and businesses from unwanted e-mails while still allowing responsible communications by legitimate businesses to their potential clients and customers. We think this can be accomplished with several simple amendments.
:
Bonjour. My name is Paul Vaillancourt.
The proposed clause 6 prohibits one-to-one e-mails of specifically directed marketing communications, which are not by their nature intrusive in the lives of recipients and do not create economic harm. My clients are my best sources of new business. A financial adviser like me regularly sends e-mails as a follow-up to a referral from an existing client to a friend or a family member who is looking for a financial adviser. In fact, such referrals are crucial to my business.
E-mails are an efficient means of contacting potential new customers based on referrals without being a nuisance to the recipient. In years past, we used the postal service to follow up on referrals. E-mail has replaced the old technology of writing letters, but it is essentially the same thing. In addition to being less expensive, less intrusive, and more environmentally friendly, it is an accepted, indeed an expected, form of introduction. Individuals are able to access the information at their convenience and have complete control to respond or not.
Clause 6 should be limited to those who target individuals or entities through mass e-mails, where there is no reasonable identifiable relationship between the recipient and the sender. Where the recipient has been referred to the sender, there should be a specific exemption allowing the sender to contact the referred individual or entity. Regulations pursuant to this legislation could be developed to prevent abuse of this exemption and to ensure there was indeed a referral.
[Translation]
Subsection 10(4) of Bill defines “existing business relationship”. That definition may be sufficient for relationships based only on contract dates or specific sales operations, but it is ill-suited to a consultant service relationship where the consultant has a fiduciary responsibility to contact and inform his client. This type of relationship should be viewed differently.
In many cases, our relationship with the client is linked to an investment made by the client that is followed by none of the operations targeted in subsection 10(4). Consequently, we recommend that in the case of persons who have a fiduciary relationship with the client, the 18-month period targeting subsequent communications begin when the professional relationship or the consultancy relationship ends.
[English]
Canadians are world leaders in the use of social networking sites such as Facebook, Twitter, LinkedIn, clubs, and associations. The proposed legislation does not contemplate the popularity and widespread use of these social networking groups or the fact that these groups already effectively govern the boundaries of the communications. The definition of “existing non-business relationship” in subclause 10(6) should be expanded to include members of established electronic social networks to better reflect this emerging reality.
:
We believe the anti-spam provisions are too broad as they relate to business-to-business communications. Where a business makes its e-mail address public and the address is not accompanied by a statement that commercial messages are not welcome, should treat this as implied consent by the business.
Electronic communications have evolved to be a convenient, quick, and cost-effective way to communicate employment opportunities. One way our members grow is by recruiting new financial advisers through electronic communications. We propose that clause 6 be amended to include an exemption for electronic communication that has as its sole purpose information regarding legitimate employment opportunities.
IFIC supports the proposed penalties. The maximum penalty for a violation is $1 million in the case of an individual and $10 million in the case of any other persons. For violations of clauses 7 and 8, where prohibited actions have the potential to result in large-scale system damage or fraud, these are at the right level.
In the case of clause 6, we believe the penalties are excessive and out of scale to the potential harm caused by a breach. The penalties for contravening clause 6 should be different from the penalties applicable to a contravention of clauses 7 and 8. Within clause 6, we would also propose much smaller deterrent penalties for those businesses that are simply using electronic means as a supplement to their business efforts and where individual violations are not harmful.
IFIC supports the right of public action for violations of clauses 7 and 8 where prohibited actions have the potential to result in large-scale system damage or fraud, but for clause 6, the right of public action seems unnecessary, excessive, and potentially open to abuse. We propose that the right to a public action be limited to violations under clauses 7 and 8.
As noted earlier, the investment industry has rules in place governing communications with the public. The Mutual Fund Dealers Association and the Investment Industry Regulatory Organization of Canada require that all sales communications from their members to the public must first be approved by an officer of the member company. We believe these requirements, together with the provisions of provide the necessary protection to the public on matters of content as well as the need for sanctions. Accordingly, we recommend an exemption to clause 6 for industries where existing regulatory structures are in place.
We all recognize that technology has changed the way we interact, both on a personal and a business level. Whereas in the past we would have met friends and made new personal or business contacts through dinners, meetings, and other gatherings, today we are doing it through technology. Cyberspace has redefined how we communicate and interact.
Our concerns about the overly broad application of this legislation could be corrected by very simple amendments, primarily in clauses 6 and 10, to provide exemptions and safe harbours for referral business, ongoing fiduciary relationships, business-to-business communications, employment opportunities, and established social networking relationships, together with a refinement of the penalties and private right of action to target the actual wrongdoing in cyberspace.
Thank you for listening. We look forward to your questions.
:
Thank you, Mr. Chairman.
First of all I want to thank all of the witnesses who came to submit their views to us today on this bill, which, in order to be well drafted, practically requires the wisdom of Solomon.
On the one hand, of course, we want to get rid of spam as it is very harmful, as everyone agrees, but on the other hand, we don't want to prohibit legitimate electronic commerce communication. For a bill to make good sense, I think that two different philosophical approaches can be adopted. In one case, we impose all sorts of restrictions, but in the final analysis, these may be excessive and this could hinder electronic commerce. Consequently, those who use electronic means to do business are forced to prove that some important exceptions have been forgotten.
On the other hand, we can choose a much more open approach, with few restrictions, and then realize over time that a great deal of spam is still getting through and that the bill has to be applied in a much stricter manner. In short, this isn't easy.
Today, I have the impression that you have found arguments to prove that the bill should be amended because it will interfere with commerce and legitimate communication on the Internet. That is clearly what your presentation led me to conclude.
I would like to put a question to Mr. Morency or to another representative of the Desjardins Group.
You took issue with clause 2 in particular. You mentioned that Bill affected electronic commerce and needed to be readjusted. I understood your arguments.
Do you have any concrete suggestions to make to us in order to bring about this balance and allow you to continue to do your work in a legitimate fashion?
I believe you have defined the concerns very well, Mr. Garneau. Industry and all of the stakeholders in the business arena share these concerns. Everyone advocates legislative intervention but would like to see a better balance. In our opinion, that balance is mainly related to the matter of consent. In this case, it is much more restrictive. In order not to be penalized in comparison with international businesses in particular, all of the business community would need a much more flexible notion of consent.
In fact, several of our comments converge. We feel that business relationships are in a separate category. When a business decides to release its email address, people should be able to contact it for legitimate commercial purposes. Moreover, the concern with regard to referrals was raised in particular by the IFIC representatives. This reality affects all of industry. We think that amendments allowing businesses to contact clients after a referral would facilitate things greatly.
Finally, the possibility of obtaining consent through electronic means may be the most important factor. When we use a medium, we want to be able to obtain consent through that same medium, i.e. through electronic means. It is very clear that everyone is in favour of a legal intervention and agrees that consent would normally be required, in order to be able to communicate. The way in which that consent is obtained is mostly what needs to be amended in order to attain a good balance.
:
Very well. Thank you very much.
[English]
Perhaps I could ask a question of the Canadian Life and Health Insurance Association. I think one of the primary arguments you brought forward, which has just been referred to, is the issue of getting consent to interact, to communicate. If I understood you correctly, if one has to go and ask for that consent by some other means of communication than an e-mail saying, “Can we communicate, can we establish a relationship?”, you said that doesn't work very often and that it would be more practical, more environmentally safe, to be able to communicate directly initially by following certain rules.
I don't know if there have been any studies on this, but do you have any evidence to support the fact that requests for consent, let's say by written letter or other means, don't really work, as opposed to being able to do it directly through e-mail?
:
Thank you, Mr. Bouchard. If I understood correctly, there were two questions.
The first concerns mass emailing. I am an entrepreneur and I have a clientele. I do financial planning with about 500 families. If a client does me the honour of referring a potential client, I send an email to that potential client. And so, if you were my client and if you referred your brother to me, I would send an email to your brother. I wouldn't send 50,000 emails to all of the Bouchards in Quebec, just one. That is the exception I hope to obtain. I'm not talking about sending mass emails, but I simply want the opportunity of being able to respond to the invitation of a client who wishes to introduce a third party to me, someone who does not know me yet.
To respond to your second point, in our commercial area, we have clients who make one or several investments with us. If, for instance, a person made an investment in 2006 and has not made any others since, that person continues to be my client. And so we are simply asking that the 18-month period begin when that person for instance removes his or her investment with us and is no longer our client. However, as long as he is with us, he remains our client. Consequently, the 18-month period would not apply in that case but only when the business relationship has ended.
I hope I have answered your questions.
:
I might not be able to help you with the wording of legislation. I'm just a financial planner, not a lawyer. However, in our business a referral is a very precious thing. We work hard to be able to ask our clients to provide us with referrals. The preferred method of communicating with this new client is through e-mail. Letters are fine, the telephone is fine, but e-mail is more and more the way to go.
If this law passes along, coming up with new clients will become a rather creative affair and we'll have to resort to strategies from a generation or two ago. In other words, I think there'll be a resurgence in Rotary Clubs, Lions Clubs, and social networking groups that rely on face-to-face meetings and rubber chicken dinners, as opposed to meeting online, which is how a lot of people work these days.
I simply suggest that banning all e-mails to a third party that is unknown might be pushing it a bit too far, but a one-on-one referral--as opposed to a client who has 14 million contacts--might be a bit further. In our business, and as it relates to my own business as a self-employed person with five people on staff, we treasure referrals. We want to be able to get to these people any way possible. E-mail is becoming more and more the preferred method of choice by both us and the people who are being referred. We'd be grateful if we could keep using that method.
I noted with interest one of the subjects we haven't discussed here--it is in the Desjardins notes--and that's unsubscription, which is quite important in this part of the bill. If you give consent to something, you obviously need to be able to reverse that and take yourself off a subscription list, especially if there has been a poor relationship with the business, or what not. It gives you control of your digital information.
I notice you have difficulty with the 10 days for unsubscription. Maybe you can highlight the reasons for that. You suggest 31 days, which I think is really long, especially if it's supposed to be a business working relationship with someone. If they can't get unsubscribed for 31 days that's a long time.
Would it be more reasonable to have 10 business days to unsubscribe? You're contacting somebody's home through e-mail to their computer. I find it hard to believe that it would take a full month to get unsubscribed. Maybe you can provide some detail on why the 10 days is difficult for you to achieve.
Thank you very much to each of you for appearing today and commenting on this very important piece of legislation.
I did understand from you that your general consensus is that this is an important piece of legislation and that while it is something we should be moving towards, you do have some concerns. I'd like to address some of those concerns today by asking a couple of questions. I'll just ask a general question, and feel free, anyone who wishes, to speak to this issue.
I think I heard from each of you that the definition is simply too broad. Would you generally agree that we should be directly targeting only those who conduct themselves in a way that results in abusive communications rather than the other way around, that is, rather than introducing an entirely new set of regulations on the regime for communications? Right now I think I'm hearing from you that we're simply too broad. Should we be narrowing that field down and having the legislation change its view? Am I hearing that correctly from each of you?
:
I can start, but I see that Joanne wanted to jump in there.
The do-not-call list is obviously a different model that I think will prove itself over time. That's why it's important to give it the time necessary to work out.
As far as this bill and PIPEDA are concerned, I would say there's a lot of consistency in the approach. The definitions certainly would seem to mesh. I think the two pieces of legislation have been well thought out in the area of consistency.
As far as this legislation and your previous question about the philosophical approach to this is concerned, again, it was either go this way or that way, but I think the ultimate objective is the same. I think a lot of thought has gone into this bill, but it needs some important tweaking to make it workable.
I hearken back also to what I believe Mr. Garneau said earlier. Do you want to put in a piece of legislation that's really tough and stops everything, or do you want to put in something that goes some way and see how it works?
I'm for the “go some way and see how it works” approach, because you can always go back and put more rules in place if it's not working out.
I want to thank our guests for being here today. I appreciate it. I saw some of them earlier.
To follow up a little on what the chair said, I have the actual wording of the bill in front of me. We're not going to wordsmith here, to be perfectly frank with you, but in the next week or so we are going to be going through it line by line.
We need actual legalese wording that reflects this, whether we agree or not. It would give an opportunity to the staff from the department to look at that wording to give us a reasonable answer on whether it's feasible or not, or what the consequences would be. So if you can get it to us, that would be great.
To our friends from the life insurance organization, I'm a little concerned about sending out e-mails for consent. Are you telling me those e-mails would not have a referral name attached to them? Would the e-mail say, “Mr. Wallace, we got your name from Joe Blow and we'd be interested in talking to you about your life insurance needs. Do we have consent to call you?” Would Joe Blow's name be attached to that, or would it be just an e-mail directed to me?
And thank you for being here today.
From the start, we have been talking about consent and bulk email, but we are also talking about businesses. Indeed, you all have a business or you work for a business. We want to pass Bill , which covers Quebec and Canada, and targets the mass distribution of email and spam.
But what about the other countries where these messages can originate? What kind of competition does that mean for you, since they are not regulated? Here, it will be regulated, but not abroad.
You raise the following problem: others will be allowed to distribute email in bulk, but not you. How could we adjust things in a suitable manner, so that we could obtain consent without sending out a mass email to 14 million people? We want to make it law and stop this. Consumers' inboxes are being flooded with spam. There are four or five companies here today, but there are many more all over Canada. We need to follow some kind of logic.
First, I would like to hear your thoughts on that and what your idea of business consent would be. What would you consider a reasonable distribution of email that would allow you to stay in business?
I am just wondering if any of your suggestions could be done through regulation instead of amendments, because I'm thinking that regardless of what we come out with in this bill, things are going to change.
Let me give you an example of something I consider spam, which is really irritating in the banking system right now. I go online to access my bank, using my own computer and my own time and paying for the Internet service. I've paid for all of that, but when I go into my account, before I can do anything else, I have to answer a question from my bank about once or twice a month. The bank is basically trying to solicit information from me for other products and services. I have to do that before I can actually go into my own account.
As a customer, I consider that an abuse. As well, it takes my time and it's something I'm not interested in. Even if I respond with, no thanks, what they're doing is testing me all the time on different products and services I might be interested in before I can do my own banking.
So I want to see stuff like that taken care of as well, because you should have the right, if you're going into your own account, not to have to do a survey every single time, especially as you're paying for your computer, you're paying for your time on the Internet, and you're doing the bank's job.
So is there anything right now or any change in what you suggested that could go through regulation as opposed to amendments?
Again, thank you to our witnesses.
I have a few comments and then a couple of questions. As I've listened, I've heard you bring up concerns that, again, I have sympathy for, and yet in terms of the legislation actually meaning anything at the end of the day when we're done with it, I struggle to see where we would accommodate it by taking some of the steps that at this point have been suggested by each of your organizations.
To my colleague Mr. Wallace's point, it would be nice if after the meeting you were to go back and brainstorm a little more and maybe find some other ways around some of these things. We'd welcome the suggestions, that's for sure.
One of the things I note is in the brief by the Life and Health Insurance Association. It says: “Properly constructed, an introductory electronic communication could be quickly and easily identified by the recipient who, with a minimum of inconvenience, could then decide to respond to the message or delete it.” I can't imagine any e-mail I receive that I could delete faster than some of the pharmaceutical and bank e-mails that I get already and that are properly constructed, too, I would say.
I think it was Mr. Brun who made the comment about all these companies that send us mass e-mails and how all they want to do is inundate us with e-mails, but I actually disagree. I think they want to make money. I think they just know that if they send out 30 million e-mails and 10 people respond, they actually make money, and that's what's wrong with the system right now. It's at the point right now where we get so much e-mail.... Even going back to my previous life in sales, it got to the point where an e-mail didn't mean anything anymore, because we got so much junk that it was too hard to find the ones that actually meant something. The amount of junk we got slowed us down so much that it was hard to find the ones that were actually meaningful, those from clients that we had relationships with.
To my question now, in terms of the legislation as it goes forward, if it were to go forward and not change some of the things regarding consent, I'm curious to know how your members would get around some of these pieces of the legislation. You must have considered that, saying, “Wow, if this passes, how are our members going to conduct their business?” I'd like to hear some of the creative ways that business would maybe change a little bit as your members try to get around the rules.
To the people who are in sales, how much of your business is referral business? What percentage of that is through direct e-mail when you're asking someone...?
To Mr. Zinatelli, maybe you can give me some wording or look at the legislation and suggest something here. If someone is sending an e-mail to a referral, would it be appropriate to force the person sending that e-mail to include the name of the referring person? That might be a legal matter, but maybe it's a way of getting around this.
I understand what the government is looking for; they want to avoid millions of e-mails going out at the push of a button. On the other hand, if you identify who has referred you to that person, would that resolve much of the trouble we have there?
Welcome to our 34th meeting of the Standing Committee on Industry, Science and Technology.
We're here pursuant to the order of reference of Friday, May 8, 2009, to study Bill C-27, An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act.
We have in front of us, on our second panel today, witnesses from three different organizations: first, Mr. David Fewer and Mr. Tamir Israel from the Canadian Internet Policy and Public Interest Clinic; we have also with us Mr. David Fraser, Mr. Kim Alexander-Cook, as well as Tamra Thomson, from the Canadian Bar Association; and finally, we have Mr. John Lawford here, and Madam Janet Lo, from the Public Interest Advocacy Centre.
Welcome to you all.
We'll begin with five minutes of opening statements from each organization, beginning with the Canadian Internet Policy and Public Interest Clinic.
:
Thank you for providing CIPPIC with this opportunity to offer you our submissions.
We're a technology law clinic at the Faculty of Law at the University of Ottawa. Our mandate is to ensure balance in policy and law-making processes by representing under-represented interests and perspectives on issues that arise at the intersection of law and technology, so you might guess why this legislation interests us.
We were established in the fall of 2003, and since that time we've advocated for a legislative regime that addresses spam, phishing, spyware and malware. Our advocacy has included making contributions to the Task Force on Spam, offering submissions to Senate and House committees on identity theft, and participating as a member of the Anti-Spyware Coalition, a coalition of business and consumer advocates working together to address the challenges of potentially unwanted technologies such as spyware. All of this is very pertinent to the work this committee is doing and the bill before you.
We have a lot to say about this bill. I'm going to try to reduce it four areas, though I'd be happy to take questions about anything you have on your minds about this legislation.
First, I want to talk about the purpose of the legislation. Second, I want to talk about challenges to the consent principle. Third, I want to address the central importance of the private right of action. And finally, I want to talk about something I haven't heard a great deal of discussion of before the committee, namely, some fundamental changes to PIPEDA's central investigatory power.
First, on the purpose of the legislation, many of the criticisms we've heard of this legislation suggest that it goes too far and that it's not tailored to reducing harm. With respect, these challenges misstate the objective of the legislation. The objective is to establish accountability for sending unsolicited commercial e-mail.
E-mail is directed at more than just fraud and deception. This legislation is about more than phishing and Viagra ads, right? It's also about promoting commerce. It's about the cost imposed by spam on all Canadians, Canadian consumers, and Canadian businesses. Even commercial e-mail imposes efficiency and productivity drains on us. After all, we call such e-mail, when unwanted, spam. At bottom, it's about enhancing the ability of telecommunications tools to promote efficiency within the Canadian economy more broadly, or to enhance productivity within Canadian businesses more broadly. That's the focus. Keep that in mind. That's the harm we're trying to avoid.
This committee heard earlier from the Coalition Against Unsolicited Commercial Email about the costs of spam, estimated to be about $300 per employee in lost productivity. That's the focus. This legislation aims at establishing accountability for spam; it's aimed at reclaiming control over the inbox and restoring the utility of e-mail and other electronic communications as productive tools that promote commerce.
Second, on challenges to the consent principle, we've seen claims that the nature of the consent required by the bill is too vague. Frankly, we don't see any merit in those claims. Our experience with PIPEDA, our federal privacy legislation, suggests that businesses can work with opt-in mechanism. The circumstances under which explicit consent may be done away with are clear, in our view. To the extent we need to address these things, we can address them by regulation.
And finally, we argue that the availability of a due diligence defence further assists businesses in addressing consent issues.
On the central importance of the private right of action, having mentioned PIPEDA, I need to stress that PIPEDA alone is insufficient to address the behaviour targeted by this legislation. In particular, the private right of action is essential to the functioning of this law. The harms associated with spam and spyware are cumulative. The harms here are many small ones, repeated often. The ability of consumers to band together and businesses to band together to address noxious behaviour is essential to address these kinds of cumulative harms. Gutting the private right of action guts the bill. This tortious behaviour is not something that a serious harm standard advanced by some can address.
And finally, there is the issue of changes to PIPEDA's central investigatory power. Frankly, we're greatly alarmed by the sweeping revisions to the framework of PIPEDA proposed in this bill. This legislative change has nothing to do with spam or spyware; it's a fundamental revision of the complaints-based framework of PIPEDA itself. And there are many problems with PIPEDA from a consumer perspective, but the mandatory nature of investigations of complaints by the Office of the Privacy Commissioner is not one of them.
We'd ask that this section be removed from this bill and placed in other legislation, along with other amendments of PIPEDA that are pending further to the five-year review of the statute. That's where that kind of framework amendment belongs, not in this bill, not tailing along in this bill. The fact that you've heard so little about this suggests the merit of that claim.
If this provision is left in, we would suggest that you limit it to granting the discretion the Privacy Commissioner seeks in respect only of the subject matter otherwise addressed in this bill: spam, malware, etc. And if it is to be left in, and of general application, we would suggest that it needs to be narrowly tailored to address the specific concerns raised by the Office of the Privacy Commissioner of Canada, such as frivolous and vexatious complaints.
With respect, our view is that the discretion being granted is just too broad.
Thank you. We'd be happy to address any questions you might have.
As a preface to all of our comments, we'd like to emphasize for the benefit of the committee that we agree wholeheartedly with the intent of the legislation. I think there's general consensus that spam wastes time, energy, and significant resources, is a source of fraud, and makes it difficult for legitimate business to be conducted online. Notwithstanding that, we do have some serious concerns about and exactly how it's implemented. I'll briefly delve into each of them, but we will of course be available for questions.
First of all, we think the legislation is a little too broad. What it does is take all commercial electronic messages and outlaw them subject to some hard-to-manage exceptions that are simply based on explicit consent, which can be altered significantly in regulations; personal or family relationships, which also are defined in the regulations that we haven't seen; and implied consent, which doesn't quite accord with what you would think implied consent means--it means simply an existing business relationship.
We're also concerned that the legislation itself is inconsistent with related regimes and other statutes that it actually seeks to amend. “Existing business relationship” is a concept that's entrenched in the national “do not call” list, but it's treated differently for the purposes of this statute. “Commercial activity” is also a term that is central to the Personal Information Protection and Electronic Documents Act but is defined differently in this statute for purposes that aren't necessarily clear on their face as to why one needs to have different definitions of the same term.
Consent, which is obviously a concept that's central to the privacy provisions in PIPEDA and is central to this piece of legislation, is radically different from one to the other. We think this presents problems because many of the businesses that are going to have to deal with compliance with the , PIPEDA, and the Competition Act are the same people who are going to be using the exact same terms, but for very different purposes or with different meanings, which makes it difficult to manage.
Otherwise, the statute is also a bit hard to follow, and we're concerned that too much of it has actually been left to the regulations. This is a statute of general application. It's going to apply to pretty well every business and it's designed to be for the benefit of every single consumer. In our view, businesses should be able to pick up the statute and have a very strong understanding of exactly what it is they have to do and what it is they can't do. Likewise, consumers should have the ability to pick up the statute and understand what their rights are and what their remedies are.
It's our feeling that too many important provisions are being left to the regulations, which may be sensible in the sense that this is a rapidly moving area. There are some central concepts that could be and should be entrenched in the statute, with regulations being left to deal with issues that come up and to deal with loopholes that might not have been foreseen.
We're also concerned that the statute may in fact actually, on its face, violate the charter, simply based on a violation of the freedom of expression provisions contained in paragraph 2(b) of the charter for anything that regulates communication that conveys expression. You may not think that most of the spam that arrives in your inbox actually conveys meaning, but the courts would find otherwise. In order to be justified, it has to meet a strict test under section 1 of the charter, the most important provision of which is that it has to be minimally impairing, so it has to be very finely tuned legislation.
We're concerned that the way it's drafted so broadly may mean that it actually might not survive a charter challenge. While we agree wholeheartedly with the intent of the legislation, we don't want to be back here in a couple of years because it has been struck down as being unconstitutional. In our view, it needs to be fine-tuned in that regard.
A number of fixes could be proposed, which we'd be happy to talk about at greater length. The most important one would be not to limit implied consent. I think you've probably heard this from others. Consent is a concept that we've been dealing with under privacy legislation for quite some time. People have a pretty good idea of it. You've been dealing with it in the medical context as well. A reasonableness standard can be put in place.
Before I run out of time--and I apologize for being a bit long-winded--I'm going to hand it over to my colleague Mr. Alexander-Cook.
In addition to the concerns raised by Mr. Fraser, we have two concerns that relate specifically to the way in which proposes to amend the Competition Act.
The first concern is, in essence, a concern about a single word, or at least a single phrase. It's only a single phrase, but we think you will agree that it's a very important one.
At clause 71 of the bill, added to the Competition Act is a new proposed section that provides for a criminal false and misleading representation offence that applies specifically to electronic messages. There's already a general false and misleading advertising provision in the Competition Act. This provides a very specific one.
This new proposed section would specifically prohibit sending an electronic message knowingly and recklessly with one or more of the following three features: either misleading or false header information, that is sender or subject matter information; content within the message that is false or misleading; or locator information that's false or misleading.
Our concern is that only in respect of one of those features is the important phrase “in a material respect” included. In all other prohibitions for false and misleading representations in the Competition Act, there is a qualifier.
The false or misleading representation has to be in a material respect. There is an important reason for that. We all make mistakes, and in fact, many people in business make what are actually false representations but which ought not to be pursued for false or misleading representations under the Competition Act. I can give you a very simple example.
Last week I sat on an expert panel at a conference where we considered environmental product marketing claims, including the following claim: “Save the planet, use our biodegradable shampoo”. We talked at length about this claim. One of the issues that were not raised was that “save the planet”, although it's obviously false in respect of the shampoo, was problematic under the Competition Act. It's considered playful puffery or hyperbole. Is it false? Yes, you're not going to save the planet by using this shampoo. Is it actionable under the Competition Act as a criminal or civilly reviewable offence? Not under the general provision. Would it be if it were included in the header of an e-mail? Under , arguably it would be. That's our first issue.
The second issue concerns the proposed lowering of the threshold that must be met under the Competition Act for a temporary order to be issued by a court in respect of any allegedly reviewable conduct under the act. That includes not just misleading advertising, but it includes tied selling, exclusive dealing, and a number of other pieces of conduct that businesses may or may not be engaged in.
, perhaps unaware to many on the committee, makes a fundamental change to the standard that must be observed by a judge in deciding whether to issue a temporary order to stop a representation from being made. It will not only apply to electronic message representations, but it will apply in respect of all of the conduct under the Competition Act to which it currently speaks. This is an over-breadth that, in our view, defies any real rational connection to this legislation.
Thanks very much.
My name is John Lawford. I am counsel with the Public Interest Advocacy Centre. With me is Janet Lo, also counsel.
PIAC has been deeply involved for many years with the efforts to regulate commercial electronic messages--that is, spam--and the Personal Information Protection and Electronic Documents Act from a consumer perspective. We therefore are here to give you that perspective on .
Make no mistake about it, the Electronic Commerce Protection Act, is intended to empower consumers, to empower them to take control of their electronic mail and to take control of their computers. In this way, it is hoped that spam and spyware, fraud such as phishing and the like that is delivered with this manner, can be greatly curtailed. And under this bill, with this focus on consumer empowerment, it can.
Based on this underlying belief in the legislation, we wish to make three basic points to the committee and mention three possible amendments to the bill.
The first basic point is that under the ECPA as drafted, an individual's personal consent, explicit in most cases and implicit only for limited exceptions, is required before an organization or individual can send them a commercial e-mail. This is the only effective way to stem the tide of spam. Exceptions from this requirement for certain senders or an enlargement of the implied consent standard should be strongly resisted by the committee.
Some of the presenters to the committee have expressed concerns that the requirement for explicit consent to receive commercial e-mail is too onerous or would be unworkable. PIAC cautions that the general requirement of explicit consent underpins the entire structure of the bill. It is only by clearly--that is, explicitly and with solid proof--requiring a person's verifiable consent to receive commercial e-mail that the tide of unwanted commercial messages can ever be truly controlled.
Marketers gain advantage from assuming consent, which is possible under an implicit consent model, as their only goal is to simply deliver the messages, leaving the work and time invested in sorting out what is relevant or what is spam to the individual. As we all know, it is the incessant time-wasting triage of e-mails from hundreds and thousands of uncoordinated marketers using this lazy technique that creates the problem of spam.
The existing business relationship exemption for implicit consent allows a wide scope for commercial contact with consumers by e-mail. Every customer of every business is deemed to consent to receiving e-mail from that business unless they go to the trouble of unsubscribing. This exemption provides businesses numerous opportunities to seek and obtain explicit consent and provides for a long tail of 18 months after dealings with that customer to again obtain explicit consent for future e-mail solicitations. We know that this time period is equal to that allowed under the national “do not call” list for the same purpose.
The second basic point is that as drafted under this bill, there is no business-to-business exemption from the explicit consent requirement, it is true, unless the e-mail otherwise falls within that existing business relationship implied consent exemption. That is, businesses under this bill may not seek out new business by sending unsolicited commercial e-mail to other businesses or consumers that they do not actively do business with, period. This practice may well be the norm in the business world and in certain industries, especially banking or insurance, which may rely on referrals, where the recipient has no relationship with the sender, but that is not permitted at the moment. We believe that is as it should be. These are, in our view, unsolicited commercial e-mails that are just as annoying and productivity-killing for people in the workplace environment as they are for consumers at home.
We note here that under the national “do not call” list, referrals are also not allowed.
Should this committee absolutely want to have a business-to-business exemption for prospecting for new business or for referrals, we recommend that the business-to-business exempted e-mails also be required to follow the same rules as are laid out in subclause 6(2). That is, the e-mail must have information on the sender and the unsubscribing mechanism.
The third point is the private right of action. We feel that the private right of action must be maintained in order to protect consumers intended to be empowered by this legislation. The private right of action will only be used in egregious cases. We note that if the company is fined or is complying with an undertaking, consumers cannot bring an action for statutory damages. Therefore, this provision likely will only be used in cases where consumers suffer actual loss or damage, which they normally would be able to sue for anyway, or when there's a serious matter of interpretation of the legislation and the CRTC has refused to issue a notice of violation.
Courts are best placed to determine the interpretation of the act and whether actual loss has occurred. However, what is missing in that private right of action, we note, is a provision that protects companies from being able to contract out of this right.
We therefore recommend to the committee that they consider a provision modelled on sections 6 to 8 of the Ontario Consumer Protection Act, 2002, which does that as well. I have three possible amendments for the committee.
The first one is that we do believe the penalities involved in the bill on the e-mail side may be too high. We've heard that today. We suggest that they be brought into line with those for the national “do not call” legislation. They do not need to be terrorizingly high; they just need to be effective.
The second amendment is that the installation of software when there is implicit or explicit consent requires a transparency section that is parallel to that for e-mail, which is now found in subclause 6(2). There is subclause10(2) of the present bill, which requires the software supplier for spyware to describe clearly and simply the function, purpose, and impact of every computer program that is installed. However, that's not parallel to subclause 6(2). It doesn't tell you which company, and it doesn't tell you how to contact them. As well, it doesn't give you information about how to unsubscribe, and in this context that would be how to get off of automatic updates in the future. PIAC studied spyware in 2006 and issued a report at that time. We have further recommendations for the legislation that could go into the regulations with regard to more spyware requirements.
Our last amendment is to repeal the bill's potential to remove the national “do not call” list. Therefore, we agree with the Canadian Marketing Association that clauses 64 and 86 would be removed from this bill. We agree with them because we feel that the national “do not call” list needs time, and that the Electronic Commerce Protection Act approach is necessary for spam but will not work for telemarketing and vice versa.
Those are our comments. Merci.
:
Thank you, Mr. Chair, and thank you to all of you for coming out this afternoon.
As for my questions, I'm going to start off with Mr. Fraser, Mr. Alexander-Cook, and Ms. Thomson.
In the brief that you submitted to the clerk and the chair of the committee, you raised some of the most important and pressing issues and concerns of your members regarding . You also provide different approaches to address these concerns. Regarding your first recommendation that rather than ban all electronic communications and rely on exceptions and regulations, as the current drafting of the bill is written, we should amend it, I quote, by “targeting only that conduct that results in abusive communications”, this recommendation was also brought forward by Barry Sookman, who was representing the Canadian Chamber of Commerce, as well as many other associations that have submitted briefs to our committee. He recommended that Canada look at the Australian model, which is considered to be the best model as far as this type of legislation goes.
Have your members had the chance to review and compare legislation that exists in Australia concerning anti-spam? Other countries that are mentioned are New Zealand, Hong Kong, and Singapore. How do they compare, and what are the big differences between them, and what can you suggest that we do differently?
:
Fundamentally, the challenge we're dealing with is that we have a piece of legislation that starts with a very broad prohibition and then has exceptions. Those exceptions are really quite firm, although they do have the possibility of being altered significantly in regulation.
The issue is that for most pieces of legislation where they're looking to curtail particular behaviour, they name exactly what the harmful behaviour is and outlaw that. They leave other behaviour that doesn't meet the threshold of needing to be outlawed to still exist.
Now, I recognize that a number of people have argued that there's a cumulative effect of all of this. You can have one piece of unsolicited commercial e-mail that's not, on its face, particularly offensive, but when you get dozens and dozens, or thousands and thousands, appearing in your inbox, cumulatively they have a very significant impact.
The challenge is trying to make sure that this piece of legislation is sufficiently tailored so that it does deal with what is seen as being the harm, which is that huge number of e-mail messages that people do not want, and at the same time tries to address a circumstance where there are e-mail messages that many people, and maybe the preponderance of people, would say would be reasonable in the circumstances. Making sure that the two fit together; that's what this legislative scheme has to allow to take place.
What is reasonable is going to differ from one individual to another. It's a very difficult task that this committee has and that everybody who's appeared before this committee has had to deal with. But given the way the scheme is in this piece of legislation, it appears to be consent based. If you have the person's explicit consent in the manner prescribed, you can send them commercial e-mail messages. If you have implied consent--implied consent is very narrowly limited to within this existing business relationship, fundamentally--you can send them messages. But there's a possibility, a chance, that there are kinds of communications that are not particularly offensive and that in fact in some cases may be welcomed that would inadvertently be caught within this very broad net.
To give one example, let's say I'm an accountant and I would really like to volunteer for your next campaign. I'd really like to help you and offer accounting services to your campaign. I could not send you that message by e-mail. I could not tell you that. That would be outlawed. Even if it's to completely volunteer, one element within that would be a smidgen of self-promotion, which is enough to taint that entire e-mail message and make it unlawful.
Referrals are obviously something that you've heard about. There's even the change of address notification to your professional contacts. They may not have been customers, they may not be your family and friends, they may not be people you've done business with; they're members of associations. That sort of e-mail message, which a lot of people would say is reasonable, would probably be caught within that net.
I think the challenge is to try to tailor the legislation so that the bad stuff is caught and the inoffensive stuff is not necessarily caught.
The first question is to Mr. Cook. I understand the argument about the Competition Act and having different media treated differently in terms of that. I want you to walk us through again.
When you gave the example of saving the planet in the header, I consider that advertisement actually a lie, so I was actually happy to hear that would stop, because it's a lie. Whether we get a chance to regulate that through the Internet—maybe you can still make that claim outside on TV or radio, and I understand the argument there, that there isn't consistency—why not have an opportunity to stop a lie when we can stop it?
Maybe you can walk us through again, though, if there's another part of the scenario that I'm not quite catching that could have other unintended consequences.
:
I think you're catching it. You don't like my example, so I'll have to come up with a better one. I picked that one because it's an example of what some, but not all, people would regard to be playful hyperbole, puffery. We see it in ads all the time. We think it's cute, interesting.
First of all, it's not misleading. It doesn't mislead us. That's fundamentally the issue.
To the extent you think “save the planet” might mislead someone, I agree with you. If it is a matter of fact that it would mislead people, then I agree with you. Often these things are context dependent.
In the example, in fact, that I brought up the other day, if it were to say “save the Ottawa River”, or “save our waters” or “save our lake”, something that people might think is relevant and they're going to buy that product, then I think you're into a question of, well, will this really save the lakes? When you say “save the planet” or something that is equally distant from reality in connection with the product, which is all I'm saying, it would be, strictly speaking, false. Nobody would believe it was meant to be anything but false, yet technically it would be still be caught under this legislation.
If someone comes up with a better example, I'm happy, but that is the one that came to mind today.
I want to ask everybody here, as I asked the previous group, about the 10 days to unsubscribe.
I think what happened today--as sometimes happens in debate--is that some of those in the business community who use this mode of information and technology have it upside down. You know, really, you're privileged to be able to send an e-mail to my computer, which I pay for, with the service that I pay for so that I actually get the capacity to send that information, whether it be high-speed or whatever it might be. It's your privilege, then, to actually put something on my communications systems.
I think that's where I come across, from a consumer's perspective; there's a sense of responsibility there. If I'm going to give you access to my system, through my service that I'm paying for, and if I decide later to unsubscribe....
We heard 31 days, but I have a hard time believing that you can't get off the list for 31 days. There's also the 10 days.
Maybe I can hear from everybody briefly in terms of what you think is reasonable.
:
Perhaps I can start, Mr. Masse.
From PIAC's point of view, we believe that the speed of unsubscribing should be equal to the speed of subscribing. That was a submission we made in the PIPEDA five-year review.
I think the 31 days is being mentioned because the e-mail instantly gets sent out to other channels of marketing. Specifically in telemarketing, under the “do not call” list, you do have to give the telemarketers 31 days to clear the list. So I think they're trying to line it up with that.
But from our point of view, we take the same position: if I subscribe instantly, and I start getting e-mails right away, I should be able to unsubscribe in a similar time period. We're doing it by the same mode. I'm allowed to unsubscribe by e-mail, so why not by the same amount of time?
Allow me to add my appreciation to each of you for having taken the time to come here today, but as importantly, for having taken the time to go very diligently through the legislation and give us some very good suggestions and recommendations.
My first comment has to do with the philosophy of the bill. I think all of us agree--I don't think there's a person who hasn't agreed--that this is a required piece of legislation, but there's a philosophy differential. I'm hearing especially in today's group two different schools of thought, as it were. There are those who think this should be a bill directed just towards what I'm going to call abusive communications, and there are those who really think that it should be very broad, that it should really talk about accountability of electronic communications. I think “accountability” is the word you used.
So there are two kinds of philosophies here, and I would like to talk about that for a moment, because I'm going to use an example. I think that in your submission you actually say that concerns are “largely unfounded”, yet we've heard concerns around the scope of the bill being too narrow, concerns around how clearer definitions are required, and concerns about what is not permitted. We've also heard implied versus express consent concerns. I can go on.
There are these two different philosophies. One is saying that we just need to fix the problems we're having with these abusive communications. Then there are those who say that we should decidedly keep it broad.
I'm going to go to the international community. As I understand it, the bill we currently have before us assumes that all electronic communications are basically unwanted spam, and it really prohibits commercial electronic messages. If I look at, for example, the U.S. legislation, it applies to e-mails that are sent in violation of an individual's opt-out request and are fraudulent, false, and misleading. If I look at Australia's, as I think my colleague mentioned, it applies to a defined list of commercial electronic messages that relate to direct marketing. The words “direct marketing” again show up in the Singapore spam act. Could each of you talk about this?
Perhaps we'll start with Mr. Fewer, because I think you were on the side of it being broader, and then perhaps Mr. Fraser and Mr. Lawford can talk about a philosophical view. What we don't want to do is penalize legitimate commercial communications here in this country. We don't want to have the situation where those outside of our country have access to people inside of our country with e-mails, access that we don't legitimately have.
Mr. Fewer, could you perhaps comment? And then we'll move on to others.
:
Absolutely. This is something that I've heard come up a few times, particularly the international competitive situation--not the legal comparatives, but the international competitive situation--so I want to try to unwrap some of that.
First, this bill does not outlaw electronic communications. It outlaws unsolicited electronic communications where there's no business relationship, where there's no consent to the communication, so let's not overstate the impact of this bill. What it tries to do is bring back control over electronic communications to the hands of the user, whether that's a consumer or a business. Let's not lose sight of the productivity gains that this legislation promises Canadian businesses. That's something that I just don't think is coming up in these discussions and that we really need to keep our eye on.
Second, on the international comparative on the legal front, I just want to say that I think this bill is a significant improvement over the U.S. legislation, the CAN-SPAM legislation, which, frankly, is a “do not hesitate to spam” bill or law.
Voices: Oh, oh!
Mr. David Fewer: It is not an anti-spam law. So if we were to move in that direction, I think we'd be really going.... This legislation is almost informed by the failure of the anti-spam legislation in the United States, so let's not lose sight of that. This bill is good. Let's keep that.
On the comparative front, from a competitive perspective, there are two points. One, nothing in this bill says it doesn't apply to foreign spammers where there's a real and substantial connection to Canada. We had this fight over our privacy legislation some time ago, and we've seen, just this past summer, the Canadian Privacy Commissioner flexing her muscles and bringing social networking under control, out of the wild west into the era of civilized privacy behaviour. With respect, I think this bill will have a similar impact. Through this bill, we can control foreign nations, foreign competitors, and foreign businesses that are spamming Canadians.
Second, this bill will provide Canadian businesses with a competitive advantage in the use of electronic communication tools that other nations haven't seen fit to give their businesses. When we talk about whether we are disadvantaging Canadian business, the real question is, are we advantaging Canadian businesses? I would submit that we are. We don't want to throw that out in responding to some of the legitimate concerns expressed by businesses that will be subject to this legislation
I'm not sure that we have such a radically different philosophy or approach to it. I think there is a concern that if you're going to sanction administrative monetary penalities, civil damages, and things like that, you go after the appropriate targets. There is a distinction between unsolicited e-mail messages and unwanted e-mail messages. Having a categorical prohibition with exceptions that are extremely narrow and may not accord with what would necessarily be everybody's reasonable expectation can be problematic.
I agree absolutely with the interpretation of Mr. Fewer on foreign spammers. If there is a real and substantial connection to Canada, there's no reason why this piece of legislation could not apply theoretically. Whether or not one could sue in Canada and then enforce that judgment in another country would be a completely separate matter.
We also need to be mindful that we shouldn't fool ourselves; this isn't going to stop spam. Most of the spam that lands in your inbox originates from outside of Canada, and you have no way of identifying who it's coming from. This piece of legislation and the objectives that underlie it are very important, and I think we have broad consensus on that.
:
It's an interesting debate. We're getting into paragraph 2(b) of constitutional law. I should highlight a change in our position, at least to a certain extent, around the appropriate scope of exceptions.
In our submission to the committee clerk earlier this summer, we suggested that we should carve out an exception for political speech, charities, non-profits, and those kinds of things. That was driven by a concern of one of our partners--with whom we were talking about partnering on some advocacy around this bill--who has a much stronger view of the scope we have to give freedom of expression from a United States first amendment perspective and not a Canadian perspective.
In the end, we decided to go our separate ways, at least to a certain extent, with respect to the advocacy we're going to do on this bill. Our view is that we wouldn't want to have an exception for political speech, charities, and non-profits, for the simple reason that communications from those organizations are in unsolicited e-mails when they have a commercial component. If they don't have a commercial component, then they're not captured by the legislation and can go through.
Our view is that the way the legislation is drafted, it is sufficiently tailored to survive a paragraph 2(b) challenge. We do view the legislation as proportional, and we don't think it will fail a minimal impairment challenge.
Mr. Fewer, earlier you said that most spam originates from abroad. The majority does not originate from Canada, but outside Canada. You said that if we eliminate spam, productivity will go up.
What do you think about companies that decide to send all of their communications by mail? They have to be able to market their products. Do you think that our productivity will go up by sending letters? Everyone is going to do the same. How are we going to manage all of those letters? How will recycling centres, which will receive more and more paper, manage the situation?
We can answer the question displayed on the computer screen, we can delete the unwanted email and that is it; it is gone for good. But paper leaves from somewhere, is transported by someone, arrives in homes, is sent to recycling centres and is sent back for treatment.
Do you think that improves productivity? I would like to hear your thoughts on the matter. How will companies advertise?
:
Mr. Vincent, I beg to differ, first of all, with respect to Mr. Fewer's comments. I don't think there's any evidence whatsoever that you could point to that would suggest that business would not be harmed by the increased costs that would accompany being forced to revert back to using letter mail, if that's in fact what the result is.
To me, this really has the potential of throwing out the proverbial baby with the proverbial bathwater. Think of small businesses, so often cited as the major engine in our economy; we do not want them faced with very difficult competition where a large business may be able to afford to market where they can't.
The technology we have with electronic messaging or other aspects of our electronic life is something that I know Mr. Fewer takes seriously, but it should be seen as a very positive thing, and we should be very careful not to be doing harm when we are trying to do good. I think a lot of members here have been very sensitive to that in their questions.
If I may, I'd like to link back to a comment that Mr. Fraser made about the difference between unsolicited and unwanted e-mail. It's a challenge, it's fair to say, given what various stakeholders have been saying here, for the committee to be able to fashion a bill that does not, in a sense, throw out the baby with the bathwater.
By way of one example, if the bill doesn't get refashioned in such a way as to define bad conduct as that which is targeted, as opposed to all conduct with some exceptions, one possibility that I know we have discussed internally here has been to look at the implied consent, and instead of saying in the regulations that we'll define what else implied consent might be, let implied consent stand on its own. It's a strong concept. There really has to be implied consent.
Use regulations if necessary to say, for example, the existence of one or more of the following does not by itself establish implied consent, if you are concerned about that sort of thing. But implied consent can live on its own. I think the business community and the business culture will work out, along with the courts, what that really means.
Again, thank you to the witnesses for coming today.
As we work through this legislation, I think it's important to distinguish between the types of witness testimony or concerns we've heard brought forward, between ones of a technical nature, many of which have been brought up today and we'll come back when we meet with the industry officials and ask them to go through and give some feedback on those, versus the big philosophical question. I think we've heard a lot today about the philosophical question, the broadness of the legislation, and it seems there are very divergent viewpoints on that. I think from Mr. Fewer and Mr. Alexander-Cook we've had two very different views of what we should do with that, and it reflects testimony we heard previously.
Rather than just reiterating the points of view you've already brought forward, maybe you could comment on and describe how the legislation might move or be changed to accommodate the other person's view a little bit. How could the legislation be changed to move towards the other person's point of view without violating the principle you're trying to protect?
:
I would to a certain extent reiterate the point made by Mr. Fraser that perhaps we're overemphasizing the difference between our views, in terms of how substantial a difference actually exists.
My sense is that as soon as you start opening the door on “unwanted”, you get into difficulty, because if I'm an e-mail sender, how do I know what you want? The best way is to get the consent, to find out. That's why I like the bright-line rule that the bill draws that says to go and get consent.
The inbox belongs to the business. If you have a pre-existing business relationship, they are your customer. If you have a contract with them, if you're engaged in business with them, you're clean; you're fine. The implied consent rule takes over there.
We start getting into problems of obtaining consent, really, not only when the relationship is over, but when it has been over for a year and a half. That's a pretty long time we're talking about here. I can't imagine a responsible business that takes a year and a half to follow up on a previous customer.
:
Yes. If I could just add to that, I think the door is already open, because you could have a categorical outline of unsolicited commercial e-mail messages unless you have the explicit consent of the supposed recipient. The door has opened by opening up this existing business relationship exemption, because really, whether I have a commercial relationship with an organization doesn't tell you anything about whether I actually want an e-mail from them. So there already is an assumption being made, and at least in my own personal view, I don't want to receive the e-mails that I don't want to receive, and I want to receive all the other ones.
Try to legislate that. That's the problem. If you put it in a position of being about empowering consumers to be able to make choices about what goes into their inbox, and assuming that the consumers are reasonable people, maybe you need to fine-tune it so that you actually throw out the existing business relationship provision, because that doesn't necessarily tell you whether they want it, and you base it on a principle of consent, like we have in PIPEDA and other statutes.
You can say that they have your explicit consent to send you an e-mail, so they can go ahead. They can do that and you get to fine-tune it. They can send you e-mail messages about insurance services, but you can tell them not to send anything about mortgages. That gives the consumer even more control. There can be implied consent, and implied consent is always going to be determined by the circumstances, and it is going to be held to a reasonable standard, not a reasonable marketer's standard, not a “reasonable otherwise” standard, but what would be considered reasonable in society generally. That may be the middle ground. That's certainly not the position that's been put forward by the CBA, but there is hopefully some food for thought there.
:
Could I address that, because I talked about the distinction between “unsolicited” and “unwanted”.
There are going to be instances, at least in my own experience—and yours may differ substantially—where I'm not going to seek something out, but information about it would be welcome. For example, I don't have a commercial or an association relationship with a professional peer, but I do have contact with him on a regular basis, and when this individual changes firms he sends out e-mail to his mailing list to let people know that he no longer is with firm X but is with firm Y. I would never actively go through my Rolodex asking people to keep me up to date on their addresses, but if he did that, it is not necessarily unwanted and not something I solicited. That would be caught under the legislation as it is now, because that e-mail message would be to promote that individual as a person who offers goods and service, and so it would be a commercial e-mail message. We're getting into some pretty fine distinctions between these sorts of messages.
I don't mind if, from time to time, I get contacted in my professional capacity about something I may not seek out; but it is not necessarily something that is unwelcome. If somebody wants to put forward a business proposal where they are not looking to sell me something or to buy something from me but are looking at an opportunity for us to collaborate as business people, that is captured within the definition of a commercial message under the legislation. I don't know who to seek out to give them my consent to contact me in that way, but it may be something that would ultimately be welcome. That's where we get into these distinctions, and it is a little bit of a challenge to come up with general rules that would encompass them all.
:
Thank you very much, Mr. Dryden.
Thank you, Mr. Alexander-Cook and Mr. Fraser.
Before we adjourn our meeting, I want members of the committee to know that this afternoon the procedure and House affairs committee tabled their report to the House, and that report has been or will be concurred in this afternoon. Therefore, this committee ceases to exist at 6:30.
By Wednesday, you will receive a notice of meeting so that this committee may be reconstituted. We need to elect a new chair, which will obviously be at the discretion of the committee members, but I'd ask that you also keep your calendars free for that 3:30 to 5:30 time slot on Wednesday, because the clerk has been asked to still call the witnesses for Wednesday's meetings. Keep that time blocked off even though the notice of meeting you will receive is simply for the election of a chair.
Keep that timeframe blocked off so that, hopefully, we can elect a chair, committee members willing, and hopefully, committee members willing, start the meeting with more witnesses on Bill .
Without further ado, this meeting is adjourned.