This morning, we met with the Hon. James Moore, Minister of Industry, to discuss Canada’s anti-spam legislation. As discussed within the network throughout the summer, we believe the legislation has good intentions—after all, it is supposed to rid our country of the scourge of spam messages and malware. However there are problems: problems in finding appropriate solutions to unintended consequences derived from the structure and drafting of CASL.
We have always supported the government’s efforts to reduce unwanted spam and malware. We continue to support the idea that consumers should have the choice in the messages they receive and control over the function of their computing devices. And there are many options that consumers have at their disposal to exercise that control. But this legislation captures more than just spam and malware. It captures and makes illegal virtually all electronic messages with any trace of anything commercial about it and software, unless they fall into narrow exceptions and attempts to use regulations to carve out more exceptions. This approach will always result in unintended consequences which continue long after this process is complete unless the main problems with the Act are fixed. Business needs certainty. The approach taken in this legislation does the opposite—it leaves much uncertainty.
More importantly, this approach will make compliance complicated and very costly. The vast majority of our network is small- to medium-sized businesses. Many of these businesses are ill-equipped to manage the database requirements that will be necessary to comply with this law—forcing an otherwise unnecessary investment in IT infrastructure. It would also be a significant distraction from their core business. Most of those companies will view this law as a tax on business.
Over the past nine months, businesses and the associations that represent them have been working diligently with Industry Canada to find regulatory solutions to providing the sought-after certainty. Not all the problems have yet been addressed.
The prescriptive nature of the Act prevents many creative solutions. Here is a list of what still needs to be solved:
- The fundamental definition of a commercial electronic message is still unclear.
- Technology has changed. And the way companies distribute software is now fundamentally different than what had been envisioned even just a few years ago. “App” development, cloud computing and the evolution of mobile devices have created a platform for the distribution and updating of software that would make compliance with the consent requirements of CASL virtually impossible.
- The law reaches outside Canadian borders. Messages or software sent from inside Canada to other jurisdictions are still subject to CASL.
- While there are several exemptions proposed for consent requirements, these do not cover all potential circumstances.
- Finally, the problems need to be solved in a way that guarantees their legal efficacy. Proposals to clarify the law through non-binding guidelines, regulatory impact statements and FAQs do not provide this certainty. Moreover, many of our members do not have the resources to piece all of this together to develop and workable compliance program.