In a previous post,Evaluating the Industry Canada CASL regulations: why they are needed, I suggested thatclose scrutiny needs to be given toIndustry Canada’s new draft Electronic Commerce Protection Regulations. CASL’s “ban all” structure makes it imperative that regulations be adopted to ensure that the goal’s of Canada’s new anti-spam/anti-malware/spyware law (CASL) are met. Their adequacy and appropriateness should be measured against these and other generally recognized objectives. In this post I propose to lay out the framework for assessing the regulations.
CASL’s formal title starts off with the words “An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities”. The Bill’s summary re-iterates this purpose as does Section 3 which describes CASL’s purposes as follows:
The purpose of this Act is to promote the efficiency and adaptability of the Canadian economy by regulating commercial conduct that discourages the use of electronic means to carry out commercial activities, because that conduct
(a) impairs the availability, reliability, efficiency and optimal use of electronic means to carry out commercial activities;
(b) imposes additional costs on businesses and consumers;
(c) compromises privacy and the security of confidential information; and
(d) undermines the confidence of Canadians in the use of electronic means of communication to carry out their commercial activities in Canada and abroad.
The Government has also stated that the key goals of CASL are to “deter the most damaging and deceptive forms of spam from occurring in Canada and help drive spammers out of Canada” and to encourage the use of electronic means to carry out commercial activities. The goal is to accomplish these objectives without negatively impacting legitimate businesses that use electronic means to market their products and services to Canadians. See Government of Canada, Backgrounder, Questions and Answers, and Online Threats, Government of Canada Moves to Enhance Safety and Security in the Online Marketplace. In introducing CASL at second reading, Minister Clement stated that CASL’s purpose “is not to limit legitimate online business. It is to promote electronic commerce by increasing confidence in the use of the Internet to carry out business transactions”. Thus the goals of CASL imply trade-offs: discourage the most damaging a deceptive forms of spam and malware, encourage the use of electronic communications, and do not negatively impact Canadians or Canadian organisations.
The Charter of Rights and Freedoms also imposes limitations on the permitted encroachments on free speech including commercial speech. These limits must be reasonable and justified, minimally impair the free speech right, and be in proportion to the harm that is being targeted. See, RJR-MacDonald Inc. v. Canada (Attorney General),  3 S.C.R. 199; Rocket v. Royal College of Dental Surgeons of Ontario,  2 S.C.R. 23.
In response to the consultations, virtually all commentators focused on CASL’s overreach and imbalance. They pointed out that the costs and inefficiencies of complying with CASL’s “ban all” approach and formalities would be significant and were not needed to accomplish the goals of the legislation. They warned that CASL would unduly impede the use of electronic means of communicating by Canadians. They said it would put Canadian businesses at competitive disadvantages to their foreign competitors and result in the loss of jobs, retard the growth of small and start-up businesses, limit the innovation and use by Canadian organisations of modern messaging platforms, and introduce needless and costly red tape . See, Electronic Commerce Protection Regulations – Much Work Remains.
In a previous post on the submissions made to the consultations, Lorne Salzman and I summarized shortcomings identified by numerous Canadians that they asked Industry Canada to address during the regulatory process:
1. Although all parties support the goal of reducing SPAM and malware, most considered that the draft regulations fail to address the overreach inherent in CASL. Consequently, CASL plus its regulations are a disproportionate response to the acknowledged problems of SPAM and malware.
2. Although many commentators had expected that the proposed regulations would target truly offensive conduct under CASL and, as well, clarify ambiguities, thereby enabling the law to better meet the Government’s objectives, this has not occurred. The proposed regulations fail to set out worthwhile classes of exempt conduct, and they impose extra compliance costs that many businesses found troubling.
3. Under CASL and the proposed regulations, some inoffensive communications will become illegal, an overreach that will invite challenges under the freedom of speech provisions of the Canadian Charter of Rights and Freedom, with unpredictable results.
4. The proposed regulations do not remedy the concerns that CASL will hinder the start up and growth of small business.
5. The proposed regulations do not look beyond CASL’s “email-focused” model and consequently they fail to fit well with other messaging systems. As a result, CASL is not technologically neutral in its regulatory approach.
6. The proposed regulations fail to address messaging systems where SPAM is not a problem, such as Common Short Code Messaging, Opt-in Instant Messaging and similar systems, and where the additional regulation would impose costs, be impractical or impossible to comply with.
7. The proposed regulations fail to address CASL’s territorial overreach, and the consequent risk to investment and innovation in cloud computing and outsourcing in Canada.
8. The proposed regulations fail to properly clarify what is included under the definition of a CEM, thereby subjecting non-CEMs to CASL’s unsubscribe and formality requirements.
9. The proposed regulations fail to recognize the value of other, reasonable, approaches to obtaining consent to send CEMs, such as under existing PIPEDA rules.
10.The proposed regulations fail to clear the confusion in CASL between holders of message accounts and recipients of messages.
The new Electronic Commerce Protection Regulations are helpful and a major improvement over the first draft regulations. They address some key problems with CASL. However, they don’t address all of the problems and only partially address others.
According to Industry Canada the new regulations are intended to do the following:
These Regulations address the need to provide clarity and legal certainty to some key terms used in Canada’s Anti-spam Legislation in order to effectively combat spam and other related electronic threats in Canada, and to provide relief to businesses through targeted exemptions where the broad application of the Act would otherwise impede business activities that are not within the intended scope of the legislation. These Regulations also address the concerns raised during the last prepublication of proposed Regulations under CASL.
In my view, this suggested framework falls short of what is required for assessing the Industry Canada regulations. While no complete set of principles can be exhaustive, the assessment of new regulatory exceptions to CASL should take into account and balance whether with or without a particular exception:
- CASL would deter and protect consumers and businesses from the most damaging and deceptive forms of spam and malware from occurring in Canada and help drive spammers out of Canada.
- CASL would promote the efficiency and adaptability of the Canadian economy and discourage or encourage reliance on electronic means of carrying out commercial activities.
- CASL would impair or enhance the availability, reliability, efficiency and optimal use of electronic means to carry out commercial activities.
- CASL would impose additional costs on businesses and consumers.
- CASL would compromise or protect privacy and the security of confidential information.
- CASL would undermine or foster the confidence of Canadians in the use of electronic means of communication to carry out their commercial activities in Canada and abroad.
- CASL would be technologically neutral.
- CASL would disadvantage or make Canadian businesses uncompetitive in domestic or foreign markets.
- CASL’s prohibitions would comply with the values and constitutionally protected rights of commercial speech under the Charter of Rights and Freedoms and, in particular, whether the limits on commercial speech would be reasonable and justified, minimally impair the free speech right, and be proportionate to the harm that is being targeted by CASL’s prohibitions.
Regulatory changes identified by members of the public that meet these criteria are necessary. They are not loopholes. In fact, given CASL’s “ban all” impeachments on commercial speech, the Government should bear the burden of demonstrating that proposed changes to the regulations cannot be justified in light of the above criteria.
In the next blog posts, I will examine regulations proposed by Industry Canada starting with the definition of family and personal relationships.
For more information about CASL, see, CASL: the unofficial FAQ, regulatory impact statement, and compliance guideline.