CRTC on CASL enforcement

Some businesses seem to be ignoring the CASL anti-spam law.  Their attitude is that it’s been months since it’s been in force, nobody’s been fined, and there have been no public enforcement actions (other than one spam bot server situation).  They are feeling safe that it’s not being enforced against typical businesses, and that the CRTC can’t possibly go after every small business.

In a recent webinar, the CRTC said they have issued a number of compliance orders under CASL.  They are not making compliance orders public, though, and they did not say how many.  They will at some time release stats on numbers of orders issued – perhaps at the end of the year.

They also said they would not always start with a gentle request to comply.  In other words, don’t think you can sit back and not comply, then react only when they knock on your door.

The gentle approach is more likely if a business has tried but not quite got it right – less likely for one that has just ignored it.  I suspect the CRTC will be eager to make some examples.

elegal blog marks 10th anniversary

November 16, 2014 marks the 10th anniversary of this blog – over 1500 posts since November 16, 2004.

To put that in perspective, twitter was launched in March 2006,  Facebook didn’t open to non-college students until September 2006, Linkedin was launched in May 2003, and Pinterest was launched in March 2010.

In 2004, you could count the number of lawyers who were blogging in Canada on one hand.  The frequency of posting has slowed over the years given the rise of other social media, but for anything of substance or of enduring value, a blog post reigns supreme.

We have changed the look of the blog a couple of times. An image of what it looked like in 2006 (courtesy of the Wayback Machine) is below.  That was a typical design at the time – before the trend to simpler, cleaner designs.

2006 image

CRTC provides guidance on CASL software provisions

The CRTC has just published their thoughts on the interpretation of section 8 of CASL that requires consents for certain types of software installations.

They also discussed them in an IT.Can webinar.  Their interpretation is helpful, and addresses some of the uncertainty around the provisions.  But some aspects are still unclear, and some of their interpretations may not be entirely supported by the wording of the act.  That may be fine so long as the CRTC is enforcing it, but a court does not have to defer to CRTC interpretation.  I suspect there will be further clarification coming at some point given some of the questions that were being asked in the webinar.

They are interpreting it with the philosophy that the provisions are to prevent the installation of software that does perhaps undesirable things if they were unexpected by the user.  More detail to come after we digest their thoughts and how they might work in practice.  Anyone in the software business should consult their counsel to find out how section 8 might apply to them.

Cross posted to Slaw.

http://harrisonpensa.com/lawyers/david-canton

Jargon

Wired magazine has a regular column called “Jargon Watch” that defines terms relevant to existing and future tech and other issues.  They are sometimes amusing, sometimes food for thought, sometimes telling of our culture.  The November issue has some definitions I thought readers might relate to, including:

Rogeting: Using a thesaurus to disguise plagiarized writing.  Such word substitution can thwart anti-plagiarism software, but the tactic becomes comically obvious when overdone, especially with contextually inappropriate synonyms.  for instance: Rogeting “legacy networks” into “bequest mazes.”

Nearable:  A smart, connected object that can share data about itself with a smartphone or computer.  Retailers will soon be creating them using sensor-laden stickers that attach to products and report on how customers react with merchandise.

If you are curious about the definitions of “card clash” and “swarmies”, check out this November Wired page.

Cross posted to Slaw

http://harrisonpensa.com/lawyers/david-canton

Internet of Things and Big Data raise big legal issues

The internet of things and big data are separate but related hot topics. As is often the case with new technology, the definitions are fluid, the potential is unclear, and they pose challenges to legal issues.  All of these will develop over time.

Take privacy, for example.  The basic concept of big data is that huge amounts of data are collected and mined for useful information.  That flies in the face of privacy principles that no more personal info than the task at hand needs should be collected, and that it shouldn’t be kept for longer than the task at hand requires.  Both of these concepts can lead to personal info being created, while privacy laws generally focus on the concept of personal info being collected.

Another legal issue is ownership of information, and who gets to control and use it.  If no one owns a selfie taken by a monkey, then who owns information created by your car?

If anyone is interested in taking a deeper dive into these legal issues, I’ve written a bit about it here and here, and here are some recent articles others have written:

The ‘Internet of Things’ – 10 Data Protection and Privacy Challenges

Big Data, Big Privacy Issues

The Internet of Things Comes with the Legal Things

CASL software provisions & CRTC interpretation

In addition to the anti spam provisions of CASL, it contains provisions against malware starting in January 2015. It imposes disclosure and consent requirements for software providers in certain situations.

Unfortunately, those provisions are perhaps more ill-advised and unclear than the anti-spam provisions.  They have the potential to make life difficult for software companies, create additional record keeping responsibilities where none are needed, and could even hurt Canadian consumers if foreign software developers simply don’t sell their products in Canada to avoid compliance.

The IT law bar is collectively scratching their heads trying to understand what the provisions mean in practice.

When I last mentioned this, the CRTC was collecting questions to help them frame their guidance on the sections.

The CRTC will reveal their interpretation thoughts in an IT.Can webinar on November 11.

Cross posted to Slaw

Android 5.0 Lollipop has arrived

Anyone who wants the latest and greatest tablet is in luck.

Google just announced the release of its new Android 5.0 Lollipop OS, and a new Nexus 9 tablet, Nexus 6 phone, and Nexus Player streaming media player.  Lollipop will be available for existing Nexus 5, 7, and 10 devices “in the coming weeks.”

If you are an Apple fan, Apple is launching new iPads and other devices tomorrow.

I think I “need” a Nexus 9.  My iPad 2 is getting a bit slow and tired, and it would be a better companion to my Nexus 5.

Cross posted to Slaw 

Randy Bachman this weekend at Orchestra London’s Red Hot Weekends

Randy Bachman (Guess Who, Bachman-Turner Overdrive) performs with Orchestra London this Friday and Saturday night in his first ever performance with an orchestra.

More info is in James Reaney’s column where he says:

A new project, Bachman’s Symphonic Overdrive has hits from The Guess Who and Bachman-Turner Overdrive such as Let it Ride, These Eyes, American Woman (Bossa Nova), You Ain’t Seen Nothing Yet, Taking Care of Business and more.

James quotes Randy as saying “It’s going to be an amazing spectacle.”

I’m looking forward to the concert.

Tickets are available from Orchestra London online or by calling the box office at (519) 679-8778.

(Disclosure – I’m on the Orchestra London Board)

October is Cyber Security Awareness Month

The goal of Cyber Security Awareness Month is to remind us to guard against cyber threats.  The Canadian Government getcybersafe website has resources to describe the risks and suggest ways to protect against things such as cyberbullying, scams and fraud.  It covers both personal and corporate risks for smartphones, social networking, online banking, online shopping, and more.  It also explains the differences between common threats such as pharming, phishing, and spoofing.

If you’ve ever wondered how many people actually fall for what appear to be blatant phishing attempts, take a look at this infographic that shows that even a very small percentage of phishing success translates into significant actual numbers.

 

Cross posted to Slaw

harrisonpensa.com/lawyers/david-canton 

 

Annual IT.CAN Conference October 20-21

The annual IT.CAN conference is in Montreal two weeks from now. I find the IT.CAN conferences are consistently high quality, and the best continuing legal education option for lawyers practicing in the tech space.  The fall conference has a good mix of practical updates and thought provoking forward looking issues. Any lawyer practicing IT law should check it out.

Details from IT.CAN:

The Eighteenth Annual Canadian Information Technology Law Association (“IT.CAN”) Conference will be held in Montreal, October 20-21, 2014. For the full conference brochure including registration details, please visit the website at www.it-can.ca or go to:  http://www.it-can.ca/wp-content/uploads/ConfBroch14.pdf

If you have any questions about the program please contact Lisa Ptack, IT.CAN Executive Director at lisa.ptack@rogers.com

ITCan