January 19-23 is the CFIB’s (Canadian Federation of Independent Business) 6th annual Red Tape Awareness Week.
During the week the CFIB will make several announcements, starting off by announcing the winner of its annual Paperweight Award, citing the most egregious example of government red tape on small businesses. My guess is that CASL will win that.
My personal view is that government does a better job of talking about reducing red tape than actually accomplishing it.
(Cross posted to Slaw.)
The Annual Consumer Electronics Show (CES) is under way in Las Vegas. Its a mecca for those into the latest and greatest and biggest and fastest and most innovative consumer tech.
For example, the latest in TV’s are 4K (4 times the resolution of HD) that are impossibly thin with tiny bezels. While the high end models are unaffordable, the improvements eventually become mainstream.
Trends include wearables (fitness still dominates) and the smart home (aka internet of things). Everything seems to be connected somehow – even teakettles. (Some might say that an internet connected teakettle belongs to the internet of stupid things :))
So what might be useful in the office? Getting around might be easier with the Rollkers “personal transit accessory” – essentially electric roller skates that attach to your shoes – or with the IO Hawk - which is a cross between a Segway and a skateboard. Or perhaps a food printer for the lunch room.
The tech press has extensive coverage of the CES – check out coverage by Shelly Palmer, CNET, Wired
Cross posted to Slaw
I recently traded in my iPad for a Nexus 9. It has made me look at the phone/tablet thing a bit differently.
When I had an Android phone and an iPad, they felt like very different devices, each with a different role. But now that my tablet and phone work the same, and seamlessly share information, they don’t seem so different anymore. For example, if I make a note on google keep, it instantly shows up on the other device.
The only real difference is the size of the screen, and that the tablet can’t make phone calls or send texts. (Actually that’s not really true as you can make free calls over WiFi using google hangouts.)
That’s why phablets are growing in popularity. For those who can put up with carrying around a larger device, they are the best of both worlds. I want a phone I can put in my pocket though, and phablets are too big for my taste.
So what we really need is a modest sized phone with a screen that appears to be several times the size of the phone. Or better still, are we that far off from a full-fledged computer the size of a smartphone with a holographic display the size of a monitor, and a virtual keyboard? Would that be a complet? – a comphone?
Cross posted to Slaw
CASL, the Canadian anti-spam act, contains provisions that take effect on January 15, 2015 that are intended to prevent malware from being installed on computers (including any device that uses software such as smartphones, cars, TV’s, routers, thermostats…). The sections require the software provider to obtain express consent from the computer user for certain installations. There are 2 different levels of consent. Both require the disclosure of specified information, and the second level requires the consent to be obtained outside of the license.
Unfortunately the CASL software consent provisions are tortuous and unclear, and if taken literally could cause huge problems for the software industry. The IT bar has been collectively scratching its heads trying to understand how to interpret the sections. The CRTC has tried to interpret them in a way that aligns with the intent of stopping people from installing malware on computers. While the CRTC interpretation may not line up with the act, we basically have to work within it for the time being. When advising clients we will have to include caveats that we can’t guarantee that a court would agree with the CRTC’s interpretation.
Because January 15 is close at hand, software providers with customers in Canada should consider whether they need to do anything to comply. Violating the act has the same huge potential consequences as violating the anti-spam provisions.
The chart below is an attempt to give an overview of the analysis that a software provider should do to determine what, if anything, they need to do. There are 2 caveats to this chart. First, the sections are technical and have their own caveats and exceptions, so you can’t rely on the chart alone. Second, it relies on the CRTC position as it stands at this moment based on statutory language that really doesn’t make a lot of sense.
download pdf CASL software chart
I’ve had some time to reflect on the CASL software provisions as interpreted by the CRTC . As I’ve said before, the CASL software consent provisions are tortuous and unclear, and if taken literally could cause huge problems for the software industry. The CRTC has tried to interpret them in a way that aligns with the intent of stopping people from installing malware on computers. While the CRTC interpretation may not line up with the act, we basically have to work within it for the time being. (Lawyers advising clients would be well served to include caveats that we can’t guarantee that a court would agree with the CRTC’s interpretation.)
Software providers should review CASL with their legal counsel to determine how they fit within this labyrinth, but here is my take from a simplified high level on how it applies to the installation of software on a device I own.
I acquire the “Sliced Bread” software by Softco. It doesn’t matter how I get it – could be an app store, download, CD, etc. I install Sliced Bread on my computer – or my phone, tablet, car, drone, thermostat, fridge, server, router, etc.
Since I’m installing it myself on my own device, CASL doesn’t apply.
BUT IF Sliced Bread does one of the things CASL deems undesirable – things like collecting personal information, changing or interfering with data / operations / control, or sending information to someone;
AND IF those things are something I’m not reasonably expecting Sliced Bread to do (this expectation issue is a huge grey area and will vary depending on what Sliced Bread does);
THEN Softco is deemed to be installing it on my device, and Softco has to obtain my express consent outside of the EULA as detailed in the act.
Cross posted to Slaw.
Some businesses seem to be ignoring the CASL anti-spam law. Their attitude is that it’s been months since it’s been in force, nobody’s been fined, and there have been no public enforcement actions (other than one spam bot server situation). They are feeling safe that it’s not being enforced against typical businesses, and that the CRTC can’t possibly go after every small business.
In a recent webinar, the CRTC said they have issued a number of compliance orders under CASL. They are not making compliance orders public, though, and they did not say how many. They will at some time release stats on numbers of orders issued – perhaps at the end of the year.
They also said they would not always start with a gentle request to comply. In other words, don’t think you can sit back and not comply, then react only when they knock on your door.
The gentle approach is more likely if a business has tried but not quite got it right – less likely for one that has just ignored it. I suspect the CRTC will be eager to make some examples.
November 16, 2014 marks the 10th anniversary of this blog – over 1500 posts since November 16, 2004.
To put that in perspective, twitter was launched in March 2006, Facebook didn’t open to non-college students until September 2006, Linkedin was launched in May 2003, and Pinterest was launched in March 2010.
In 2004, you could count the number of lawyers who were blogging in Canada on one hand. The frequency of posting has slowed over the years given the rise of other social media, but for anything of substance or of enduring value, a blog post reigns supreme.
We have changed the look of the blog a couple of times. An image of what it looked like in 2006 (courtesy of the Wayback Machine) is below. That was a typical design at the time – before the trend to simpler, cleaner designs.
The CRTC has just published their thoughts on the interpretation of section 8 of CASL that requires consents for certain types of software installations.
They also discussed them in an IT.Can webinar. Their interpretation is helpful, and addresses some of the uncertainty around the provisions. But some aspects are still unclear, and some of their interpretations may not be entirely supported by the wording of the act. That may be fine so long as the CRTC is enforcing it, but a court does not have to defer to CRTC interpretation. I suspect there will be further clarification coming at some point given some of the questions that were being asked in the webinar.
They are interpreting it with the philosophy that the provisions are to prevent the installation of software that does perhaps undesirable things if they were unexpected by the user. More detail to come after we digest their thoughts and how they might work in practice. Anyone in the software business should consult their counsel to find out how section 8 might apply to them.
Cross posted to Slaw.
Wired magazine has a regular column called “Jargon Watch” that defines terms relevant to existing and future tech and other issues. They are sometimes amusing, sometimes food for thought, sometimes telling of our culture. The November issue has some definitions I thought readers might relate to, including:
Rogeting: Using a thesaurus to disguise plagiarized writing. Such word substitution can thwart anti-plagiarism software, but the tactic becomes comically obvious when overdone, especially with contextually inappropriate synonyms. for instance: Rogeting “legacy networks” into “bequest mazes.”
Nearable: A smart, connected object that can share data about itself with a smartphone or computer. Retailers will soon be creating them using sensor-laden stickers that attach to products and report on how customers react with merchandise.
If you are curious about the definitions of “card clash” and “swarmies”, check out this November Wired page.
Cross posted to Slaw
The internet of things and big data are separate but related hot topics. As is often the case with new technology, the definitions are fluid, the potential is unclear, and they pose challenges to legal issues. All of these will develop over time.
Take privacy, for example. The basic concept of big data is that huge amounts of data are collected and mined for useful information. That flies in the face of privacy principles that no more personal info than the task at hand needs should be collected, and that it shouldn’t be kept for longer than the task at hand requires. Both of these concepts can lead to personal info being created, while privacy laws generally focus on the concept of personal info being collected.
Another legal issue is ownership of information, and who gets to control and use it. If no one owns a selfie taken by a monkey, then who owns information created by your car?
If anyone is interested in taking a deeper dive into these legal issues, I’ve written a bit about it here and here, and here are some recent articles others have written:
The ‘Internet of Things’ – 10 Data Protection and Privacy Challenges
Big Data, Big Privacy Issues
The Internet of Things Comes with the Legal Things