CRTC provides guidance on CASL software provisions

The CRTC has just published their thoughts on the interpretation of section 8 of CASL that requires consents for certain types of software installations.

They also discussed them in an IT.Can webinar.  Their interpretation is helpful, and addresses some of the uncertainty around the provisions.  But some aspects are still unclear, and some of their interpretations may not be entirely supported by the wording of the act.  That may be fine so long as the CRTC is enforcing it, but a court does not have to defer to CRTC interpretation.  I suspect there will be further clarification coming at some point given some of the questions that were being asked in the webinar.

They are interpreting it with the philosophy that the provisions are to prevent the installation of software that does perhaps undesirable things if they were unexpected by the user.  More detail to come after we digest their thoughts and how they might work in practice.  Anyone in the software business should consult their counsel to find out how section 8 might apply to them.

Cross posted to Slaw.

http://harrisonpensa.com/lawyers/david-canton

Jargon

Wired magazine has a regular column called “Jargon Watch” that defines terms relevant to existing and future tech and other issues.  They are sometimes amusing, sometimes food for thought, sometimes telling of our culture.  The November issue has some definitions I thought readers might relate to, including:

Rogeting: Using a thesaurus to disguise plagiarized writing.  Such word substitution can thwart anti-plagiarism software, but the tactic becomes comically obvious when overdone, especially with contextually inappropriate synonyms.  for instance: Rogeting “legacy networks” into “bequest mazes.”

Nearable:  A smart, connected object that can share data about itself with a smartphone or computer.  Retailers will soon be creating them using sensor-laden stickers that attach to products and report on how customers react with merchandise.

If you are curious about the definitions of “card clash” and “swarmies”, check out this November Wired page.

Cross posted to Slaw

http://harrisonpensa.com/lawyers/david-canton

CASL software provisions & CRTC interpretation

In addition to the anti spam provisions of CASL, it contains provisions against malware starting in January 2015. It imposes disclosure and consent requirements for software providers in certain situations.

Unfortunately, those provisions are perhaps more ill-advised and unclear than the anti-spam provisions.  They have the potential to make life difficult for software companies, create additional record keeping responsibilities where none are needed, and could even hurt Canadian consumers if foreign software developers simply don’t sell their products in Canada to avoid compliance.

The IT law bar is collectively scratching their heads trying to understand what the provisions mean in practice.

When I last mentioned this, the CRTC was collecting questions to help them frame their guidance on the sections.

The CRTC will reveal their interpretation thoughts in an IT.Can webinar on November 11.

Cross posted to Slaw

October is Cyber Security Awareness Month

The goal of Cyber Security Awareness Month is to remind us to guard against cyber threats.  The Canadian Government getcybersafe website has resources to describe the risks and suggest ways to protect against things such as cyberbullying, scams and fraud.  It covers both personal and corporate risks for smartphones, social networking, online banking, online shopping, and more.  It also explains the differences between common threats such as pharming, phishing, and spoofing.

If you’ve ever wondered how many people actually fall for what appear to be blatant phishing attempts, take a look at this infographic that shows that even a very small percentage of phishing success translates into significant actual numbers.

 

Cross posted to Slaw

harrisonpensa.com/lawyers/david-canton 

 

Businesses relying more on mobile – is Blackberry still in the game?

A BMO poll released today shows the unsurprising result that the business world is becoming more reliant on mobile technology.

Lawyers were early adopters of Blackberries, for which email was the killer app.  At our firm there are only a handful of lawyers still using Blackberries.  The rest of us are split between iPhones and Android.  While Windows phones are technically as good as the others, they just can’t seem to gain ground.

Passport

Blackberry has not given up, though.  It just launched a new phone called the Passport.  Blackberry has moved from touting email as its killer feature to touting productivity and security as its killer features.  The main focus is clearly on the business market.

Only time will tell whether Blackberry can claw back market share.

Cross posted to Slaw.

http://harrisonpensa.com/lawyers/david-canton

Will a smartwatch be on your wrist? 10 things to ponder.

As expected, Apple introduced its Apple Watch (not iWatch) last week with great fanfare. It is actually not a single watch, but a series of watches in 2 sizes and 3 models with various types of bands.  It will be available “early 2015″.

Of course only those with iPhones can use an Apple Watch.  Those with Android phones will use one of the options running Android Wear.

The reaction to the smartwatch phenomenon has been interesting.  Traditional watch manufacturers are being dismissive about it – which  sounds a lot like how Rim (Blackberry) dismissed the iPhone when it first came out.

Things to ponder about the smartwatch market include:

  • How many people will value the advantage of not having to pull out a phone so often that they will want a smartwatch?
  • Will those who no longer wear watches because they use their phone for the time start wearing watches again?
  • Will it hurt sales of traditional watches?
  • How many traditional watch manufacturers will sell their own smartwatch versions?
  • Will people want to spend hundreds of dollars on a watch that has a far shorter life span than a traditional watch?
  • Will style trump functionality? Smartphone physical differences are subtle – but watches come in many shapes and sizes.  There has been a lot of comment on square vs round, for example.
  • Apple announced its watch with an unusually large lead time – perhaps in part to steal the thunder of the various Android Wear watches.  Will Android Wear be updated by the time the Apple Watch comes up in ways that make it more compelling?
  • The type of phone one has will dictate the Apple watch vs Android Wear watch choice.  But will some choose or change their smartphone preference based on watch choice?
  • Will the large size of a smartwatch (some might be a challenge to put tour shirt sleeve over it, for example) be a negative?
  • How much better will smartwatches become as they mature over the next few years?

I definitely want one – I’m in the Android camp – the only issue is which one, and can I hold out long enough for 2nd gen improvements?

Cross-posted to Slaw

http://harrisonpensa.com/lawyers/david-canton

CASL software provisions

CASL – the Canadian anti-spam legislation – contains provisions that require certain disclosure and permission requirements on the installation of software that does certain things, or when software does certain things.  This aspect of CASL has been overshadowed by the anti-spam provisions, in part because the software provisions are not in effect until January 15, 2015.

Unfortunately these software provisions are not easy to comprehend or apply in practice. There is a lot of uncertainty around their interpretation.  And IMHO they are going to cause far more harm than good.  There is a real danger that some software creators will simply not offer their products in Canada to avoid the pain of complying with CASL.

Yesterday CRTC and Industry Canada representatives were at a Canadian IT Law Association teleconference to collect questions from the IT bar to help them prepare FAQ’s or guides to the CASL software provisions.  That guidance should be a big help to understanding the legislation.

Unfortunately they did not give us any hints at all on their thoughts on interpretation.  They are aiming to publish their material in November or December, which, as one participant commented, is far too late.  Compliance will be more complicated than tweaking a EULA.  Software vendors will require time to create new processes and verbiage to comply.   Then back that up through an effective lost 2 weeks over the holidays, and the time it will take to digest and advise clients on what they have to do….

Cross-posted to Slaw

http://harrisonpensa.com/lawyers/david-canton

Smartwatch week

The IFA – the European equivalent of the Las Vegas Consumer Electronic Show – starts Friday – although manufacturers have already started pre-show press conferences.   A wide range of consumer electronics and appliances will be on display.  The tech press will have extensive coverage, including CNET and engadget.

Smartwatches will be prominent.  With Google’s recent launch of its Android Wear smartwatch operating system, several new smart watches are being announced.  Some are updates of existing models, and some are new.  Examples include the Asus ZenWatch and the Sony SmartWatch 3.  Not to be outdone, Apple is expected to announce the iWatch at its own event Sept 9.

I want one – but am not quite sure yet which one. I’ll be watching the specs, prices, launch dates and reviews. Will this be the year that smartwatches take off?  Is a smartwatch in your future?

smartwatch

Cross posted to Slaw

http://harrisonpensa.com/lawyers/david-canton

If you think our red tape is bad…

We often get frustrated with seemingly unnecessary red tape and arbitrary rules – but every once in a while we run across requirements from other countries that are mind boggling.  For those who have never encountered this, it goes something like this.

A government agency or business in a country your client does business in requires a copy of a document.  If they were here, they may not need that document in the first place, but even if they do it would be a simple manner of scanning and emailing a pdf.

But no, they require a notarial copy – still simple enough.  Then they say the document needs to have a corporate seal as well.  Explaining that most Canadian companies don’t have corporate seals because they have not been required here for decades doesn’t help – its easier and cheaper to just buy a corporate seal.

But they won’t accept a notarial copy on its own, it has to be consularized, meaning the document has to go to that country’s embassy or consulate to be vetted and stamped or formalized in some way.  So you look up the process for that on the consulate web site and see that they have very specific rules about things such as what time of day they will accept documents, what ID has to be provided by the requesting person, and the need to bind the document together in a way that avoids substitution.  It may suggest methods such as sealing wax or an eyelet.  No staples allowed.  So the firm gets canvassed to see if there exists anywhere an eyelet/rivet tool that some lawyers used decades ago to fasten wills together. That fails, so you end up sending the document to a print shop to be bound.

Before the bound document goes to the consulate, it has to go to the provincial Ministry of Government Services so they can sign the document to confirm that the notary who signed it is really a notary.   Then it goes to the consulate where they add their official seal for a modest fee.

But we are still not done.  All of this is in English, so you have to send it to be translated by a certified translation agency or law firm in the country it is going to.

Then it can go to whomever requested it.

By the time this is all done, that document copy has been certified/stamped/sealed by: originating company, notary, provincial official, consulate, official translator.

The task that would have taken 5 minutes here has stretched into hours of work, various fees, and an elapsed time that might be measured in weeks.

Cross posted to Slaw

harrisonpensa.com/lawyers/david-canton

Wipe your car before you sell it

I’m in the process of buying a new car, and realized that when we get rid of a car we should think about more than just cleaning out the glove box and taking the snowbrush out of the trunk. A list of data to clear is at the end of this post.

At one time, cars stored no personal information other than the odometer reading and radio presets.

Cars are laden with computers that control and monitor things like the engine, brakes, climate control, entertainment, tire pressure, and safety features. With this comes more data, and with more data comes the temptation to save it and to use it for other things. This is becoming even more so for hybrid and electric cars.

An example is the OBD (on board diagnostics) and EDR (electronic data recorder) system. They contain useful information for the diagnosis of problems, and information for a short period (measured in seconds or minutes) for accident investigation, such as speed, seat belt use, steering angle, number of passengers, engine speed, and throttle position.

It is possible to plug devices into the OBD port to use and retain that information for displaying a dashboard on your phone, spying on your kids driving habits, or sending to your insurer for rate calculations.

Since the EDR system contains limited memory and overwrites itself quickly, there is little risk of that personal information being used after you give up your car – but if you are concerned, make your last drive a leisurely one.

Keeping in mind that it is easy to get a used car report showing owner name and address to link data on your old car back to you, here are some things you might want to do before you part with your car:

  • Delete Bluetooth pairings.
  • Delete stored phone numbers and call history.
  • Remove any CDs, DVDs, and usb keys. (It’s easy to forget a usb key, for example, plugged into a port hidden in the glove box or other compartment, and it might have more on it than just music.)
  • Delete built in garage door opener codes.
  • Clear the GPS of pre-programed destinations and route history.
  • Clear wifi hotspot settings and passwords.
  • Remove any OBD/EDR recorders you have added.
  • Cancel Onstar subscription and reporting. (I know someone who forget to cancel reporting, and continued to get monthly reports on his old car now with the new owner.)
  • Cancel or transfer satellite radio.

Cross posted to Slaw

http://harrisonpensa.com/lawyers/david-canton