Social Media – the same thing only different

Todays Slaw post:

Two articles I noticed this morning emphasize that while social media can bring its own set of legal issues, sometimes its use can have the same consequences as any other form of publication.

The first is a CBC news report that a man has been charged with criminal harassment for his tweets.  He was charged a couple of years ago for derogatory and threatening messages.  The case is now at trial.

The second is a post at about a decision regarding an employment non-competition clause.  It was alleged that the defendant had contacted customers in violation of confidentiality obligations.  The court found no liability in this instance, and mentioned in passing that “the information was all publicly available and obtained from such sources as social media websites.”  One question that raises surrounds LinkedIn connections and facebook friends.  If the employee in question, or indeed other employees, have people who work at their employer’s customers as connections, does that take away from any otherwise confidential aspect of the employer’s customer list?

CASL – Bah Humbug to holiday greetings

Today’s Slaw post:

We all receive – and many of us send – electronic holiday greetings this time of year.  They can range from a simple email to animated cards to elaborate videos.

Next December the new anti-spam law (aka CASL) will be in force.  Depending on how we send holiday greetings, what is in them, and who we send them to, CASL will act like the Grinch to classify some of them as spam, and make the sender subject to a massive fine or other remedies.

Figuring out whether a Christmas card is spam, like any other electronic message, will not be easy.  That is going to be one of the most frustrating and burdensome parts of the legislation.

If one of the purposes of the greeting is “to encourage participation in a commercial activity”, then it is spam.  The boundaries of that are not clear, but it is clear that it doesn’t take much to cross it.  I suspect many holiday greetings from law firms or business would be considered somewhat promotional and thus be considered spam.

So the first challenge will be to design messages that are not commercial.  While most corporate cards are primarily meant to offer genuine good thoughts, there is a promotional aspect to them as well.  Would, for example, our Harrison Pensa card below that links to a web page be considered commercial?

If it might be of a commercial character, then you have to look at every single person you send it to determine if they fit within one of the many exceptions.  My spam isn’t necessarily your spam.  The family and personal relationship exceptions may surprise many in the narrowness and complexity of application.  The implied consent exceptions are numerous but technical.

CASL will push many corporate holiday greetings into centrally managed databases and out of the hands of individual lawyers or employees.  So basically, one has to engage a lawyer to determine what your Christmas greeting can say, and who you can send it to.  Bah Humbug.

Anti-spam law regulations

Todays Slaw post:

I just listened to an IT.Can teleconference with Barry Sookman commenting on the final anti-spam regulations.  This post summarizes a few key issues that arose.

As you probably know, the CASL regulations are now final.  The anti-spam portions of the act come into force on July 1 2014.  This is a shorter grace period than many had expected.

Many business were waiting for these regs before figuring out how it affected them.  Unfortunately the regs did not remove most of the compliance burden.  Businesses need to start working towards compliance very soon.

The provisions that deal with permissions required for software do not apply to January 2015.

Private rights of action, including class actions, are not available until Jan 1 2017.  That is welcome, as the thought of class actions with severe potential penalties is a scary one in light of all the uncertainty over CASL’s interpretation.

A RIAS (Regulatory Impact Analysis Statement) was published to try to help with understanding CASL.  Other FAQ type stuff has been and will be published.  These will be helpful, but don’t have the force of law, and in some cases seem to be more restrictive than what CASL and the regs actually say.  Abiding by the RIAS won’t save you if a court or regulator decides to interpret the act differently, but may be helpful to show diligence.

The RIAS tries to help with the definition of CEM, for example.  There had been comments by the CRTC that said even a link in an email was enough to make it a CEM.  The RIAS tries to soften that, but doesn’t help much as while a mere link doesn’t make it a CEM, anything in it encouraging commercial activity will.

Grandfathering of existing consents under PIPEDA are only partially accepted, depending on the nature of the consent.

The exception in the regs re family and personal relationships will be important particularly for small enterprises.  The final regs actually narrowed the definition of family relationships, even though government said they were going to expand it.  Those provisions must be read carefully as the definitions are narrower than most people would think would be caught by the family and personal concepts.

Given the broad definition of CEM and the ban all approach, exceptions are crucial.

The regs include some helpful exceptions, such as those that apply to:

  • B to B communications for existing business relationships.
  • Exclusion of certain messaging systems
  • Messages over certain ecommerce portals
  • Some situations where recipients are in foreign states

The software permission parts don’t come into effect for a year, but the concern is that the CASL effect on software is wide ranging and applies not only to typical computer software, but also to any software that is on any device – ranging from thermostats to appliances to cars.  There will be huge problems complying with those for many reasons. And they are far beyond anything required in any other country.

Anti-spam act (aka CASL) in force July 1, 2014

Todays Slaw post: The latest word is that Canada’s anti-spam legislation will be in force on July 1, 2014, with the software provisions coming into force in January 2015.  The final regulations will be published in the Canada Gazette on December 18. More information about the law can be found in previous articles here. Proponents of the law feel that it is going to have a substantial effect on the fight against spam.  But as I have said before, my personal view is that the legislation as drafted is ill-conceived and will be a compliance nightmare for businesses and charities. Stay tuned as we digest the regulations after they are published.

Encrypt the Web

Todays Slaw post

It will be no surprise to anyone that one of the reactions to the NSA/Snowden revelations would be attempts to evade spying.  Many organizations have looked at their systems to determine where the vulnerable weak points are.  For example, even if certain internet communications are encrypted, there may be points along the chain where it becomes unencrypted and vulnerable.

This article talks about efforts by Microsoft and others to encrypt more than they have before. Those interested in this topic can learn more by following Bruce Schneier and the EFF.

The EFF, for example, recently published a chart that shows what some providers are doing, and explains the best practices behind it.crypto-survey-graphic


Global Entrepreneurship Week

Today’s Slaw post:

The Canadian Mentorship Challenge is on this week as part of Global Entrepreneurship week.  The challenge is for local organizations to mentor 10,000 entrepreneurs this week.

Here in London I spent some time yesterday at Hacker Studios talking to some people with budding business ideas.  In addition to legal mentoring, advice is available on topics including accounting, sales, business planning, marketing, and human resources.

There are several groups in London that support an entrepreneur culture.  What do other communities do?

A portion of my practice deals with startups and small business in the tech sector.  To be frank, some of the business plans and entrepreneurs are destined for failure for many reasons.  But many have interesting and cutting edge ideas with great potential.  Helping these entrepreneurs can put legal needs in perspective, as you have to focus on what they really need in practice, and when – rather than from a theoretical cover every legal risk approach.

Employment of recent graduates

Today’s Slaw post:

London’s Emerging Leaders organization just released survey results about attitudes of younger workers resulting from lack of employment opportunities.  The unemployment rate amongst recent graduates is higher than the general unemployment rate, and I suspect many who are employed are under employed.

Are employers partly to blame for this?  One of the problems cited by the Emerging Leaders executive director is the typical requirement of “3 to 5 years experience“.  Employers surveyed ranked ambition and attitude ahead of qualifications as the top factor in hiring a candidate.  But how would an employer ever know that a job candidate had ambition and the right attitude if they don’t interview a recent graduate because they don’t have 3 years experience?  I also suspect employers only consider post-grad work as experience, when may current grads have a significant amount of quality volunteer experience while in school.

Dress your business for success

Todays Slaw post.

Every once in a while you come across a lawyer or other professional who has such a bad presence that you question whether they are real or competent.  It is often because they do some basic image affecting things horribly wrong.

Here are a few things needed to leave a good impression, are often done wrong, and yet cost little or nothing to do right:

  • Have a web site.  It doesn’t have to be fancy, but needs to include basic info like what you do, where you are, and how to contact you.  It also needs to look professional. Blog platforms like wordpress make this easy to do.
  • Don’t use a generic email address ( [your name], or [your name], …).  Get a relevant domain name for your website and use it for your email address as well.
  • Have a proper letterhead with your snail mail address, email address, and phone number.  Yes, we still need letterhead, even if we only email letters as pdfs. Word processing platforms include templates that make this easy.
  • Use a professional consistent email signature line.  I don’t mean a long winded disclaimer of dubious effect – just basic name, contact info, and web site address.
  • Create a LinkedIn profile.
  • Word processors have built in spelling and grammar checkers.  Use them.

Top 5 Conference Tips

Today’s Slaw Post:

I attended the Canadian IT Law Association annual conference last week.  It is IMHO consistently the best continuing ed program for IT law. Some general conference observations:

  1. Pay attention to speakers even if they are covering topics you are familiar with.  No matter how well you know the topic, something new / useful will come up.
  2. Conference materials in the cloud are the way to go.  Much more convenient than on physical media.
  3. Hotel / conference centre AV equipment won’t always display your presentation the same as on your work computer, especially if it includes animation or video.  It’s a good idea to bring the presentation and any separate video files on a jumpdrive, and test it out before the session just in case it needs to be tweaked.
  4. Conference room wifi can be mystifying and inconsistent.  Why bother password protecting wifi on conference floors?
  5. Hotel room wifi may require a leap of faith and an ad hoc legal analysis (promissory estoppel, ostensible authority, parol evidence rule, burden of proof…) when you are told at the check-in counter “Just accept the agreement to pay [insert outrageous daily rate here] for wifi in your room – we won’t actually charge you for it.”

It’s about time

Today’s Slaw post

Lawyers tend to think of time in units of .1 hour.

But that is eons compared to some other time measurements.

If you are having trouble getting your head around the concept and speed of quantum computing that Simon wrote about yesterday, consider time metrics for tech we currently have.

Peter Higgs and Francois Englert recently won the Nobel Prize for physics for predicting the existence of the Higgs boson particle that explains how elementary matter attained the mass to form stars and planets.  The actual existence of the Higgs boson was confirmed at the Large Hadron Collider at CERN in Switzerland – a significant achievement on many levels, including the fact that the Higgs boson only has a life in the accelerator of about 1.6×10^−22 or  0.00000000000000000000016 seconds.

Even everyday electronics work in amazingly small increments of time.

Current computer chips run at speeds of up to about 4 Ghz, meaning that they perform 4×10^9 or 4000000000 processing cycles per second – and that’s for each of the multiple cores they have.

GPS relies on satellites keeping time to an accuracy of about 14 nanoseconds or  1.4×10^-8 or 0.000000014 seconds. To put that in perspective, light travels about one foot in a nanosecond.