The Electronic Commerce Protection Act, Bill C-27, has passed second reading in Parliament and will go to committee for review.
Views seem to differ on parts of the bill, while other parts are generally accepted.
One of the areas of contention deals with the degree of consent required to send someone an email. The Bill has an ‘opt in’ system, by which the sender needs the express or implied consent of the addressee to send a message. An existing business relationship may imply consent.
However, some people say that the Bill is so broadly drafted that it would prohibit someone from contacting a business that the person wanted to deal with, even on a business-to-business basis. For example, I look at your website and see that you offer a product that I could use in making my product. If we have no business relationship, I cannot send you an email to inquire about pricing or whatever, and I can’t send you an email to ask for consent to send you a substantive email. The Bill is not limited to messages sent in bulk.
Is that a fair interpretation of the Bill?
The Bill also prohibits downloading software into someone’s computer without their consent. While this is a useful prohibition against the installation of spyware, concerns have been expressed about its prohibition of cookies, which are very commonly installed to govern either the session during which a web site is visited, or future visits, without transmitting any personal information.
The prohibition is said to bar in practice even consent to accept software updates, because of the alleged impossibility of describing in sufficient detail the function of future updates at the time one wants to subscribe to them.
Again, is that a fair interpretation of the Bill?
The Bill gives a private right of action for violations of its provisions, or some of them — and for violations of some sections of PIPEDA on privacy. This is a fairly dramatic change from the current enforcement of PIPEDA, which depends on a review by the Privacy Commissioner and a possible court action if there is no compliance with what the Commissioner orders. The change will give to the courts, not the Commissioner, the task of evaluating the balancing of interests that is the essence of that Act. Is this a problem? Courts balance interests all the time in interpreting statutes.
Michael Geist’s column in the Toronto Star gives little weight to these business concerns (“opponents may try to sow fear within the business community”) and says the Bill’s provisions are standard fare in the rest of the world.
The McCarthy Tétrault review of the bill gives more weight to the concerns.