Feed aggregator

CRTC Report Confirms Yet Again: Canadian Wireless Prices Among Most Expensive in G7

Michael Geist - Tue, 07/15/2014 - 06:28

The Canadian Radio-television and Telecommunications Commission yesterday released the latest Wall Communications Report comparing prices for wireline, wireless, and Internet services in Canada and with foreign countries. While some initial reports focused on the increased wireless pricing for light wireless users (150 minutes per month with no data or texting) that was attributed to the shift from three-year contracts to two-year contracts, the bigger story is that Canadian wireless pricing is ranked among the three most expensive countries in the G7 in every tier.

The report measures four different baskets of users and for every usage Canada is one of the three most expensive countries in the survey (other countries include the US, UK, France, Australia, Japan, Germany, and Italy).

Summary of International Price Comparison 2014, Wall Communications Inc. http://www.crtc.gc.ca/eng/publications/reports/rp140714.htm

As the chart demonstrates, Canada is the most expensive among all countries for Level 1, third most expensive for Levels 2 and 3, and second most expensive for Level 4.

The initial reports focused on the Level 1 data, noting that high prices may be the result of the new wireless code that limits contracts to two years. However, Level 1 is an increasingly small part of the market since fewer and fewer consumers use phones for a small amount voice only with no data or texting (and those that do are more likely to use one of the cheaper new entrants). Indeed, Level 1 likely excludes all smartphone users as the plan offers only 5 minutes of talk per day with no data and no texting. It therefore has little to do with amortizing the cost of expensive devices such as the iPhone. Moreover, the increase in pricing for this service actually demonstrates again why the market is uncompetitive, since two-year contracts or less are standard in most other parts of the world, yet the Canadian pricing is the highest in the category.

Last week, I wrote about the sorry state of wireless competition in Canada, noting that Bell, Telus, and Rogers all recently confirmed that they are reducing promotional activity and exercising greater “price discipline”. This latest report provides further confirmation that Canadian wireless prices remain high by global standards and unless the new competitive measures succeed, the incumbents have no intention of changing that any time soon.

The post CRTC Report Confirms Yet Again: Canadian Wireless Prices Among Most Expensive in G7 appeared first on Michael Geist.

Canadians That Access U.S. Netflix May Be in a Legal Grey Zone, But They Are Not Stealing

Michael Geist - Mon, 07/14/2014 - 07:38

Netflix is enormously popular in Canada with millions using the online video service. While the Canadian version of Netflix has improved the scope of available titles since it launched, there are still differences with the U.S. service, leading some subscribers to use virtual private networks to mask their address and access U.S. Netflix. Are those subscribers “stealing” something? The Globe and Mail’s Simon Houpt apparently thinks so.

This weekend he wrote a column titled Even the Content Creators are Stealing Content, which focused on content creators who unapologetically download television shows or use virtual private networks to access U.S. Netflix from Canada. Accessing the U.S. Netflix service is common in many countries including Canada (see stories on Australia, New Zealand, and the U.K.). Houpt argues that accessing the U.S. Netflix from Canada deprives creators of their fair share of earnings and make the creation of future shows less likely:

Paying for the Canadian service means your money goes to whoever holds the Canadian rights for the shows on Netflix. If you’re watching the U.S. service, the rights holders – that is, those who pay the creators to make the shows you’re actually watching – aren’t getting their fair share. That means they’re less likely to help get the next round of shows or movies green-lighted, making it harder for artists to get their projects off the ground.

Yet while the legal issues associated with accessing U.S. Netflix may be in a legal grey zone, the argument that creators are not paid seems wrong.

First, Netflix spends billions each year licensing content in bulk so that it can be viewed an unlimited number of times. Unlike songs played on a radio or television programs aired in syndication, the Netflix model does not pay based on views or the number of times aired. The company notes:

Our licensing is all time-based, so that we might pay, for example, $200,000 for a 4 year exclusive subscription video-on-demand (SVOD) license for a given title. At the time of renewal, we evaluate how much the title has been viewed as well as member rating feedback to determine how much we are willing to pay. How many similar titles we have is also a consideration.

In other words, there are no additional payments to rights holders regardless of how many times a title is viewed during the licence period. In fact, a Canadian viewing a title on the U.S. Netflix would simply add to the number of views and potentially increase Netflix’s willingness to pay when the licence expires.

Second, many of Netflix’s most popular titles (House of Cards, Orange is the New Black) are licensed worldwide and which geographic service is used to access the title is irrelevant. There is growing overlap between the two services (popular shows such as Breaking Bad and Lost are similarly available on both services), so whether the U.S. or Canadian service is used, much of the content is the same.

Third, neither Netflix nor rights holders seem particularly troubled by the practice. Netflix is well aware of the practice of accessing the U.S. service, but has not taken steps to stop it (other than the inclusion of provision on access and geography in its terms of use). If rights holders were seriously concerned with the practice, they would presumably pressure the company to crack down or refuse to licence their works. To date, I can find no reports of that happening. There are some Canadian groups concerned with respect for geographic licensing, but no reports of the rights holders whose work actually appears on Netflix publicly objecting or refusing to licence on those grounds. By comparison, Hulu has attempted to block non-U.S. users from using VPNs.

It is possible that there are rights holders that have licensed their shows to Netflix in the U.S. and to different companies in Canada (where they also license to Netflix in Canada there is no difference in which service is used to view the show). In such circumstances, it can be argued that accessing the show through the U.S. Netflix would deprive the Canadian licensee of an opportunity to commercialize their licence (though Canada is without an obvious competitive alternative). Yet those instances involve questions of which intermediary is paid, not whether the rights holder that created the original work is compensated.

If Houpt’s concern is that rights holders get their fair share so that new projects can get off the ground, what matters is not which intermediary is paid, but rather whether the viewer is ultimately paying for access to the program so that the creator is paid. The availability of Netflix has reportedly been linked to a decrease in unauthorized, unpaid access by Canadians, suggesting that more people are paying for content. The characterization of copyright infringement as “stealing” often seems inappropriate given that theft involves the loss of the object, which does not occur with an extra copy or viewing. Even if the term is expanded to include a loss of revenue for the creator, that still does not apply in this case. Accessing U.S. Netflix may sit in a legal grey zone, but the concerns associated with ensuring that the original creators or rights holders are paid by those that view their content seems unfounded.

The post Canadians That Access U.S. Netflix May Be in a Legal Grey Zone, But They Are Not Stealing appeared first on Michael Geist.

In Defence of Canada’s Anti-Spam Law, Part Two: Why the Legislation Is Really a Consumer Protection and Privacy Law in Disguise

Michael Geist - Thu, 07/10/2014 - 06:42

My first post defending Canada’s anti-spam law focused on why spam remains a problem and how the new law may help combat fraudulent spam and target Canadian-based spamming organization. Most would agree that these are legitimate goals, but critics of the law will argue that it still goes too far since it covers all commercial electronic messages, not just fraudulent or harmful messages.

If the law were only designed to deal with harmful spam, they would be right. However, the law was always envisioned as something more than just an anti-spam bill. Indeed, when it was first introduced, it was called the Electronic Commerce Protection Act, reflecting the fact that it was expressly designed to address online consumer protection issues (the name CASL was an unofficial working name developed within Industry Canada). The law has at least three goals: provide Canada with tough anti-spam rules, require software companies to better inform consumers about their programs before installation, and update Canadian privacy standards by re-allocating who bears the cost for the use of personal information in the digital environment.

The need for tough anti-spam rules were discussed in my first post. The software installation provisions have yet to attract much attention since they do not take effect until 2015. Once they do, Canadian law will require companies to provide clear and prominent descriptions of the functionality of the software and to obtain express consent before installation. Business groups lobbied for significant changes to the rules, but the government and the CRTC refused to water down the requirements. The new rules are straight-forward consumer protection measures designed to enhance disclosure and require full consent before software programs are installed on users’ computers.

The third – and currently most controversial – aspect of the law is the update to Canadian privacy standards on consent for emails from legitimate businesses. Before CASL, most of the costs of commercial electronic messages were borne by consumers. With weak “implied consent” standards (as evidenced by the many unexpected opt-in emails Canadians received from organizations that harvested email addresses in a myriad of ways with little real awareness or consent from consumers), businesses sent messages safe in the knowledge that consumers would bear virtually all the costs. These include downloading the messages (particularly for mobile downloads where data still counts), higher ISP fees to account for filtering software and equipment costs, time spent reading the email, and the time to respond, delete or opt-out. Given those costs, organizations knew that relatively few would incur the cost (in the form of time) to opt-out.

Businesses unsurprisingly argue that this is a good approach, noting that the cost for any single opt-out is relatively trivial. Yet for consumers, the cumulative effect of hundreds or thousands of emails from different organizations adds up to a non-trivial cost. Multiplied by millions of consumers who each face the same thing and the off-loaded cost on consumers becomes significant. Moreover, from a privacy perspective, this leads to a weakened approach to consent under which privacy and consent start to mean very little. If anything is “ludicrous” or “absurd”, it is the notion that a simple inquiry should grant a business the right to burden the consumer with additional costs by marketing to them in perpetuity using their personal information unless the consumer pro-actively demands that it stop.

The new Canadian law re-calibrates this approach by giving consumers greater control over the costs they bear from commercial email. By shifting to an opt-in approach, the costs associated with receiving and dealing with email better reflects consumer choice since consumers only incur the costs for those commercial emails for which they have expressly provided consent. It is worth noting that the allocation of costs is also reflected in many (though not all) of the exceptions in the law. For example, product recalls and safety warnings are exempt from the consent requirements, reflecting the benefit to consumers, who bear the costs of receipt. Similarly, business-to-business email is generally exempted as a cost of doing business.

The debate over where to strike this privacy balance is an old one. For example, in 1991, the U.S. passed the Telephone Consumer Protection Act. The TCPA included a ban on sending unsolicited commercial faxes without prior express consent. Business groups objected to the TCPA, using many of the same arguments raised with CASL. In fact, a constitutional challenge on the ban was launched, but failed. A review of the Congressional thinking behind the bill notes:

It simply was not fair to require consumers to swallow the costs – paper, ink, wear-and-tear on the machine – of automatically-received, unwanted faxes promising great hotel deals or special car wash discounts. Congress reasoned that the consumer protection rights of the fax recipient – who must unfairly waste time waiting while a machine receives and prints out an unwanted transmission, all at the recipient’s cost – trumped any commercial speech rights of the marketers.

Faxes are not the same as email, but the reasoning is the same. There is a cost to consumers for the receipt of commercial email from legitimate businesses. For over a decade, businesses have effectively off-loaded those costs. CASL seeks to create a more equitable balance, leading to support from many Canadians but opposition from business.

In fact, the same balancing debate occurred with the creation of Canada’s do-not-call list. Marketers warned about the negative impact on many businesses, but the government noted that consumers faced the brunt of the cost for telemarketing calls in the form of time and interruption of privacy in the home. The result was a more balanced approach with an expanded opt-out system that requires all marketers to consult the do-not-call list before engaging in telemarketing.

With respect to commercial email, the policy rationale is similar: since an opt-out do-not-spam list is not viable, the best way to address the cost imbalance on commercial email is to relieve consumers of some of the costs by granting them the right to opt-in to emails, rather than opt-out.

As for the business costs of compliance, business was already required to maintain lists and respect opt-outs. Much of the additional compliance costs stem from either seeking an opt-in or the complexity of relying upon exceptions. In the case of seeking opt-ins, businesses could have obtained an opt-in the first place, but chose not to do so. Moreover, businesses have been given a three-year transition period to address the requirement (note that if the law was only concerned with fraudulent spam, there would be no need for a three year transition). As for the compliance costs from relying upon exceptions, it seems reasonable that there may be some costs for those businesses that would prefer to avoid obtaining express consent.

Some may still disagree with the policy rationale or the privacy balance struck by CASL. However, what should be obvious to all is that the law is about far more than just harmful spam. The application to legitimate businesses is not an unintended consequence but rather a well-considered policy decision to update Canadian privacy standards by more fairly apportioning the costs associated with the use of personal information.

 

The post In Defence of Canada’s Anti-Spam Law, Part Two: Why the Legislation Is Really a Consumer Protection and Privacy Law in Disguise appeared first on Michael Geist.

In Defence of Canada’s Anti-Spam Law, Part One: Why Spam is Still a Problem and the New Law Will Help

Michael Geist - Wed, 07/09/2014 - 06:08

Canada’s anti-spam legislation took effect at the beginning of the month, sparking a steady stream of critical opinion pieces calling it everything from an absurd solution to a mostly non-problem to “ludicrous regulatory overkill.” The criticisms generally boil down to three claims: spam isn’t a big problem, the law is ineffective because most spam originates outside Canada, and the law is overbroad because it targets legitimate businesses alongside fraudulent spammers. I think all three criticisms are wrong. This post addresses why spam is still a problem and how the law will help. A second post tomorrow tackles the broad scope of the law, arguing that it is better understood as privacy legislation that fairly apportions the costs associated with electronic marketing.

Spam is Still a Problem

As spam filters have improved, many apparently no longer see spam as a significant problem. Yet the data confirms that there is still an enormous amount of spam that comes at real cost. Recent estimates indicate that there are roughly 80 billion spam messages sent daily, meaning that spam represents more than 70% of all email traffic. While there are varying estimates on the economic cost of spam, a 2012 study by Rao and Reiley conservatively placed the cost at roughly $20 billion per year. Given that spammers bear little of the cost of their marketing and earn only a fraction of the costs back in revenue, the authors estimate that the cost of spam to consumers outweigh the social benefits by an order of 100 to 1.

The cost of spam extends far beyond the expense associated with filtering it, transferring it, downloading it, and deleting it. There are additional costs that extend to all businesses, since spam undermines consumer confidence in electronic commercial messages more generally, making them less likely to be opened, believed or acted upon. Spam filtering has become a necessity, but an unwanted effect is that it decreases the reliability of email, since false positives invariably lead to some legitimate messages ending up in the junk folder (which require users to spend time reviewing the spam or simply accept that some messages will not get reach their intended destination).

Further, fraudulent spam results in real harm, leading to actual consumer losses (studies indicate that billions are lost each year just from 419 scams). Despite all harms, until last week, Canada was one of the only major economies in the world without anti-spam legislation. In fact, the new Canadian law identifies 118 other countries with spam laws that address similar conduct.

The Effectiveness of the Law

Critics argue that since the majority of spam originates outside the country, the Canadian anti-spam law will be ineffective in curtailing spam that reaches Canadian in-boxes. It is certainly true that the law will not eliminate all spam. No law alone does and no one has ever credibly suggested otherwise. However, most analysis – including the 2005 National Task Force Report on Spam that had marketing and business representatives and unanimously recommended opt-in anti-spam legislation – has concluded that law is an integral part of the solution.

The notion that Canada can do little to address global spam so it should not bother with domestic anti-spam laws sounds oddly reminiscent of global warming critics, who similarly argue that Canada is responsible for a small fraction of greenhouse gases and therefore any Canadian emissions limitations will not have a significant impact on a global problem. Yet most now accept that everyone must do their part to preserve the real-space environment and the same is true for the online environment.

In fact, Canada’s role in global spam is larger than most might think. The Register of Known Spam Operations is a database of the world’s largest spamming organizations, identifying just over 100 groups responsible for 80% of all spam worldwide. The list currently identifies seven organizations based in Canada, making us the third largest home of spamming organizations in the world, behind only the United States and Russia. It is unclear why spamming organizations have chosen to establish themselves in Canada, though the longstanding absence of any anti-spam law may have been partly to blame.

What makes the list particularly remarkable is that we know where the organizations are (others such as Montreal’s Adam Guerbuez – who faced an $873 million judgement for spamming on Facebook – actively blog and promote themselves), yet have not had the legal tools to do much about it. In fact, organizations such as MAAWG, which brings together the global anti-spam and anti-spyware industry, has been supportive of the legislation specifically because it will allow for improved information sharing and global enforcement activities.

The effectiveness of the CRTC’s enforcement of the law remains to be seen, however, the experience elsewhere suggests that laws with tough penalties can reduce domestic-originating spam. Taking action against Canadian-based spammers would be a good start, but it only scratches the surface of the broader impact of the law. Beyond targeting the most harmful spam, the new law is fundamentally privacy legislation that seeks to recalibrate who bears the costs associated with the use of personal information in the digital environment. More on the privacy side of the law in a post tomorrow.

The post In Defence of Canada’s Anti-Spam Law, Part One: Why Spam is Still a Problem and the New Law Will Help appeared first on Michael Geist.

Why the Latest Canadian Wireless Policy Move is More Shakeup Than Shakedown

Michael Geist - Tue, 07/08/2014 - 04:34

Industry Minister James Moore announced new spectrum policy measures yesterday designed to help foster the creation of a viable fourth national wireless competitor. The policy features an accelerated timeline for another spectrum auction (AWS-3) and a significant set-aside of spectrum for new entrants such as Wind Mobile. When combined with the government’s policies on domestic roaming, tower sharing, and foreign investment, it is clear that it intends to continue to use the policy levers at its disposal to encourage greater wireless competition. For this, the government deserves kudos, as its emphasis on fostering greater competition is the right thing to do.

While the announcement generated criticism from the usual suspects who want Canadians to believe that the market is already competitive (or incredibly might somehow become more competitive if it shrunk down further to two competitors), it is worth revisiting the Competition Bureau’s analysis of the wireless market. Earlier this year, Canada’s independent agency responsible for competition in the marketplace concluded that the Big 3 enjoy “market power”, which it defines as “the ability of a firm or firms to profitably maintain prices above competitive levels (or similarly restrict non-price dimensions of competition) for a significant period of time.” In fact, the Bureau commissioned its own study of the market on domestic roaming and found that a more competitive market would deliver approximately $1 billion in benefits to the Canadian economy.

As if on cue, the Big 3′s most recent quarterly investor calls confirmed that they face little pricing pressure.

Rogers started the confirmation in its April investor call, noting that “we have reduced the amount of promotional activity” in response to a question about “price discipline.” Bell followed in its May call, noting that increased wireless service revenue came in part from the expiry of promotional pricing. Further, CEO George Cope emphasized “the discipline in our pricing in the marketplace.” Not to be outdone, Telus also indicated on its call  that even when “there are all kinds of aggressive promotions in the market, it allows us to stand back from the frame a little bit and be a little more sanguine.”

Those messages are invariably well received by the analyst community for whom “pricing discipline” means increased revenues. For consumers, however, they send the signal that the already high Canadian wireless prices are not coming down anytime soon. Canadians judging the government’s policy reforms on wireless therefore face an actual choice: they can either believe pundits who now claim that less competition will result in better pricing or they can listen to the Competition Bureau and the Big 3 themselves, who insist that they plan to maintain “pricing discipline” for wireless services. If you take them at their word, it is wireless consumers who are often left feeling that they have been the target of shakedown and hoping that government policies might provide a much-needed shake-up of the Canadian wireless market.

The post Why the Latest Canadian Wireless Policy Move is More Shakeup Than Shakedown appeared first on Michael Geist.

Why The Secrecy on the TPP Talks in Ottawa This Week? Because There is Something to Hide

Michael Geist - Mon, 07/07/2014 - 07:00

Trade agreements have emerged in recent years as one of the federal government’s most frequently touted accomplishments. Having concluded (or nearly concluded) free trade deals with the likes of the European Union and South Korea, senior government ministers such as International Trade Minister Ed Fast and Industry Minister James Moore have held dozens of events and press conferences across the country promoting the trade agenda.

The next major agreement on the government’s docket is the Trans Pacific Partnership, a massive proposed trade deal that includes the United States, Australia, Mexico, Malaysia, Singapore, New Zealand, Vietnam, Japan, Peru, and Chile. While other trade talks occupy a prominent place in the government’s promotional plans, the TPP remains largely hidden from view. Indeed, most Canadians would be surprised to learn that Canada is hosting the latest round of TPP negotiations this week in Ottawa.

My weekly technology law column (Toronto Star version, homepage version) argues the secrecy associated with the TPP – the draft text of the treaty has still not been formally released, the precise location of the Ottawa negotiations has not been disclosed, and even the existence of talks was only confirmed after media leaks – suggests that the Canadian government has something to hide when it comes to the TPP.

Since this is the first major TPP negotiation round to be held in Canada, there was an opportunity to build public support for the agreement. Yet instead, the Canadian government approach stands as one of the most secretive in TPP history. Why the secrecy?

The answer may lie in the substance of the proposed agreement, which leaked documents indicate often stands in stark contrast to current Canadian policy. The agricultural provision may attract the lion share of TPP attention, but it is the digital issues that are particularly problematic from a Canadian perspective.

For example, late last month the government announced that new copyright rules associated with Internet providers would take effect starting in 2015. The Canadian system, referred to as a “notice-and-notice” approach, is widely viewed as among the most balanced in the world, providing rights holders with the ability to raise concerns about alleged infringements, while simultaneously safeguarding the privacy and free speech rights of users.

The government rightly described its approach as a “made in Canada” solution. However, according to leaked text from drafts of the TPP, the U.S. is demanding that Canada abandon notice-and-notice in favour of rules that could lead to terminating subscriber access, content blocking, and even monitoring of online activities.

The same is also true for the term of copyright protection. Canadian law currently provides protection for the life of the author plus an additional 50 years. That meets the international standard, yet the U.S. wants all TPP countries to extend the term to life plus 70 years, effectively keeping works out of the public domain for decades.

The TPP could also lead to significant changes to Canadian patent law by altering the standard of utility under Canadian law, expanding protections to plants and animals with few safeguards, and extending the term of patents in a manner that would keep cheaper generic drugs off the market. The net effect could be to sharply increase health care costs.

The digital concerns are not limited to intellectual property. The TPP also contains privacy-related provisions, including potential restrictions on local server requirements designed to ensure that Canadian personal information is hosted within Canada. A ban on such requirements would place Canadian data at risk and run counter to the government’s own policies on the storage of its email data.

The Canadian desire to maintain current policies becomes more apparent when the TPP is contrasted with the Canada – South Korea free trade agreement. That agreement permits the use of the notice-and-notice system and contains no reforms to copyright term, key patent issues, or privacy protections. The TPP may ultimately require major changes, however, which helps explain why the government would prefer that Canadians pay no attention to the secret negotiations taking place this week a few blocks from Parliament Hill.

The post Why The Secrecy on the TPP Talks in Ottawa This Week? Because There is Something to Hide appeared first on Michael Geist.

Why the Secrecy on Canada’s TPP Talks? Because There is Something to Hide

Michael Geist - Mon, 07/07/2014 - 06:40

Appeared in the Toronto Star on July 5, 2014 as Why the Secrecy on Canadian Trade Talks?  Because There’s Something to Hide

Trade agreements have emerged in recent years as one of the federal government’s most frequently touted accomplishments. Having concluded (or nearly concluded) free trade deals with the likes of the European Union and South Korea, senior government ministers such as International Trade Minister Ed Fast and Industry Minister James Moore have held dozens of events and press conferences across the country promoting the trade agenda.

The next major agreement on the government’s docket is the Trans Pacific Partnership, a massive proposed trade deal that includes the United States, Australia, Mexico, Malaysia, Singapore, New Zealand, Vietnam, Japan, Peru, and Chile. While other trade talks occupy a prominent place in the government’s promotional plans, the TPP remains largely hidden from view. Indeed, most Canadians would be surprised to learn that Canada is hosting the latest round of TPP negotiations this week in Ottawa.

The secrecy associated with the TPP – the draft text of the treaty has still not been formally released, the precise location of the Ottawa negotiations has not been disclosed, and even the existence of talks was only confirmed after media leaks – suggests that the Canadian government has something to hide when it comes to the TPP.

Since this is the first major TPP negotiation round to be held in Canada, there was an opportunity to build public support for the agreement. Yet instead, the Canadian government approach stands as one of the most secretive in TPP history. Why the secrecy?

The answer may lie in the substance of the proposed agreement, which leaked documents indicate often stands in stark contrast to current Canadian policy. The agricultural provision may attract the lion share of TPP attention, but it is the digital issues that are particularly problematic from a Canadian perspective.

For example, late last month the government announced that new copyright rules associated with Internet providers would take effect starting in 2015. The Canadian system, referred to as a “notice-and-notice” approach, is widely viewed as among the most balanced in the world, providing rights holders with the ability to raise concerns about alleged infringements, while simultaneously safeguarding the privacy and free speech rights of users.

The government rightly described its approach as a “made in Canada” solution. However, according to leaked text from drafts of the TPP, the U.S. is demanding that Canada abandon notice-and-notice in favour of rules that could lead to terminating subscriber access, content blocking, and even monitoring of online activities.

The same is also true for the term of copyright protection. Canadian law currently provides protection for the life of the author plus an additional 50 years. That meets the international standard, yet the U.S. wants all TPP countries to extend the term to life plus 70 years, effectively keeping works out of the public domain for decades.

The TPP could also lead to significant changes to Canadian patent law by altering the standard of utility under Canadian law, expanding protections to plants and animals with few safeguards, and extending the term of patents in a manner that would keep cheaper generic drugs off the market. The net effect could be to sharply increase health care costs.

The digital concerns are not limited to intellectual property. The TPP also contains privacy-related provisions, including potential restrictions on local server requirements designed to ensure that Canadian personal information is hosted within Canada. A ban on such requirements would place Canadian data at risk and run counter to the government’s own policies on the storage of its email data.

The Canadian desire to maintain current policies becomes more apparent when the TPP is contrasted with the Canada – South Korea free trade agreement. That agreement permits the use of the notice-and-notice system and contains no reforms to copyright term, key patent issues, or privacy protections. The TPP may ultimately require major changes, however, which helps explain why the government would prefer that Canadians pay no attention to the secret negotiations taking place this week a few blocks from Parliament Hill.

Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.

The post Why the Secrecy on Canada’s TPP Talks? Because There is Something to Hide appeared first on Michael Geist.

Enforcing CASL: How To Report Spam Violations

Michael Geist - Fri, 07/04/2014 - 04:39

With Canada’s anti-spam law now in effect, many are starting to ask about enforcement of the law. While no one should expect the law to eliminate spam, the goal much more modest: target the bad actors based in Canada and change the privacy culture by making opt-in consent the expected standard for consumer consents. The CRTC, the lead regulatory agency, has made it clear that the fear-mongering of million dollar penalties for inadvertent violations is not going to happen. Chair Jean-Pierre Blais recently stated:

punishment is not our goal. We are not going to go after every indie rock band that’s trying to sell a new release to its fans. We have much bigger fish to fry. The CRTC will focus on the most severe types of violations. This means you may still receive the occasional spam message after July 1st. Our principal targets are abusive spammers and interlopers involved in botnets and, come January, malware and malicious URLs. Our responses to complaints will range from written warnings up to financial penalties or court actions. Our objective is to secure compliance and prevent recidivism. I believe the best enforcement approach should be determined by the facts surrounding each particular case.

How will the CRTC identify abusive spammers? The government has established a Spam Reporting Centre that is currently accepting reports of commercial electronic messages sent without consent or with false or misleading content. Initial reports indicate that hundreds of complaints have been filed daily. The Centre clearly states that it will not investigate all submissions, but rather use the information to identify enforcement targets. The information will be retained for at least three years (or up to ten years if the subject of an investigation). Canadians can use a web-based form to file their report or simply forward their spam email directly to spam@fightspam.gc.ca.

The post Enforcing CASL: How To Report Spam Violations appeared first on Michael Geist.

The Benefits of Consent

Michael Geist - Thu, 07/03/2014 - 06:08

Commercial email did not grind to a halt the day after Canada’s anti-spam legislation took effect and neither did the coverage about the law’s impact (I appeared on CBC’s The Current to debate the issue). Coverage included Microsoft backtracking from its earlier decision to stop security update emails, apparently taking the time to actually read the legislation and find the exception for security notification. There was also a CBC story about the Canadian Avalanche Centre, which stopped an email service after hundred of customization options became “too much of a hassle to maintain”, but the CBC used the timing to link the decision to CASL.

But what really caught my attention was this tweet from Jason Faber, the marketing manager at BoldRadius.

BoldRadius is one of those SMEs that is supposed to be having problems with CASL, despite legal obligations to obtain consents and meet other requirements that have been in effect since 2004. Yet Faber’s initial experience is precisely what one might expect: as companies shift to opt-in lists with customers who explicitly consent to receive messages, they are more likely to open the emails and to click on the links. I asked Faber about the experience to date and he indicated that the company’s list has unsurprisingly slimmed down, but that it is much more qualified, will grow back over time, and offers a more engaged audience, which he prefers. A useful reminder that successful email marketing and opt-in consent are not incompatible. Indeed, opt-in is the standard in most countries around the world and was the unanimous recommendation of the Canadian National Task Force on Spam that included representatives from the marketing community.

The post The Benefits of Consent appeared first on Michael Geist.

Welcome to the New MichaelGeist.ca

Michael Geist - Wed, 07/02/2014 - 10:03

Welcome to the new look MichaelGeist.ca. Months in the making, the site is new in just about every way: a new cleaner, more colourful design, new content management system (from Joomla to WordPress), updated content, new topic pages for the most popular issues discussed on the site, and better search and social media functionality. The new site still uses a Creative Commons licence and now adds dozens of photos that are also CC licensed.

My thanks to Willy Karam for his years of assistance on the old site, to Amanda Lutz for her work in transitioning to the new site, to students such as Emily Murray and Alexandra Lyn for their help updating content, and to the many creators who use Creative Commons to make their work available to others.

While we have worked hard to ensure a seamless transition, any major website overhaul that transfer thousands of posts and tens of thousands of comments is bound to have unforeseen issues. Readers are invited to provide feedback and to notify me know of anything they encounter that does not work as it should.

The post Welcome to the New MichaelGeist.ca appeared first on Michael Geist.

Netflix Speed Rankings Raise Rogers Internet Traffic Management Questions: What Did It Know ...

Michael Geist - Mon, 05/12/2014 - 17:59
Netflix released its latest ISP Speed Index yesterday, including Canada for the first time.  Given the popularity of the online video service, the Netflix report has attracted increasing attention as it offers a comparative look at the average download speeds for Netflix customers across Internet providers around the world. While the company acknowledges that there are various factors that influence speed (including device used, video quality, etc.), those issues are found across all ISPs, so the comparisons remain valid.

Canada's performance is middling at best as the Netflix data indicates that we are a mid-tier country at best.  Canadian speeds that do not compare well with most European countries (note that Asian countries such as South Korea and Japan are not included but would likely rank far ahead of Canada as well). The biggest surprise in the report is how poorly Rogers ranked, coming in last among the 14 Canadian ISPs that were measured. The ranking is particularly surprising since the other large cable companies (Shaw, Videotron, Cogeco, and Eastlink) all ranked in the upper half of Canadian ISPs.


The poor ranking, which would have placed Rogers in last place in many other countries (Denmark, Finland, Ireland, the Netherlands, Norway, Sweden, the UK, and Uruguay) raises questions about Rogers' Internet traffic management practices.  In response to the Netflix story and some tweets on the issue, Rogers responded:

Netflix test done just before we virtually doubled Netflix capacity, we'll continue to add more capacity as required

I followed with a tweet raising questions about the meaning of doubling Netflix capacity and asking whether the company was throttling Netflix traffic. Rogers replied:

We don't throttle Netflix. We've doubled capacity in the links that carry traffic from Netflix to our customers.

While these responses are meant to be reassuring, they raise troubling questions about how Rogers manages its network and whether the slow Netflix speeds could have been used to create a competitive advantage for its own online video services. While the company says that it does not throttle Netflix traffic (ie. deliberately slow it down), its response also suggests that it knew that the service was being slowed by insufficient capacity.  I wrote about net neutrality in my weekly technology law column this week (Toronto Star version, homepage version) and the Rogers responses raise a host of related regulatory questions:
  • How long did it know that Netflix speeds were slow? 
  • Why are Netflix-specific links within the network the problem? 
  • Does Rogers separate Netflix traffic from other traffic? 
  • If so, why does it not disclose the practice? 
  • Is the slowing of video a violation of Section 36 of the Telecommunications Act, which the CRTC has said amounts to controlling the content? 
  • Are other online video services affected in the same manner?
  • Are Rogers online video services affected?

The Netflix rankings are presumably designed to provide greater transparency on actual ISP speeds.  Now that we have Canadian data, we need some answers from one of Canada's largest ISPs on why it ranked so badly.

Appointment of New Copyright Board of Canada Chair Offers Chance for Change

Michael Geist - Wed, 05/07/2014 - 23:44
Copyright Board of Canada chair William J. Vancise will see his term come to an end this month, opening the door for the government to start the process of reforming the much-criticized board. Vancise has served the maximum two terms as chair, with his time marked by the Supreme Court of Canada's rejection of the board's approach to fair dealing, ongoing frustration from stakeholders about board administrative processes, and the failure of the board to broaden its approach by becoming more inclusive of the public.

The exclusion of the public stands in sharp contrast to the CRTC and Competition Bureau, which have both taken steps in recent years to involve the public more directly in policy making activities, hearings, and other issues. By contrast, the Copyright Board does little to encourage public participation, despite the fact that its decision often have an impact that extends beyond the parties before it. When asked recently about the accessibility and participation concerns, the board pointed to an internal working group as evidence that it regularly reviews its practices and compared itself to the Federal Court of Appeal, noting that "of course they [the public] don't participate, because they don't really belong there, per se."


The problems with the current Copyright Board run even deeper than having its core decisions overturned by the Supreme Court and the public finding itself largely excluded from the process. The business community - particularly those seeking to develop new, digital business models - point to the board as a major problem. For example, Songza recently told the Standing Committee on Canadian Heritage:

Why is Canada behind the U.S. and other countries in the development of music streaming services? One reason is that the regulatory framework in Canada doesn't foster innovation. The rate-setting process - through the Copyright Board - takes far too long, up to four to five years for an industry where business models are changing rapidly.

It's hard to build a business model without certainty as to how much you have to pay for the main inputs to your business. This certainly holds true for investors investing in these businesses. That's why Songza came to an agreement with Re:Sound - the organization that represents recording musicians and record companies - that allowed Songza to launch in Canada with certainty on those rates, without having to wait years for a decision from the Copyright Board.

Similarly, Nettwerk Music Group, one of Canada's most successful independent music labels, told the committee:

Many streaming service providers are choosing to stay out of Canada given the uncertainty created by the length of time it takes for tariff decisions. So to echo Victoria Shepherd of Connect Music Licensing, 'The Copyright Board should not be seen as a barrier to business or as an impediment. Rather it should be considered a business development office. It needs the resources to ensure it can render decisions in lockstep with the pace of technology innovation.' Without the improvements to the Copyright Board, we are simply not realizing the full potentials of the dollars we're all investing.

As I noted over a year ago, many believe the Copyright Board of Canada is broken. The government hasn't paid much attention, but a starting point for addressing the concerns may come with the appointment of a new chair and the potential it brings to establish new policy and governance priorities.

Why Public Safety Minister Blaney Gets It Wrong on Privacy and Warrantless Disclosures

Michael Geist - Tue, 05/06/2014 - 23:23
The House of Commons engaged in active debate on privacy this week, spurred by an NDP motion from MP Charmaine Borg. The motion reads:

That, in the opinion of the House, the government should follow the advice of the Privacy Commissioner and make public the number of warrantless disclosures made by telecommunications companies at the request of federal departments and agencies; and immediately close the loophole that has allowed the indiscriminate disclosure of the personal information of law-abiding Canadians without a warrant.

The government voted down the motion on Tuesday, but the Monday debate provided new insights into the government's thinking on privacy. Unfortunately, most of its responses to concerns about warrantless disclosures were either wrong or misleading. In particular, Steven Blaney, the Minister of Public Safety, raised at least four issues in his opening response that do not withstand closer scrutiny.


First, he says:

Only the most basic information, such as the name and phone number, may be released. In all cases, this is done voluntarily, meaning that a company could decide not to co-operate at any time if it did not feel a certain request met the expectations of its customers.

In fact, the voluntary disclosure provision in PIPEDA is not limited to basic information. PIPEDA features several exceptions to disclosure without consent (including disclosures made pursuant to a court order), including:

an organization may disclose personal information without the knowledge or consent of the individual only if the disclosure is made to a government institution or part of a government institution that has made a request for the information, identified its lawful authority to obtain the information and indicated that
(ii) the disclosure is requested for the purpose of enforcing any law of Canada, a province or a foreign jurisdiction, carrying out an investigation relating to the enforcement of any such law or gathering intelligence for the purpose of enforcing any such law, or
(iii) the disclosure is requested for the purpose of administering any law of Canada or a province;

While some providers may limit their warrantless disclosures to basic subscriber information, this statute does not contain that limitation. When asked about their practices, providers such as Shaw merely state that they "rely on the standards and definitions set out in the Personal Information Protection and Electronic Documents Act".  Similarly, MTS Allstream states that "does not release customer information unless permitted or required by law, such as a valid law enforcement demand."

Second, even Blaney's claim of "basic subscriber information" is incomplete. The so-called basic subscriber information also includes IP addresses, data that is not found in any typical directory. Last year, the Privacy Commissioner of Canada released a study that found that an IP address that can be highly revealing. The study concluded:

Referring to such data as being on par with what one would find in the white pages of a phone book grossly misconstrues and underestimates what can ultimately be gleaned from such information. As such, it is truly more than just "phone book" information.

Third, Blaney emphasizes the voluntary nature of the disclosures:

Let me be clear. What we are talking about today is voluntary disclosure by private businesses to law enforcement.

What Blaney does not say is that the government is seeking to expand the frequency of voluntary disclosure. Bill C-13, the lawful access bill, will expand warrantless disclosure of subscriber information to law enforcement by including an immunity provision from any criminal or civil liability (including class action lawsuits) for companies that preserve personal information or disclose it without a warrant.

Fourth, the government is also seeking to expand the scope of voluntary disclosure. Bill S-4, the Digital Privacy Act, proposes extending the ability to disclose subscriber information without a warrant from law enforcement to private sector organizations. The bill includes a provision that allows organizations to disclose personal information without consent (and without a court order) to any organization that is investigating a contractual breach or possible violation of any law.  This despite the fact that Roxanne James, the Parliamentary Secretary to the Minister of Public Safety, later states in the debate:

We expect that telecommunication service providers only release basic subscriber information when it is for reasons of public good, such as to help police investigating a crime or, for example, identifying the next of kin.

Given the provisions in Bill S-4, the government's expectations are that warrantless disclosures will increase in the future. In fact, there are other responses from government MPs that are similarly problematic, including attempts to equate government requests for subscriber information with collection of information by Internet companies and an absurd claim that if the Privacy Commissioner had found any of 1.2 million requests out of line, she would have said so.

The NDP motion should not have been particularly controversial. If the information being disclosed is as innocuous as the the government maintains, disclosing aggregate data should not pose any concerns. Indeed, there are many steps that should be taken (including government and telecom transparency reports, notifications to subscribers of disclosures, reforms to Bills C-13 and S-4, and regular audits by the Privacy Commissioner of Canada) that would better address the balance of privacy with maintaining public safety.  Unfortunately, the government's current position is to respond with assurances that fail to address public concern over their privacy.

Why Isn't the Government Backing the CRTC on the Wireless Code? [Update: They Are Now]

Michael Geist - Tue, 05/06/2014 - 23:00

Update 5/7/14: Government reverses course and announces it will back up the CRTC in court.

The Canadian Press reports that the federal government appears ready to walk away from the CRTC's proposed enforcement of the new consumer wireless code.  While the government has touted the code as an example of a pro-consumer approach, the CRTC's attempt to ensure the code applied as quickly as possible may be lost due to the government's decision to stay out of a legal battle over the issue. With the major telcos looking to limit the power of the CRTC and a federal court ruling that the Commission cannot advocate for itself, it falls to the federal government to do so. 


The issue was raised yesterday in the House of Commons, yet the government refused to respond directly:


Mr. Glenn Thibeault (Sudbury, NDP): 

Mr. Speaker, while the Conservatives claim credit for the CRTC's wireless code of conduct as their policy, Canadians continue to be hit in the pocketbook waiting for action. The NDP has been pushing for this code since the beginning, but now, as the code of conduct is being challenged by the big three in court, the current government has simply walked away from it. The Conservatives keep spending millions in advertisement to tell Canadians how great their not-so-original idea is. Why are the Conservatives not putting their efforts into defending the code of conduct instead of boasting about it while it is being struck down?

Mr. Paul Calandra (Parliamentary Secretary to the Prime Minister and for Intergovernmental Affairs, CPC):  

Mr. Speaker, of course, this government has done extraordinary work with respect to our telecom policy. In fact, competition has increased. At the same time, wireless rates have come down by 20% while employment in this sector has actually increased by some 25%. That is good news for all Canadians. It is something that has been a priority for us. Putting more money back in the pockets of hard-working Canadians will remain a priority of this government, and we are proud of that.

Calandra was asked one more time abut the issue and again responded with talking points, rather than providing an answer about the government's decision not to defend the CRTC and the code.  It is worth asking the question again - why isn't the government backing the CRTC and the code?

Five Measures to Help Counter the Tidal Wave of Secret Telecom Disclosures

Michael Geist - Mon, 05/05/2014 - 21:55
The House of Commons engaged in an extensive debate on privacy yesterday in response to an NDP motion that would require the government to disclose the number of warrantless disclosures made by telecom companies. I'll have more on the debate shortly (it's worth reading), but the government has made it clear that it will not be supporting the motion.

My weekly technology law column (Toronto Star version, homepage version) notes that the revelations of massive telecom and Internet provider disclosures of subscriber information generated a political firestorm with pointed questions to Prime Minister Stephen Harper in the House of Commons about how the government and law enforcement agencies could file more than a million requests for Canadian subscriber information in a single year.

The shocking numbers come directly from the telecom industry after years of keeping their disclosure practices shielded from public view. They reveal that Canadian telecom and Internet providers are asked to disclose basic subscriber information every 27 seconds. In 2011, that added up to 1,193,630 requests, the majority of which were not accompanied by a warrant or court order. The data indicates that telecom and Internet providers gave the government what it wanted - three providers alone disclosed information from 785,000 customer accounts.

The issue is likely to continue to attract attention, particularly since the government is seeking to expand the warrantless disclosure framework in Bill C-13 (the lawful access bill) and Bill S-4 (the Digital Privacy Act).


The issue is likely to continue to attract attention, particularly since the government is seeking to expand the warrantless disclosure framework in Bill C-13 (the lawful access bill) and Bill S-4 (the Digital Privacy Act).

Bill C-13 will expand warrantless disclosure of subscriber information to law enforcement by including an immunity provision from any criminal or civil liability (including class action lawsuits) for companies that preserve personal information or disclose it without a warrant.

Bill S-4, the newly-introduced Digital Privacy Act, proposes extending the ability to disclose subscriber information without a warrant from law enforcement to private sector organizations. The bill includes a provision that allows organizations to disclose personal information without consent (and without a court order) to any organization that is investigating a contractual breach or possible violation of any law.

With the government moving toward more warrantless disclosure and telecom companies hiding their practices behind aggregated data, the Canadian situation seems likely to get worse from privacy perspective.  Yet there are many measures that could be adopted to restore some balance and address mounting concerns about the lack of transparency associated with the widespread disclosure activities.

First, new government transparency requirements could be implemented so that the secrecy associated with hundreds of thousands of disclosure requests is eliminated. The government should require law enforcement agencies to record and report all requests for subscriber information with quarterly public releases of aggregate data (basically the gist of the NDP motion).

Telecom and Internet providers should also issue regular transparency reports. Leading Internet companies such as Google and Twitter publicly release disclosure information as do large U.S. telecom companies such as AT&T and Verizon.  If they can do it, Canadian providers such as Bell, Rogers, and Telus should do the same.

Second, telecom and Internet providers should stop automating the disclosure of subscriber information. The automated systems, which include mirroring network traffic and sending it directly to law enforcement or creating law enforcement monitoring databases that can be accessed with minimal or no review, encourage bulk disclosure of subscriber information with no effective oversight.

Third, telecom and Internet providers should be required to advise affected individuals about warrantless disclosures of their personal information unless a court prohibits them from doing so. Such a requirement would inform Canadians when their information is being disclosed and provide them with the opportunity to contest it if they see fit.

Fourth, Canadians could also use existing law more aggressively to demand that telecom providers reveal any instances of prior disclosures of their information. The law allows an individual to file a request with an organization for access to their personal information, including any details on past disclosures. Failure to comply would violate Canada's private sector privacy law.

Fifth, the Privacy Commissioner of Canada should use her audit powers to investigate the secretive disclosure practices among telecom and Internet providers. The recent revelations provide ample evidence to justify exercising the audit powers to lift the veil of secrecy over how Canadian telecom and Internet providers manage subscriber information. 

While transparency reports and external audits will not eliminate mass warrantless disclosures, they will place the issue in the spotlight and force both government and the telecom providers to explain why they do so little to safeguard Canadians' privacy.

Apple Canada Was Only Tech Company to Respond to Privacy Commish Request on Disclosure Practices

Michael Geist - Mon, 05/05/2014 - 00:08
Last week's revelations on the massive number of requests for subscriber information focused specifically on the responses from major Canadian telecom and Internet providers. The Privacy Commissioner of Canada wrote to the 12 largest providers, who responded with a single document that aggregated the responses of 11 of the companies (though some declined to provide information to questions such as how many user accounts were disclosed).

The Access to Information Act requested documents that contained the telco response also revealed that the Privacy Commissioner sent a similar letter to the leading Internet and technology companies. The list of recipients included Apple, Google, Facebook, Microsoft, Twitter, and eBay. While some of the companies now offer transparency reports that feature data on disclosure requests (and compliance with those requests), few did in 2011. On Friday, I received a supplemental document to my access to information request that contains the full response from Apple Canada.


The document is notable for several reasons. First, Apple Canada responded within one month of the Privacy Commissioner letter, promptly providing specific information on its practices. It advises that the company has a database of approximately 10 million individuals and that it received about 100 requests for information on its users. It does not charge a fee to comply with those requests.

Second, much like the telecom and Internet companies, Apple Canada does not notify the individuals whose information has been requested or disclosed.

Third, I have been advised that there are no other relevant documents to the request. This confirms that Apple Canada was the only company to respond to the Privacy Commissioner request. The other major companies apparently did not respond. Their transparency reports now provide raw data on access requests, though their specific policies on requests, notification of affected individuals, and fees related to requests largely remains a mystery.

Why Have Canada's Telcos Failed to Notify Subscribers About Disclosing Their Information?

Michael Geist - Thu, 05/01/2014 - 22:33
While much of the attention this week on the massive number of requests for subscriber information has rightly focused on the government and a legal framework that provides insufficient oversight (and is about to expand warrantless disclosure under Bills C-13 and S-4), the telecom and Internet companies also deserve greater scrutiny. One of the key questions in the document on telecom and Internet provider disclosure practices asked simply:

Do you notify your customers, when the law allows, that their information has been requested, thus giving them an opportunity to contest the request in court?

The answer from every provider: No.


In the United States, major U.S. technology companies are now moving to disclose requests to affected customers, with the Washington Post reporting that they believe that "users have a right to know in advance when their information is targeted for government seizure." Yet Canadian providers apparently disclose subscriber information hundreds of thousands of times every year but keep their customers in the dark.

Legislative reform is needed that requires telecom and Internet providers to advise affected individuals about warrantless disclosures of their personal information unless a court prohibits them from doing so. Such a requirement would inform Canadians when their information is being disclosed and provide them with the opportunity to contest it if they see fit. 

In the meantime, Canadians could also use existing law more aggressively to demand that telecom providers reveal any instances of prior disclosures of their information. The law allows an individual to file a request with an organization for access to their personal information, including any details on past disclosures. Failure to comply would violate Canada’s private sector privacy law.  Christopher Parsons of the Citizen Law has created a template for doing just that - the page provides the information Canadians need to file a request and the contact information details for where it should be sent.

Is a Canadian Telco Allowing the Government To Mirror Its Subscriber Communications?

Michael Geist - Wed, 04/30/2014 - 21:17
The recent revelations regarding massive telecom and Internet provider disclosures of subscriber information has generated a political firestorm with pointed questions yesterday to Prime Minister Stephen Harper in the House of Commons. While Harper tried to provide reassurances that warrants were obtained where necessary, the reality is that the law includes a massive exception that permits voluntary, warrantless disclosure of subscriber information. That suggests that the majority of the nearly 1.2 million requests in 2011 were not accompanied by a warrant. Moreover, the telecom and Internet providers have shrouded their activities in secrecy, refusing to disclose the disclosures to affected subscribers and hiding behind aggregated data to avoid scrutiny of their individual practices.

The issue is likely to continue to attract attention, particularly since the government is seeking to expand the warrantless disclosure framework in Bill C-13 (the lawful access bill) and Bill S-4 (the Digital Privacy Act). One further issue that should not be lost within the disclosure is the stunning admission that at least one Canadian provider may be allowing the government to mirror or copy of its subscriber communications.  In response to a question on the use of deep packet inspection, one provider states:

"Interception of communications over data networks is accomplished by sending what is essentially a mirror image of the packet data as it transmits the network of data nodes. This packet data is then sent directly to the agency who has obtained lawful access to the information. Deep packet inspection is then performed by the law enforcement agency for their purposes."

This is an incredible admission - allowing the government to mirror subscriber communications and sending it directly to law enforcement agencies who can they do what they want with it?  Are there legal grounds for these disclosures?  Who is doing this?  Was this a required alternative to major ISPs who do not use deep packet inspection?  Is this RIM, who also participated in the aggregated data request?  Many, many questions without any clear answers. Given the uncertainty and the enormous privacy implications, the Privacy Commissioner of Canada is surely entitled to investigate this admission using her current powers under PIPEDA.

Canadian Telcos Asked to Disclose Subscriber Data Every 27 Seconds

Michael Geist - Tue, 04/29/2014 - 21:28
Every 27 seconds. Minute after minute, hour after hour, day after day, week after week, month after month. Canadian telecommunications providers, who collect massive amounts of data about their subscribers, are asked to disclose basic subscriber information to Canadian law enforcement agencies every 27 seconds. In 2011, that added up to 1,193,630 requests. Given the volume, most likely do not involve a warrant or court oversight (2010 RCMP data showed 94% of requests involving customer name and address information was provided voluntarily without a warrant).

In most warrantless cases, the telecommunications companies were entitled to say no. The law says that telecom companies and Internet providers may disclose personal information without a warrant as part of a lawful investigation or they can withhold the information until law enforcement has obtained a warrant. According to newly released information, three telecom providers alone disclosed information from 785,000 customer accounts in 2011, suggesting that the actual totals were much higher. Moreover, virtually all providers sought compensation for complying with the requests.

These stunning disclosures, which were released by the Office of the Privacy Commissioner of Canada, comes directly from the telecom industry after years of keeping their disclosure practices shielded from public view. In fact, the industry was reluctant to provide the information to even the Privacy Commissioner.

According to correspondence I obtained under the Access to Information Act, after the Commissioner sent letters to the 12 biggest telecom and Internet providers seeking information on their disclosure practices, Rogers, Bell and RIM proposed aggregating the information to keep the data from individual companies secret. The response dragged on for months, with Bell admitting at one point that only four providers had provided data and expressing concern about whether it could submit even the aggregated response since it would be unable to maintain anonymity [I've released the full ATIP I received here].



The correspondence also confirms that the telecom providers were concerned about how the government and law enforcement would react to public disclosures. In one email, Bell says that "we are walking a delicate line between supporting privacy and not antagonizing Public Safety/LEAs [law enforcement agencies], so the materials will be pretty factual, not much commentary."

While the current situation, which amounts to disclosure of subscriber information thousands of times each day often without a warrant, is enormously problematic, the situation is about to get even worse.

First, Bill C-13, the government's lawful access bill that heads to committee this week, will expand warrantless disclosure of subscriber information to law enforcement by including an immunity provision from any criminal or civil liability (including class action lawsuits) for companies that preserve personal information or disclose it without a warrant. The immunity provision makes it more likely that disclosures will occur without a warrant since the legal risks associated with such disclosures are removed.

Second, Bill S-4, the newly-introduced Digital Privacy Act, proposes extending the ability to disclose subscriber information without a warrant from law enforcement to private sector organizations. The bill includes a provision that allows organizations to disclose personal information without consent (and without a court order) to any organization that is investigating a contractual breach or possible violation of any law. This applies both past breaches or violations as well as potential future violations. The disclosure occurs in secret without the knowledge of the affected person.

Third, the industry has steadfastly refused to address the lack of transparency concerns regarding its practices. Providers admit that they do not notify customers that their information has been requested, thereby denying them the ability to challenge the demand in court. Moreover, documents released earlier this year suggested that companies such as Bell have even established a law enforcement database that may provide authorities with direct access to subscriber information.  The systems may create great efficiencies for law enforcement - click, access subscriber data, and receive a bill from the telecom company - but they suggest a system that is entirely devoid of oversight with even the Privacy Commissioner excluded from ensuring compliance with the law.

Is the CRTC Ready to Hit the Reset Button on Television Regulation in Canada?

Michael Geist - Mon, 04/28/2014 - 14:22
The Broadcasting Act is a complex statute that lists more than twenty broadcasting policy goals. Yet for decades, Canadian policy has largely boiled down to a single objective: Maximizing the benefits from the broadcasting system for creators, broadcasters, and broadcast distributors such as cable and satellite companies.  

Consumers were nowhere to be found in that objective and it showed. Creators benefited from Canadian content requirements and financial contributions that guaranteed the creation of Canadian broadcast content. Broadcasters flourished in a market that permitted simultaneous substitution (thereby enabling big profits from licensing U.S. content) and that kept U.S. giants such as HBO, ESPN, and MTV out of the market for years in favour of Canadian alternatives. Cable and satellite companies became dominant media companies by requiring consumers to purchase large packages filled with channels they did not want in order to access the few they did.

Canadians may have been frustrated with the broadcast system, but there were no obvious alternatives and their views hardly mattered in a regulatory system dominated by the established players.  My weekly technology law column (Toronto Star version, homepage version) notes that last week, the Canadian Radio-television and Telecommunications Commission sent an unmistakable signal that these longstanding rules are about to change.


The Commission launched the third phase of its Let's Talk TV consultation by opening the door to hitting the reset button on broadcasting regulation in Canada. It posed 80 questions on reforming virtually all aspects of the current system as part of a hearing scheduled for September.

The Commission's starting point is that the "distribution and packaging of television services should be reviewed to maximize consumer choice and flexibility." That alone is a dramatic shift since consumer choice and flexibility have never been major policy priorities.

The headline change will be mandating the unbundling of television channel packages offered by cable and satellite companies. The CRTC envisions requiring a "skinny basic" service that primarily features local Canadian conventional stations. For almost everything else, consumers will be able to pick individual channels or customize their own television packages.

Broadcasting executives have dismissed consumer demands for greater flexibility, but the CRTC notes that Canadians have jumped at the chance for greater flexibility when it is offered. For example, 70 per cent of Quebecor's new customers choose an option to build their own television packages.

The established broadcasters will warn ominously about increased prices or the loss of some of their less popular channels, but with the government committing to consumer choice for television in the Speech from the Throne, unbundled television is a done deal.

In fact, the bigger question is how far the CRTC is willing to go in its overhaul of Canadian broadcasting regulation since the initial policy document places just about everything up for grabs. This includes dropping the preponderance rule that requires consumers to receive a majority of Canadian channels in their television packages, allowing virtually all non-Canadian services into the market (except where the foreign channel would have an "undue negative impact on the Canadian television system"), eliminating genre exclusivity, and discontinuing the requirement for over-the-air broadcasts.

Moreover, the CRTC has raised the prospect of putting an end to simultaneous substitution, acknowledging that it is an irritant to consumers and that its economic value may be relatively small.

The Commission admits that many of these changes would cause a major upheaval in the market and it is looking to explore funding options for local television stations and financing and promotion for new Canadian content.

The CRTC consultation is likely to spark a huge outcry from the creator, broadcaster, and broadcast distributor communities with public relations and lobbying campaigns that will make last summer's wireless battle against Verizon seem tame by comparison. Yet with consumers increasingly "cutting the cord" by dropping conventional broadcasting choices and broadcasting revenues in free fall as advertisers shift to the Internet, change seems inevitable. The CRTC's consultation feels revolutionary, but it many ways it is merely catching up to market shifts that have been underway for several years.
Syndicate content