Electronic Commerce Protection Act Moves to the Senate
The ECPA (Bill C-27), Canada's overdue "Anti Spam Bill", has now been passed by the House of Commons and will now be debated and studied in the Senate. For marketers and eCommerce businesses, it is good to see legislation taking direct aim at spyware, phishing scams, spamming and other damaging practices that undermine consumer confidence in the digital marketplace.
Key features of the Bill are that consent will be required to send a commercial electronic communication to someone or install a computer program on someone's computer. The law will also require that electronic messages properly identify the sender, related contact info and provide the kind of easy unsubscribe that responsible marketers now offer in any case. Most important perhaps are the provisions allowing the CRTC, Competition Bureau and Privacy Commissioner to enforce their respective responsibilities under the Act -along with hefty potential penalties of up to $1 million for individuals and $10 million for corporations.
Overall the ECPA will be a big step forward to achieving better consumer protection online. Yet it also recognizes that organizations should have implied consent to communicate with their existing customers until advised otherwise, and it leaves legitimate B2B communications largely unconstrained.
The Federal Government and Parliamentarians have stated that their aim is to crack down on the really "bad actors" and the worst online abuses, but without causing harm to legitimate and responsible businesses. The degree of success on that score will depend on the extent to which the ECPA requirements are consistent with the rules that responsible businesses have been following since Canada's privacy law (PIPEDA) came fully into force in 2004. PIPEDA and CMA's Code of Ethics already require that responsible businesses must have consent to use email addresses, must properly identify their organization and provide an easy unsubscribe. That reality is in stark contrast to major spammers who illegally harvest email contact information, send emails without any consent whatsoever, and generally provide no legitimate unsubscribe opportunity. It's this second category that represents the vast bulk of what gets picked up by spam filters, or worse, ends up as unwanted material in our inboxes. At the end of the day a credible anti-spam framework comes down to effective enforcement.
Countries like France, Germany, Spain and the U.K. have all adopted tough anti-spam regimes featuring explicit consent requirements that actually make things much tougher for legitimate businesses - yet these places remain amongst the top ten sources of spam (www.spamhaus.org). It comes down to a commitment to enforcement. As the ECPA moves forward in the Senate, CMA will continue to deliver the message that this important new law and related regulations can provide the basis for an effective crackdown on spammers while not unnecessarily harming responsible businesses that use email for legitimate marketing purposes.
