SlideShare ist ein Scribd-Unternehmen logo

Sookman oba casl._slides

Als PPT, PDF herunterladen
B
bsookman

Canada's anti-spam law: the computer program provisions

Recht
1 von 33
McCarthy Tétrault LLP / mccarthy.ca / 13300658 OBA: Countdown to Canada’s Anti-Spam Legislation: Make Sure You are Ready Barry B. Sookman McCarthy Tétrault LLP bsookman@mccarthy.ca 416-601-7949 April 7, 2014
SCOPE OF CASL • Anti-SPAM • Anti-spyware/malware • Amendments to PIPEDA prohibiting address harvesting and personal information harvesting • Amendments to the Competition Act prohibiting false or misleading representations in electronic messages, sender information in electronic messages, subject matter information in electronic messages, locaters McCarthy Tétrault LLP / mccarthy.ca / 13300658 2
CASL HISTORY • Received royal assent on December 15, 2010. • Original draft regulations were published in the summer of 2011 by the CRTC and Industry Canada. The Canadian business community raised serious objections to their strict requirements. • The CRTC enacted revised regulations which were finalized on March 28, 2012. • CRTC issues 2 sets of Guidelines - October, 2012 • Revised draft regulations from Industry Canada on January 5, 2013. The Canadian business community, non-profit community, colleges, universities and others all raised serious concerns. • Industry Canada released finalized regulations on December 4, 2013. • CRTC issued FAQ - December 2013 • Messaging Provisions coming into force -July 2014. Computer Programs provisions coming into force -January 2015. Private Right of Action coming into force - July 2017. McCarthy Tétrault LLP / mccarthy.ca / 13300658 3
WHAT YOU NEED TO CONSIDER IN DEVELOPING A COMPLIANCE PROGRAM • CASL • CRTC Regulations • Industry Canada regulations • Regulatory Impact Analysis Statement • CRTC Guidelines on the interpretation of the Electronic Commerce Protection Regulations (Oct. 10, 2012) • CRTC Guidelines on the use of toggling as a means of obtaining express consent under Canada’s anti-spam legislation (Oct. 10, 2012) • CRTC FAQ Canada’s Anti-Spam Legislation (December 18, 2013) McCarthy Tétrault LLP / mccarthy.ca / 13300658 4
Is there a need to be concerned about CASL? McCarthy Tétrault LLP / mccarthy.ca / 13300658 5
VERY HIGH LIABILITY ¬ Administrative monetary penalties (AMPS) with caps up $10 million for an organization. (s.20(4)) ¬ Private rights of action by anyone affected by a prohibited act (s.47(1)) with liability that consists of: ¬ compensation for loss, damages and expenses; and ¬ extensive awards that are capped at: ¬ $1 million per day for breach of SPAM, malware, spyware, message routing, address and personal information harvesting, and Competition Act provisions; ¬ $1 million for each act of aiding, inducing, or procuring a breach of the SPAM, malware and spyware, and message routing provisions, plus liability up to $1 million per day for breach of SPAM, malware, spyware, and message routing provisions. ¬ Risk of class actions. ¬ Will be in force January 1, 2017. Are prior claims covered? McCarthy Tétrault LLP / mccarthy.ca / 13300658 6
EXTENSIVE ACCESSORIAL AND VICARIOUS LIABILITY ¬ Liability extends to any person who aids, induces or procures a prohibited act. (s.9) ¬ Senders of CEMs are liable for acts of their employees within the scope of their authority. (s.32, s.53) ¬ Liability extends to officers, directors, and agents if they directed, authorized, assented to, acquiesced, or participated in the prohibited act. (s.31, s.52) ¬ Risk implications too easy to pierce corporate veil; requirements for insurance? ¬ Does the risk make sense? McCarthy Tétrault LLP / mccarthy.ca / 13300658 7
McCarthy Tétrault LLP / mccarthy.ca TERRITORIAL REACH • The anti-spam provisions apply to any message where a computer system located “in Canada is used to send or access the electronic message”. (s.12(1)) • Anti-spam exception IC Regs 3(f) “if the person who sends the message or causes or permits it to be sent reasonably believes the message will be accessed in a foreign state that is listed in the schedule and the message conforms to the law of the foreign state that addresses conduct that is substantially similar to conduct prohibited under section 6 of the Act”; • The computer program provisions apply “if the computer system is located in Canada at the relevant time or if the person either is in Canada at the relevant time or is acting under the direction of a person who is in Canada at the time when they give the directions”. (s.8(2)). McCarthy Tétrault LLP / mccarthy.ca / 13300658 8
Anti-Spyware/Malware Provisions and Regulations McCarthy Tétrault LLP / mccarthy.ca / 13300658 9
Question: What countries have anti- malware/spyware laws that are similar to those in CASL? McCarthy Tétrault LLP / mccarthy.ca / 13300658 10
McCarthy Tétrault LLP / mccarthy.ca / 13300658 11
THE PROHIBITION 8. (1) A person must not, in the course of a commercial activity, install or cause to be installed a computer program on any other person’s computer system or, having so installed or caused to be installed a computer program, cause an electronic message to be sent from that computer system, unless: (a) the person has obtained the express consent of the owner or an authorized user of the computer system and complies with [the disclosure requirements of] subsection 11(5); or (b) the person is acting in accordance with a court order. Problems: Implied consents cannot be relied upon. Only express consents are valid, assuming compliance with the disclosure requirements. Written agreements or click-wraps will comply, assuming the consent is not bundled in the agreement. Web wrap agreements will likely not comply. McCarthy Tétrault LLP / mccarthy.ca / 13300658 12
WHAT PROGRAMS DOES CASL APPLY TO? • Applies to “computer programs” (defined in subsection 342.1(2) of the Criminal Code) as meaning “data representing instructions or statements that, when executed in a computer system, causes the computer system to perform a function”. Includes apps and updates. • Note: Computer programs are not limited to malware or spyware. • Installed on another person’s “computer system” ” (defined in subsection 342.1(2) of the Criminal Code) as meaning “a device that, or a group of interconnected or related devices one or more of which, (a) contains computer programs or other data, and (b) pursuant to computer programs, (i) performs logic and control, and (ii) may perform any other function”. • Note: Computer systems could include: servers, PCs, smartphones, tablets, ebook readers, the “Cloud”, websites and web services, industrial machines, appliances, autos, and other consumer products. McCarthy Tétrault LLP / mccarthy.ca / 13300658 13
WHAT PROGRAMS DOES CASL APPLY TO? • RIAS: “the requirements under CASL for the installation of computer programs only apply to the installation of computer programs on another person’s computer system. CASL will not apply to installations carried out by persons on their own computing devices.” ¬ A consumer buys a program on a physical media and installs the program on a home computer? ¬ A manufacturer pre-installs a program on a computer, machine, device or appliance and directly, or through a channel, sells the product to consumers? ¬ A retailer offers computer services such as to install software or to repair or configure computers or installs updates? While new hardware or software is installed by the service provider, the program may automatically go to a web site to look for and download an upgrade? ¬ A person goes to a website to download a program? McCarthy Tétrault LLP / mccarthy.ca / 13300658 14
WHAT PROGRAMS DOES CASL APPLY TO? A person is considered to expressly consent to the installation of a computer program if: a) the program is: i. a cookie, ii. HTML code, iii. Java Scripts, iv. an operating system, v. any other program that is executable only through the use of another computer program whose installation or use the person has previously expressly consented to, or vi. any other program specified in the regulations; and b) the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation. (s.10(8)) NOTE:, there is no express waiver of the disclosure requirement, but disclosure is only required where express requests are being sought. McCarthy Tétrault LLP / mccarthy.ca / 13300658 15
WHAT PROGRAMS DOES CASL APPLY TO? RIAS: ¬ “In addition, the software on some computer dedicated systems in automobiles may be “operating systems”, such as computers that operate specific functions like braking. There is deemed consent to update that as operating systems under the Act.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 16
GETTING EXPRESS CONSENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS Obtaining consent: A person who seeks express consent must, when requesting consent, set out clearly and simply the following information: (a) the purpose or purposes for which the consent is being sought; (b) prescribed information that identifies the person seeking consent and, if the person is seeking consent on behalf of another person, prescribed information that identifies that other person; and (c) any other prescribed information.” (s.10(1)). McCarthy Tétrault LLP / mccarthy.ca / 13300658 17
DISCLOSURE REQUIREMENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS Two levels of disclosure required when obtaining consent. 1. Minimum Disclosure: A person who seeks express consent, must when requesting consent, also, in addition to setting out any other prescribed information, must clearly and simply describe, in general terms the function and purpose of the computer program that is to be installed if the consent is given. (s.10(3)) McCarthy Tétrault LLP / mccarthy.ca / 13300658 18
2. Enhanced Disclosure: If the computer program meets one of the specified “malware” or “spyware” criteria in s.10(5), “the person who seeks express consent must, when requesting consent, clearly and prominently, and separately and apart from the licence agreement, (a) describe the program’s material elements that perform the function or functions, including the nature and purpose of those elements and their reasonably foreseeable impact on the operation of the computer system; and (b) bring those elements to the attention of the person from whom consent is being sought in the prescribed manner”. DISCLOSURE REQUIREMENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS McCarthy Tétrault LLP / mccarthy.ca / 13300658 19
¬ Enhanced Disclosure: The enhanced disclosure standard applies where ¬ the program performs functions that the person knows and intends will cause the computer system to operate in a manner that is contrary to the reasonable expectations of the owner or authorized user of the computer ¬ collects personal information; ¬ interferes with control of the computer; ¬ changes or interferes with settings preferences or commands; ¬ obstructs, interrupts, or interferes with access to data; ¬ causes the computer to communicate with another computer without authorization,: ¬ installing a computer program that can be activated by a third party: ¬ installing a bot, or something set out in the regulations; ¬ but not merely transmission data. (s.10(5) &(6)). DISCLOSURE REQUIREMENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS McCarthy Tétrault LLP / mccarthy.ca / 13300658 20
MEANING OF “SOUGHT SEPARATELY” CRTC Guidelines: a. What does “sought separately” mean? 14. The Commission considers that in order to meet the requirement of seeking consent separately, the person seeking consent must identify and obtain specific and separate consent for each act contemplated by the sections of the Act described in paragraph 13 above. Accordingly, consent for each act above must be sought separately from any other act captured by sections 6 to 8 of the Act. The Commission also considers that the activities captured by each of the above acts are distinct, as are the consequences. 15. For example, the Commission considers that persons must be able to grant their consent for the installation of a computer program while refusing to grant their consent for receiving CEMs. However, the Commission does not consider it necessary for consent to be sought separately for each instance of the acts listed in paragraph 13 above, as long as the consent request is in accordance with subsections 10(1), 10(2), 10(3), and 10(4) of the Act, where applicable. McCarthy Tétrault LLP / mccarthy.ca / 13300658 21
REQUESTS FOR CONSENT CRTC Guidelines ¬ 6. The Commission considers that requests for consent contemplated above must not be subsumed in, or bundled with, requests for consent to the general terms and conditions of use or sale. The underlying objective is that the specific requests for consent in question must be clearly identified to the persons from whom the consent is being sought. For example, persons must be able to grant their consent to the terms and conditions of use or sale while, for instance, refusing to grant their consent for receiving CEMs. McCarthy Tétrault LLP / mccarthy.ca / 13300658 22
CRTC Regulations, s.5 (unchanged): 5. A computer program’s material elements that perform one or more of the functions listed in subsection 10(5) of the Act must be brought to the attention of the person from whom consent is being sought separately from any other information provided in a request for consent and the person seeking consent must obtain an acknowledgement in writing from the person from whom consent is being sought that they understand and agree that the program performs the specified functions. ENHANCED DISCLOSURE IN REGULATIONS McCarthy Tétrault LLP / mccarthy.ca / 13300658 23
EXCEPTIONS FOR SOFTWARE UPDATES, UPGRADES AND PATCHES The formalities for obtaining express consent (ss.10(1) and (3)) are not required for the installation of an update or upgrade so long as the installation or use of the computer program being updated was expressly consented to and the person who gave the consent is entitled to, and does receive the update under the terms of the express consent. (s.10(7)) Problem: ¬ There is no express exception that permits installation of an update or upgrade without consent. ¬ The original consent to install a program must include a consent to install updates or upgrades or they cannot be installed without requesting and obtaining a new consent. McCarthy Tétrault LLP / mccarthy.ca / 13300658 24
GETTING EXPRESS CONSENTS TO INSTALL UPDATES AND UPGRADES RIAS: ¬ “For updates and upgrades to computer programs installed after CASL comes into force, the Act allows companies to get the consent of the owner or authorized user for future updates or upgrades to the computer program at the same time they obtain consent for the original installation, or when the user is downloading. That is, when a computer program is installed, consent must in general be requested in accordance with the Act, but there are no requirements for the form of a request for consent to install updates and upgrades, whether that consent is requested in advance or when the update or upgrade is installed.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 25
GETTING EXPRESS CONSENTS TO INSTALL PROGRAMS CRTC Reg s.4. For the purposes of subsections 10(1) and (3) of the Act, a request for consent may be obtained orally or in writing and must be sought separately for each act described in sections 6 to 8 of the Act and must include (a) the name by which the person seeking consent carries on business, if different from their name, if not, the name of the person seeking consent; (b) if the consent is sought on behalf of another person, the name by which the person on whose behalf consent is sought carries on business, if different from their name, if not, the name of the person on whose behalf consent is sought; (c) if consent is sought on behalf of another person, a statement indicating which person is seeking consent and which person on whose behalf consent is sought; and (d) the mailing address, and either a telephone number providing access to an agent or a voice messaging system, an email address or a web address of the person seeking consent or, if different, the person on whose behalf consent is sought; and (e) a statement indicating that the person whose consent is sought can withdraw their consent. Problems: Each consent must be separate; how can consent be withdrawn for a program that is already installed? McCarthy Tétrault LLP / mccarthy.ca / 13300658 26
Withdrawal of consent: If the computer program installed meets one of the specified “malware” or “spyware” criteria in s.10(5), the person who installs the program with consent must for 1 year provide an electronic address to which a request can be sent to remove or disable the computer program if the requestor believes that the function, purpose or impact of the computer program installed under the consent was not accurately described when consent was requested; and if the consent was based on an inaccurate description of the material elements of the enumerated function or functions, must, without cost to the person who gave consent, assist that person in removing or disabling the computer program as soon as feasible. (s.11(5)) WITHDRAWAL OF CONSENT FOR “SPYWARE” FUNCTIONALITY McCarthy Tétrault LLP / mccarthy.ca / 13300658 27
NEW EXCEPTIONS – (IC REGS S.6) • (a) network security • (b) updates and upgrades to a network • (c) correcting computer program failures. NOTE: exemptions are subject to the condition that “the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation”. (s.10(8)) RIAS: ¬ “Note that the Act only applies to computer programs installed in the course of commercial activity, a defined term that excludes public safety and other purposes, so issues of public safety. However, for software issues that are not matters of public safety, the Regulations provide for deemed consent for the installation of computer programs that are necessary to correct a failure in the operation of a computer system or program that is already installed.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 28
NEW EXCEPTION – NETWORK SECURITY (IC REGS S.6) (a) a program that is installed by or on behalf of a telecommunications service provider solely to protect the security of all or part of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network; ¬ RIAS: ¬ “Note that CASL provides a broad definition of a Telecommunications Service Provider (TSP), which includes any persons who together or independently provides a telecommunications service. These services include features of services delivered by means of telecommunications facilities including network routers and servers, regardless whether the provider owns, leases or has any interest in or right to the equipment and software used to provide the telecommunications service…. ¬ The Regulations provide deemed consent for any companies or individuals who together or independently provide a telecommunications service, defined in the Act as a Telecommunications Service Provider (TSP), to install a computer program for the limited purposes of protecting the security of all or part of its network from a current and identifiable threat to its availability, reliability, efficiency, or optimal use… ¬ It should also be noted, that auto manufacturers may be TSPs for the purposes of CASL when they run computing networks such as GM’s OnStar or Ford’s Sync…” McCarthy Tétrault LLP / mccarthy.ca / 13300658 29
NEW EXCEPTION – UPDATE A NETWORK (IC REGS S.6) • (b) program that is installed, for the purpose of updating or upgrading the network, by or on behalf of the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network; • Will the definition of TSP be broad enough to include all networks such as those operated by vehicle manufacturers, appliance manufacturers and others who provide products and services to consumers? • Where is the end node of the network such as the network of a vehicle manufacturer? • How will TSPs be able to conclude that all users of its network are consenting to the installation of the program? McCarthy Tétrault LLP / mccarthy.ca / 13300658 30
NEW EXCEPTION – CORRECTING PROGRAM FAILURES (IC REGS S.6) ¬ (c) a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose. ¬ RIAS: ¬ “Some stakeholders argued that they should not be required to get consent every time they install an update or upgrade. CASL provides a three year transitional period to continue updates and upgrades to existing computer programs, after which they will be required to get express consent to continue updates in the future, if they don’t fall under one of the exemptions.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 31
TRANSITIONAL PROVISIONS ¬ S67. “If a computer program was installed on a person’s computer system before section 8 comes into force, the person’s consent to the installation of an update or upgrade to the program is implied until the person gives notification that they no longer consent to receiving such an installation or until three years after the day on which section 8 comes into force, whichever is earlier.” ¬ RIAS: ¬ “Auto manufacturers were also concerned that the three year transitional period in section 67 would limit their ability to continue to install updates or upgrades to computer programs on automobiles. To address this concern, these Regulations specify that express consent of an individual is deemed for updates and upgrades to computer programs that are installed across all or part of the auto manufacturer’s network, and the installation of computer programs to correct failures in the operation of the computer system or an existing program.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 32
VANCOUVER Suite 1300, 777 Dunsmuir Street P.O. Box 10424, Pacific Centre Vancouver BC V7Y 1K2 Tel: 604-643-7100 Fax: 604-643-7900 Toll-Free: 1-877-244-7711 CALGARY Suite 3300, 421 7th Avenue SW Calgary AB T2P 4K9 Tel: 403-260-3500 Fax: 403-260-3501 Toll-Free: 1-877-244-7711 TORONTO Box 48, Suite 5300 Toronto Dominion Bank Tower Toronto ON M5K 1E6 Tel: 416-362-1812 Fax: 416-868-0673 Toll-Free: 1-877-244-7711 MONTRÉAL Suite 2500 1000 De La Gauchetière Street West Montréal QC H3B 0A2 Tel: 514-397-4100 Fax: 514-875-6246 Toll-Free: 1-877-244-7711 QUÉBEC Le Complexe St-Amable 1150, rue de Claire-Fontaine, 7e étage Québec QC G1R 5G4 Tel: 418-521-3000 Fax: 418-521-3099 Toll-Free: 1-877-244-7711 UNITED KINGDOM & EUROPE 125 Old Broad Street, 26th Floor London EC2N 1AR UNITED KINGDOM Tel: +44 (0)20 7786 5700 Fax: +44 (0)20 7786 5702 McCarthy Tétrault LLP / mccarthy.ca / 13300658

Empfohlen

Michael fekete and howard fohr lexpert casl computer programs provisions and ...
Michael fekete and howard fohr lexpert casl computer programs provisions and ...Michael fekete and howard fohr lexpert casl computer programs provisions and ...
Michael fekete and howard fohr lexpert casl computer programs provisions and ...bsookman
 
Sookman primetime presentation
Sookman primetime presentationSookman primetime presentation
Sookman primetime presentationbsookman
 
Sookman lexpert casl_slides
Sookman lexpert casl_slidesSookman lexpert casl_slides
Sookman lexpert casl_slidesbsookman
 
Internet Intermediaries Liability
Internet Intermediaries LiabilityInternet Intermediaries Liability
Internet Intermediaries LiabilityCedric Manara
 
Liability of ISP in case of Illegal Downloads
Liability of ISP in case of Illegal DownloadsLiability of ISP in case of Illegal Downloads
Liability of ISP in case of Illegal DownloadsRaunaq Jaiswal
 
Internet Jurisdiction Primer
Internet Jurisdiction PrimerInternet Jurisdiction Primer
Internet Jurisdiction PrimerGraham Smith
 
House Bill 632 Testimony
House Bill 632 TestimonyHouse Bill 632 Testimony
House Bill 632 TestimonyHawaii Open Data
 
Communications Privacy and the State
Communications Privacy and the StateCommunications Privacy and the State
Communications Privacy and the StateGraham Smith
 

Empfohlen

Michael fekete and howard fohr lexpert casl computer programs provisions and ...
Michael fekete and howard fohr lexpert casl computer programs provisions and ...Michael fekete and howard fohr lexpert casl computer programs provisions and ...
Michael fekete and howard fohr lexpert casl computer programs provisions and ...bsookman
 
Sookman primetime presentation
Sookman primetime presentationSookman primetime presentation
Sookman primetime presentationbsookman
 
Sookman lexpert casl_slides
Sookman lexpert casl_slidesSookman lexpert casl_slides
Sookman lexpert casl_slidesbsookman
 
Internet Intermediaries Liability
Internet Intermediaries LiabilityInternet Intermediaries Liability
Internet Intermediaries LiabilityCedric Manara
 
Liability of ISP in case of Illegal Downloads
Liability of ISP in case of Illegal DownloadsLiability of ISP in case of Illegal Downloads
Liability of ISP in case of Illegal DownloadsRaunaq Jaiswal
 
Internet Jurisdiction Primer
Internet Jurisdiction PrimerInternet Jurisdiction Primer
Internet Jurisdiction PrimerGraham Smith
 
House Bill 632 Testimony
House Bill 632 TestimonyHouse Bill 632 Testimony
House Bill 632 TestimonyHawaii Open Data
 
Communications Privacy and the State
Communications Privacy and the StateCommunications Privacy and the State
Communications Privacy and the StateGraham Smith
 
Wishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationWishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationMiles Williams
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Comments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawComments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawArden Chan
 
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPCanada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPMiles Williams
 
Anti-Spam Presentation
Anti-Spam Presentation Anti-Spam Presentation
Anti-Spam Presentation Miles Williams
 
Privacy Access Letter I Feb 5 07
Privacy Access Letter I Feb 5 07Privacy Access Letter I Feb 5 07
Privacy Access Letter I Feb 5 07Constantine Karbaliotis
 
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastMichael Owen
 
CJIS Projects NICS 2015 v2 [Autosaved]
CJIS Projects NICS 2015 v2 [Autosaved]CJIS Projects NICS 2015 v2 [Autosaved]
CJIS Projects NICS 2015 v2 [Autosaved]Heriberto Luna
 
CIPS ON CASL presentation Mar 20 2014
CIPS ON CASL presentation Mar 20 2014CIPS ON CASL presentation Mar 20 2014
CIPS ON CASL presentation Mar 20 2014Lisa Abe-Oldenburg, B.Comm., JD.
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonPatton Boggs LLP
 
Vermont Information Consortium 2014 Report
Vermont Information Consortium 2014 ReportVermont Information Consortium 2014 Report
Vermont Information Consortium 2014 ReportNIC Inc | EGOV
 
Information Security: The Trinidad & Tobago Legal Context
Information Security: The Trinidad & Tobago Legal ContextInformation Security: The Trinidad & Tobago Legal Context
Information Security: The Trinidad & Tobago Legal ContextJason Nathu
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeAnirban Mandal
 
Cyber crime 1
Cyber crime 1Cyber crime 1
Cyber crime 1Anirban Mandal
 
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumImpact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumConstantine Karbaliotis
 
Existing Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesExisting Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesVishni Ganepola
 
Data Protection and Journalism: The Changing Landscape
Data Protection and Journalism: The Changing LandscapeData Protection and Journalism: The Changing Landscape
Data Protection and Journalism: The Changing LandscapeDavid Erdos
 
Legal Obligations of Technology Service Providers as Intermediaries
Legal Obligations of Technology Service Providers as IntermediariesLegal Obligations of Technology Service Providers as Intermediaries
Legal Obligations of Technology Service Providers as IntermediariesEquiCorp Associates
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Constantine Karbaliotis
 
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...Vishni Ganepola
 
Dan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertDan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertbsookman
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_bsookman
 

Weitere ähnliche Inhalte

Was ist angesagt?

Wishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationWishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationMiles Williams
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Comments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawComments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawArden Chan
 
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPCanada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPMiles Williams
 
Anti-Spam Presentation
Anti-Spam Presentation Anti-Spam Presentation
Anti-Spam Presentation Miles Williams
 
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastMichael Owen
 
CJIS Projects NICS 2015 v2 [Autosaved]
CJIS Projects NICS 2015 v2 [Autosaved]CJIS Projects NICS 2015 v2 [Autosaved]
CJIS Projects NICS 2015 v2 [Autosaved]Heriberto Luna
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonPatton Boggs LLP
 
Vermont Information Consortium 2014 Report
Vermont Information Consortium 2014 ReportVermont Information Consortium 2014 Report
Vermont Information Consortium 2014 ReportNIC Inc | EGOV
 
Information Security: The Trinidad & Tobago Legal Context
Information Security: The Trinidad & Tobago Legal ContextInformation Security: The Trinidad & Tobago Legal Context
Information Security: The Trinidad & Tobago Legal ContextJason Nathu
 
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumImpact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumConstantine Karbaliotis
 
Existing Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesExisting Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesVishni Ganepola
 
Data Protection and Journalism: The Changing Landscape
Data Protection and Journalism: The Changing LandscapeData Protection and Journalism: The Changing Landscape
Data Protection and Journalism: The Changing LandscapeDavid Erdos
 
Legal Obligations of Technology Service Providers as Intermediaries
Legal Obligations of Technology Service Providers as IntermediariesLegal Obligations of Technology Service Providers as Intermediaries
Legal Obligations of Technology Service Providers as IntermediariesEquiCorp Associates
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Constantine Karbaliotis
 
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...Vishni Ganepola
 

Was ist angesagt? (20)

Wishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationWishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam Presentation
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal Data
 
Comments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawComments on Draft Philippine FOI Law
Comments on Draft Philippine FOI Law
 
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPCanada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
 
Anti-Spam Presentation
Anti-Spam Presentation Anti-Spam Presentation
Anti-Spam Presentation
 
Privacy Access Letter I Feb 5 07
Privacy Access Letter I Feb 5 07Privacy Access Letter I Feb 5 07
Privacy Access Letter I Feb 5 07
 
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
 
CJIS Projects NICS 2015 v2 [Autosaved]
CJIS Projects NICS 2015 v2 [Autosaved]CJIS Projects NICS 2015 v2 [Autosaved]
CJIS Projects NICS 2015 v2 [Autosaved]
 
CIPS ON CASL presentation Mar 20 2014
CIPS ON CASL presentation Mar 20 2014CIPS ON CASL presentation Mar 20 2014
CIPS ON CASL presentation Mar 20 2014
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
 
Vermont Information Consortium 2014 Report
Vermont Information Consortium 2014 ReportVermont Information Consortium 2014 Report
Vermont Information Consortium 2014 Report
 
Information Security: The Trinidad & Tobago Legal Context
Information Security: The Trinidad & Tobago Legal ContextInformation Security: The Trinidad & Tobago Legal Context
Information Security: The Trinidad & Tobago Legal Context
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime 1
Cyber crime 1Cyber crime 1
Cyber crime 1
 
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumImpact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada Symposium
 
Existing Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber CrimesExisting Sri Lankan Legal Framework on Cyber Crimes
Existing Sri Lankan Legal Framework on Cyber Crimes
 
Data Protection and Journalism: The Changing Landscape
Data Protection and Journalism: The Changing LandscapeData Protection and Journalism: The Changing Landscape
Data Protection and Journalism: The Changing Landscape
 
Legal Obligations of Technology Service Providers as Intermediaries
Legal Obligations of Technology Service Providers as IntermediariesLegal Obligations of Technology Service Providers as Intermediaries
Legal Obligations of Technology Service Providers as Intermediaries
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
 
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
RECOMMENDATIONS AND LESSONS FROM OTHER JURISDICTIONS TO ENHANCE THE EFFECTIV...
 

Ähnlich wie Sookman oba casl._slides

Dan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertDan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertbsookman
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_bsookman
 
Sookman montreal bar_casl_talk
Sookman montreal bar_casl_talkSookman montreal bar_casl_talk
Sookman montreal bar_casl_talkbsookman
 
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...Yar Chaikovsky
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...Cédric Laurant
 
The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux
The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux
The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux Ryan Thurman
 
Sookman casl and universities
Sookman casl and universitiesSookman casl and universities
Sookman casl and universitiesbsookman
 
Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...
Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...
Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...Now Dentons
 
2 Understand what is meant by professional practice
2 Understand what is meant by professional practice2 Understand what is meant by professional practice
2 Understand what is meant by professional practiceMark Anthony Kavanagh
 
PED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptx
PED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptx
PED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptxRegineManuel2
 
Anti-circumvention and ISP liability provisions in Free Trade Agreements.
Anti-circumvention and ISP liability provisions in Free Trade Agreements.Anti-circumvention and ISP liability provisions in Free Trade Agreements.
Anti-circumvention and ISP liability provisions in Free Trade Agreements.blogzilla
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyersNicole Black
 
What are the new laws under Canada Digital Privacy Act.pdf
What are the new laws under Canada Digital Privacy Act.pdfWhat are the new laws under Canada Digital Privacy Act.pdf
What are the new laws under Canada Digital Privacy Act.pdfRiley Claire
 
Farm Data: Examining the Legal Issues
Farm Data: Examining the Legal Issues Farm Data: Examining the Legal Issues
Farm Data: Examining the Legal Issues Roger Royse
 
p Project Presentatimnkhihihihihihon.pdf
p Project Presentatimnkhihihihihihon.pdfp Project Presentatimnkhihihihihihon.pdf
p Project Presentatimnkhihihihihihon.pdfbadangayonmgb
 
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009 Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009 EuroCloud
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
 
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...TrustArc
 
Session B: Handout 1
Session B: Handout 1Session B: Handout 1
Session B: Handout 1feitwincities
 

Ähnlich wie Sookman oba casl._slides (20)

Dan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertDan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpert
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_
 
Sookman montreal bar_casl_talk
Sookman montreal bar_casl_talkSookman montreal bar_casl_talk
Sookman montreal bar_casl_talk
 
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
 
The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux
The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux
The State of the TCPA: Consent, Dialers, the FCC -- the Law is in Flux
 
Sookman casl and universities
Sookman casl and universitiesSookman casl and universities
Sookman casl and universities
 
Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...
Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...
Anti-Spam 101: Risks and Implications for Businesses - Complying with the new...
 
2 Understand what is meant by professional practice
2 Understand what is meant by professional practice2 Understand what is meant by professional practice
2 Understand what is meant by professional practice
 
PED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptx
PED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptx
PED-8-GROUP-4-REPORT.pptxPED-8-GROUP-4-REPORT.pptx
 
Anti-circumvention and ISP liability provisions in Free Trade Agreements.
Anti-circumvention and ISP liability provisions in Free Trade Agreements.Anti-circumvention and ISP liability provisions in Free Trade Agreements.
Anti-circumvention and ISP liability provisions in Free Trade Agreements.
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyers
 
What are the new laws under Canada Digital Privacy Act.pdf
What are the new laws under Canada Digital Privacy Act.pdfWhat are the new laws under Canada Digital Privacy Act.pdf
What are the new laws under Canada Digital Privacy Act.pdf
 
Farm Data: Examining the Legal Issues
Farm Data: Examining the Legal Issues Farm Data: Examining the Legal Issues
Farm Data: Examining the Legal Issues
 
p Project Presentatimnkhihihihihihon.pdf
p Project Presentatimnkhihihihihihon.pdfp Project Presentatimnkhihihihihihon.pdf
p Project Presentatimnkhihihihihihon.pdf
 
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009 Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
 
Data breaches at home and abroad
Data breaches at home and abroad Data breaches at home and abroad
Data breaches at home and abroad
 
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
 
Session B: Handout 1
Session B: Handout 1Session B: Handout 1
Session B: Handout 1
 

Mehr von bsookman

Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016bsookman
 
Copyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v SodracCopyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v Sodracbsookman
 
ALAI Canada: Colloque Annual
ALAI Canada: Colloque AnnualALAI Canada: Colloque Annual
ALAI Canada: Colloque Annualbsookman
 
Sookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slidesSookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slidesbsookman
 
Sookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in reviewSookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in reviewbsookman
 
Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)bsookman
 
Wally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesWally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesbsookman
 
Oliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingOliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingbsookman
 
Monica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsMonica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsbsookman
 
Casl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slidesCasl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slidesbsookman
 
Sookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_finalSookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_finalbsookman
 
Bloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-reviewBloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-reviewbsookman
 
Sookman justice canada_keynote
Sookman justice canada_keynoteSookman justice canada_keynote
Sookman justice canada_keynotebsookman
 
Challenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology CompaniesChallenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology Companiesbsookman
 
Docs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposiumDocs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposiumbsookman
 
Sookman oba confernece_using_social_media
Sookman oba confernece_using_social_mediaSookman oba confernece_using_social_media
Sookman oba confernece_using_social_mediabsookman
 
Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013bsookman
 
Sookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentationSookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentationbsookman
 
Sookman law society_6_min_business_law
Sookman law society_6_min_business_lawSookman law society_6_min_business_law
Sookman law society_6_min_business_lawbsookman
 
Sookman ryerson conference
Sookman ryerson conferenceSookman ryerson conference
Sookman ryerson conferencebsookman
 

Mehr von bsookman (20)

Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
 
Copyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v SodracCopyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v Sodrac
 
ALAI Canada: Colloque Annual
ALAI Canada: Colloque AnnualALAI Canada: Colloque Annual
ALAI Canada: Colloque Annual
 
Sookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slidesSookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slides
 
Sookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in reviewSookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in review
 
Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)
 
Wally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesWally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challenges
 
Oliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingOliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertising
 
Monica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsMonica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuions
 
Casl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slidesCasl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slides
 
Sookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_finalSookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_final
 
Bloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-reviewBloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-review
 
Sookman justice canada_keynote
Sookman justice canada_keynoteSookman justice canada_keynote
Sookman justice canada_keynote
 
Challenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology CompaniesChallenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology Companies
 
Docs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposiumDocs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposium
 
Sookman oba confernece_using_social_media
Sookman oba confernece_using_social_mediaSookman oba confernece_using_social_media
Sookman oba confernece_using_social_media
 
Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013
 
Sookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentationSookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentation
 
Sookman law society_6_min_business_law
Sookman law society_6_min_business_lawSookman law society_6_min_business_law
Sookman law society_6_min_business_law
 
Sookman ryerson conference
Sookman ryerson conferenceSookman ryerson conference
Sookman ryerson conference
 

Kürzlich hochgeladen

如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书 如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书Fir sss
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementShubhiSharma858417
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书SD DS
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Dr. Oliver Massmann
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeBlayneRush1
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书Fir sss
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiBlayneRush1
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Companyaneesashraf6
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791BlayneRush1
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaAbheet Mangleek
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书Fir sss
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionNilamPadekar1
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsAbdul-Hakim Shabazz
 
Group 2 Marlaw Definition of Bill of Lading .pptx
Group 2 Marlaw Definition of Bill of Lading .pptxGroup 2 Marlaw Definition of Bill of Lading .pptx
Group 2 Marlaw Definition of Bill of Lading .pptxjohnpazperpetua10
 

Kürzlich hochgeladen (20)

如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书 如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreement
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
 
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Serviceyoung Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Company
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in India
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 sedition
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
 
Group 2 Marlaw Definition of Bill of Lading .pptx
Group 2 Marlaw Definition of Bill of Lading .pptxGroup 2 Marlaw Definition of Bill of Lading .pptx
Group 2 Marlaw Definition of Bill of Lading .pptx
 

Sookman oba casl._slides

  • 1. McCarthy Tétrault LLP / mccarthy.ca / 13300658 OBA: Countdown to Canada’s Anti-Spam Legislation: Make Sure You are Ready Barry B. Sookman McCarthy Tétrault LLP bsookman@mccarthy.ca 416-601-7949 April 7, 2014
  • 2. SCOPE OF CASL • Anti-SPAM • Anti-spyware/malware • Amendments to PIPEDA prohibiting address harvesting and personal information harvesting • Amendments to the Competition Act prohibiting false or misleading representations in electronic messages, sender information in electronic messages, subject matter information in electronic messages, locaters McCarthy Tétrault LLP / mccarthy.ca / 13300658 2
  • 3. CASL HISTORY • Received royal assent on December 15, 2010. • Original draft regulations were published in the summer of 2011 by the CRTC and Industry Canada. The Canadian business community raised serious objections to their strict requirements. • The CRTC enacted revised regulations which were finalized on March 28, 2012. • CRTC issues 2 sets of Guidelines - October, 2012 • Revised draft regulations from Industry Canada on January 5, 2013. The Canadian business community, non-profit community, colleges, universities and others all raised serious concerns. • Industry Canada released finalized regulations on December 4, 2013. • CRTC issued FAQ - December 2013 • Messaging Provisions coming into force -July 2014. Computer Programs provisions coming into force -January 2015. Private Right of Action coming into force - July 2017. McCarthy Tétrault LLP / mccarthy.ca / 13300658 3
  • 4. WHAT YOU NEED TO CONSIDER IN DEVELOPING A COMPLIANCE PROGRAM • CASL • CRTC Regulations • Industry Canada regulations • Regulatory Impact Analysis Statement • CRTC Guidelines on the interpretation of the Electronic Commerce Protection Regulations (Oct. 10, 2012) • CRTC Guidelines on the use of toggling as a means of obtaining express consent under Canada’s anti-spam legislation (Oct. 10, 2012) • CRTC FAQ Canada’s Anti-Spam Legislation (December 18, 2013) McCarthy Tétrault LLP / mccarthy.ca / 13300658 4
  • 5. Is there a need to be concerned about CASL? McCarthy Tétrault LLP / mccarthy.ca / 13300658 5
  • 6. VERY HIGH LIABILITY ¬ Administrative monetary penalties (AMPS) with caps up $10 million for an organization. (s.20(4)) ¬ Private rights of action by anyone affected by a prohibited act (s.47(1)) with liability that consists of: ¬ compensation for loss, damages and expenses; and ¬ extensive awards that are capped at: ¬ $1 million per day for breach of SPAM, malware, spyware, message routing, address and personal information harvesting, and Competition Act provisions; ¬ $1 million for each act of aiding, inducing, or procuring a breach of the SPAM, malware and spyware, and message routing provisions, plus liability up to $1 million per day for breach of SPAM, malware, spyware, and message routing provisions. ¬ Risk of class actions. ¬ Will be in force January 1, 2017. Are prior claims covered? McCarthy Tétrault LLP / mccarthy.ca / 13300658 6
  • 7. EXTENSIVE ACCESSORIAL AND VICARIOUS LIABILITY ¬ Liability extends to any person who aids, induces or procures a prohibited act. (s.9) ¬ Senders of CEMs are liable for acts of their employees within the scope of their authority. (s.32, s.53) ¬ Liability extends to officers, directors, and agents if they directed, authorized, assented to, acquiesced, or participated in the prohibited act. (s.31, s.52) ¬ Risk implications too easy to pierce corporate veil; requirements for insurance? ¬ Does the risk make sense? McCarthy Tétrault LLP / mccarthy.ca / 13300658 7
  • 8. McCarthy Tétrault LLP / mccarthy.ca TERRITORIAL REACH • The anti-spam provisions apply to any message where a computer system located “in Canada is used to send or access the electronic message”. (s.12(1)) • Anti-spam exception IC Regs 3(f) “if the person who sends the message or causes or permits it to be sent reasonably believes the message will be accessed in a foreign state that is listed in the schedule and the message conforms to the law of the foreign state that addresses conduct that is substantially similar to conduct prohibited under section 6 of the Act”; • The computer program provisions apply “if the computer system is located in Canada at the relevant time or if the person either is in Canada at the relevant time or is acting under the direction of a person who is in Canada at the time when they give the directions”. (s.8(2)). McCarthy Tétrault LLP / mccarthy.ca / 13300658 8
  • 9. Anti-Spyware/Malware Provisions and Regulations McCarthy Tétrault LLP / mccarthy.ca / 13300658 9
  • 10. Question: What countries have anti- malware/spyware laws that are similar to those in CASL? McCarthy Tétrault LLP / mccarthy.ca / 13300658 10
  • 11. McCarthy Tétrault LLP / mccarthy.ca / 13300658 11
  • 12. THE PROHIBITION 8. (1) A person must not, in the course of a commercial activity, install or cause to be installed a computer program on any other person’s computer system or, having so installed or caused to be installed a computer program, cause an electronic message to be sent from that computer system, unless: (a) the person has obtained the express consent of the owner or an authorized user of the computer system and complies with [the disclosure requirements of] subsection 11(5); or (b) the person is acting in accordance with a court order. Problems: Implied consents cannot be relied upon. Only express consents are valid, assuming compliance with the disclosure requirements. Written agreements or click-wraps will comply, assuming the consent is not bundled in the agreement. Web wrap agreements will likely not comply. McCarthy Tétrault LLP / mccarthy.ca / 13300658 12
  • 13. WHAT PROGRAMS DOES CASL APPLY TO? • Applies to “computer programs” (defined in subsection 342.1(2) of the Criminal Code) as meaning “data representing instructions or statements that, when executed in a computer system, causes the computer system to perform a function”. Includes apps and updates. • Note: Computer programs are not limited to malware or spyware. • Installed on another person’s “computer system” ” (defined in subsection 342.1(2) of the Criminal Code) as meaning “a device that, or a group of interconnected or related devices one or more of which, (a) contains computer programs or other data, and (b) pursuant to computer programs, (i) performs logic and control, and (ii) may perform any other function”. • Note: Computer systems could include: servers, PCs, smartphones, tablets, ebook readers, the “Cloud”, websites and web services, industrial machines, appliances, autos, and other consumer products. McCarthy Tétrault LLP / mccarthy.ca / 13300658 13
  • 14. WHAT PROGRAMS DOES CASL APPLY TO? • RIAS: “the requirements under CASL for the installation of computer programs only apply to the installation of computer programs on another person’s computer system. CASL will not apply to installations carried out by persons on their own computing devices.” ¬ A consumer buys a program on a physical media and installs the program on a home computer? ¬ A manufacturer pre-installs a program on a computer, machine, device or appliance and directly, or through a channel, sells the product to consumers? ¬ A retailer offers computer services such as to install software or to repair or configure computers or installs updates? While new hardware or software is installed by the service provider, the program may automatically go to a web site to look for and download an upgrade? ¬ A person goes to a website to download a program? McCarthy Tétrault LLP / mccarthy.ca / 13300658 14
  • 15. WHAT PROGRAMS DOES CASL APPLY TO? A person is considered to expressly consent to the installation of a computer program if: a) the program is: i. a cookie, ii. HTML code, iii. Java Scripts, iv. an operating system, v. any other program that is executable only through the use of another computer program whose installation or use the person has previously expressly consented to, or vi. any other program specified in the regulations; and b) the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation. (s.10(8)) NOTE:, there is no express waiver of the disclosure requirement, but disclosure is only required where express requests are being sought. McCarthy Tétrault LLP / mccarthy.ca / 13300658 15
  • 16. WHAT PROGRAMS DOES CASL APPLY TO? RIAS: ¬ “In addition, the software on some computer dedicated systems in automobiles may be “operating systems”, such as computers that operate specific functions like braking. There is deemed consent to update that as operating systems under the Act.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 16
  • 17. GETTING EXPRESS CONSENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS Obtaining consent: A person who seeks express consent must, when requesting consent, set out clearly and simply the following information: (a) the purpose or purposes for which the consent is being sought; (b) prescribed information that identifies the person seeking consent and, if the person is seeking consent on behalf of another person, prescribed information that identifies that other person; and (c) any other prescribed information.” (s.10(1)). McCarthy Tétrault LLP / mccarthy.ca / 13300658 17
  • 18. DISCLOSURE REQUIREMENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS Two levels of disclosure required when obtaining consent. 1. Minimum Disclosure: A person who seeks express consent, must when requesting consent, also, in addition to setting out any other prescribed information, must clearly and simply describe, in general terms the function and purpose of the computer program that is to be installed if the consent is given. (s.10(3)) McCarthy Tétrault LLP / mccarthy.ca / 13300658 18
  • 19. 2. Enhanced Disclosure: If the computer program meets one of the specified “malware” or “spyware” criteria in s.10(5), “the person who seeks express consent must, when requesting consent, clearly and prominently, and separately and apart from the licence agreement, (a) describe the program’s material elements that perform the function or functions, including the nature and purpose of those elements and their reasonably foreseeable impact on the operation of the computer system; and (b) bring those elements to the attention of the person from whom consent is being sought in the prescribed manner”. DISCLOSURE REQUIREMENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS McCarthy Tétrault LLP / mccarthy.ca / 13300658 19
  • 20. ¬ Enhanced Disclosure: The enhanced disclosure standard applies where ¬ the program performs functions that the person knows and intends will cause the computer system to operate in a manner that is contrary to the reasonable expectations of the owner or authorized user of the computer ¬ collects personal information; ¬ interferes with control of the computer; ¬ changes or interferes with settings preferences or commands; ¬ obstructs, interrupts, or interferes with access to data; ¬ causes the computer to communicate with another computer without authorization,: ¬ installing a computer program that can be activated by a third party: ¬ installing a bot, or something set out in the regulations; ¬ but not merely transmission data. (s.10(5) &(6)). DISCLOSURE REQUIREMENTS TO COMPLY WITH “MALWARE” AND “SPYWARE” PROVISIONS McCarthy Tétrault LLP / mccarthy.ca / 13300658 20
  • 21. MEANING OF “SOUGHT SEPARATELY” CRTC Guidelines: a. What does “sought separately” mean? 14. The Commission considers that in order to meet the requirement of seeking consent separately, the person seeking consent must identify and obtain specific and separate consent for each act contemplated by the sections of the Act described in paragraph 13 above. Accordingly, consent for each act above must be sought separately from any other act captured by sections 6 to 8 of the Act. The Commission also considers that the activities captured by each of the above acts are distinct, as are the consequences. 15. For example, the Commission considers that persons must be able to grant their consent for the installation of a computer program while refusing to grant their consent for receiving CEMs. However, the Commission does not consider it necessary for consent to be sought separately for each instance of the acts listed in paragraph 13 above, as long as the consent request is in accordance with subsections 10(1), 10(2), 10(3), and 10(4) of the Act, where applicable. McCarthy Tétrault LLP / mccarthy.ca / 13300658 21
  • 22. REQUESTS FOR CONSENT CRTC Guidelines ¬ 6. The Commission considers that requests for consent contemplated above must not be subsumed in, or bundled with, requests for consent to the general terms and conditions of use or sale. The underlying objective is that the specific requests for consent in question must be clearly identified to the persons from whom the consent is being sought. For example, persons must be able to grant their consent to the terms and conditions of use or sale while, for instance, refusing to grant their consent for receiving CEMs. McCarthy Tétrault LLP / mccarthy.ca / 13300658 22
  • 23. CRTC Regulations, s.5 (unchanged): 5. A computer program’s material elements that perform one or more of the functions listed in subsection 10(5) of the Act must be brought to the attention of the person from whom consent is being sought separately from any other information provided in a request for consent and the person seeking consent must obtain an acknowledgement in writing from the person from whom consent is being sought that they understand and agree that the program performs the specified functions. ENHANCED DISCLOSURE IN REGULATIONS McCarthy Tétrault LLP / mccarthy.ca / 13300658 23
  • 24. EXCEPTIONS FOR SOFTWARE UPDATES, UPGRADES AND PATCHES The formalities for obtaining express consent (ss.10(1) and (3)) are not required for the installation of an update or upgrade so long as the installation or use of the computer program being updated was expressly consented to and the person who gave the consent is entitled to, and does receive the update under the terms of the express consent. (s.10(7)) Problem: ¬ There is no express exception that permits installation of an update or upgrade without consent. ¬ The original consent to install a program must include a consent to install updates or upgrades or they cannot be installed without requesting and obtaining a new consent. McCarthy Tétrault LLP / mccarthy.ca / 13300658 24
  • 25. GETTING EXPRESS CONSENTS TO INSTALL UPDATES AND UPGRADES RIAS: ¬ “For updates and upgrades to computer programs installed after CASL comes into force, the Act allows companies to get the consent of the owner or authorized user for future updates or upgrades to the computer program at the same time they obtain consent for the original installation, or when the user is downloading. That is, when a computer program is installed, consent must in general be requested in accordance with the Act, but there are no requirements for the form of a request for consent to install updates and upgrades, whether that consent is requested in advance or when the update or upgrade is installed.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 25
  • 26. GETTING EXPRESS CONSENTS TO INSTALL PROGRAMS CRTC Reg s.4. For the purposes of subsections 10(1) and (3) of the Act, a request for consent may be obtained orally or in writing and must be sought separately for each act described in sections 6 to 8 of the Act and must include (a) the name by which the person seeking consent carries on business, if different from their name, if not, the name of the person seeking consent; (b) if the consent is sought on behalf of another person, the name by which the person on whose behalf consent is sought carries on business, if different from their name, if not, the name of the person on whose behalf consent is sought; (c) if consent is sought on behalf of another person, a statement indicating which person is seeking consent and which person on whose behalf consent is sought; and (d) the mailing address, and either a telephone number providing access to an agent or a voice messaging system, an email address or a web address of the person seeking consent or, if different, the person on whose behalf consent is sought; and (e) a statement indicating that the person whose consent is sought can withdraw their consent. Problems: Each consent must be separate; how can consent be withdrawn for a program that is already installed? McCarthy Tétrault LLP / mccarthy.ca / 13300658 26
  • 27. Withdrawal of consent: If the computer program installed meets one of the specified “malware” or “spyware” criteria in s.10(5), the person who installs the program with consent must for 1 year provide an electronic address to which a request can be sent to remove or disable the computer program if the requestor believes that the function, purpose or impact of the computer program installed under the consent was not accurately described when consent was requested; and if the consent was based on an inaccurate description of the material elements of the enumerated function or functions, must, without cost to the person who gave consent, assist that person in removing or disabling the computer program as soon as feasible. (s.11(5)) WITHDRAWAL OF CONSENT FOR “SPYWARE” FUNCTIONALITY McCarthy Tétrault LLP / mccarthy.ca / 13300658 27
  • 28. NEW EXCEPTIONS – (IC REGS S.6) • (a) network security • (b) updates and upgrades to a network • (c) correcting computer program failures. NOTE: exemptions are subject to the condition that “the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation”. (s.10(8)) RIAS: ¬ “Note that the Act only applies to computer programs installed in the course of commercial activity, a defined term that excludes public safety and other purposes, so issues of public safety. However, for software issues that are not matters of public safety, the Regulations provide for deemed consent for the installation of computer programs that are necessary to correct a failure in the operation of a computer system or program that is already installed.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 28
  • 29. NEW EXCEPTION – NETWORK SECURITY (IC REGS S.6) (a) a program that is installed by or on behalf of a telecommunications service provider solely to protect the security of all or part of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network; ¬ RIAS: ¬ “Note that CASL provides a broad definition of a Telecommunications Service Provider (TSP), which includes any persons who together or independently provides a telecommunications service. These services include features of services delivered by means of telecommunications facilities including network routers and servers, regardless whether the provider owns, leases or has any interest in or right to the equipment and software used to provide the telecommunications service…. ¬ The Regulations provide deemed consent for any companies or individuals who together or independently provide a telecommunications service, defined in the Act as a Telecommunications Service Provider (TSP), to install a computer program for the limited purposes of protecting the security of all or part of its network from a current and identifiable threat to its availability, reliability, efficiency, or optimal use… ¬ It should also be noted, that auto manufacturers may be TSPs for the purposes of CASL when they run computing networks such as GM’s OnStar or Ford’s Sync…” McCarthy Tétrault LLP / mccarthy.ca / 13300658 29
  • 30. NEW EXCEPTION – UPDATE A NETWORK (IC REGS S.6) • (b) program that is installed, for the purpose of updating or upgrading the network, by or on behalf of the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network; • Will the definition of TSP be broad enough to include all networks such as those operated by vehicle manufacturers, appliance manufacturers and others who provide products and services to consumers? • Where is the end node of the network such as the network of a vehicle manufacturer? • How will TSPs be able to conclude that all users of its network are consenting to the installation of the program? McCarthy Tétrault LLP / mccarthy.ca / 13300658 30
  • 31. NEW EXCEPTION – CORRECTING PROGRAM FAILURES (IC REGS S.6) ¬ (c) a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose. ¬ RIAS: ¬ “Some stakeholders argued that they should not be required to get consent every time they install an update or upgrade. CASL provides a three year transitional period to continue updates and upgrades to existing computer programs, after which they will be required to get express consent to continue updates in the future, if they don’t fall under one of the exemptions.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 31
  • 32. TRANSITIONAL PROVISIONS ¬ S67. “If a computer program was installed on a person’s computer system before section 8 comes into force, the person’s consent to the installation of an update or upgrade to the program is implied until the person gives notification that they no longer consent to receiving such an installation or until three years after the day on which section 8 comes into force, whichever is earlier.” ¬ RIAS: ¬ “Auto manufacturers were also concerned that the three year transitional period in section 67 would limit their ability to continue to install updates or upgrades to computer programs on automobiles. To address this concern, these Regulations specify that express consent of an individual is deemed for updates and upgrades to computer programs that are installed across all or part of the auto manufacturer’s network, and the installation of computer programs to correct failures in the operation of the computer system or an existing program.” McCarthy Tétrault LLP / mccarthy.ca / 13300658 32
  • 33. VANCOUVER Suite 1300, 777 Dunsmuir Street P.O. Box 10424, Pacific Centre Vancouver BC V7Y 1K2 Tel: 604-643-7100 Fax: 604-643-7900 Toll-Free: 1-877-244-7711 CALGARY Suite 3300, 421 7th Avenue SW Calgary AB T2P 4K9 Tel: 403-260-3500 Fax: 403-260-3501 Toll-Free: 1-877-244-7711 TORONTO Box 48, Suite 5300 Toronto Dominion Bank Tower Toronto ON M5K 1E6 Tel: 416-362-1812 Fax: 416-868-0673 Toll-Free: 1-877-244-7711 MONTRÉAL Suite 2500 1000 De La Gauchetière Street West Montréal QC H3B 0A2 Tel: 514-397-4100 Fax: 514-875-6246 Toll-Free: 1-877-244-7711 QUÉBEC Le Complexe St-Amable 1150, rue de Claire-Fontaine, 7e étage Québec QC G1R 5G4 Tel: 418-521-3000 Fax: 418-521-3099 Toll-Free: 1-877-244-7711 UNITED KINGDOM & EUROPE 125 Old Broad Street, 26th Floor London EC2N 1AR UNITED KINGDOM Tel: +44 (0)20 7786 5700 Fax: +44 (0)20 7786 5702 McCarthy Tétrault LLP / mccarthy.ca / 13300658