The value of Canadian electronic communities and other social media may be going up soon. The proposed legislation in Bill C-28 – the Fighting Internet and Wireless Spam Act (FISA) – will make some significant changes to the law. It will require consent for any email or text messages. Senders of electronic messages will be required to identify themselves, provide contact information and include an unsubscribe feature. Consent will be required for any software or program installation and the consent feature must first disclose any undesirable functions, including the collection of personal information. The FISA will prohibit alteration of data or the diverting of messages to an unintended destination.
The risks to electronic advertisers and media companies will also increase, because the Office of the Privacy Commissioner (OPC), the CRTC and the Competition Bureau will have new powers to share information and evidence with foreign counterparts to pursue violators outside of Canada, and therefore purse Canadians violating our laws in other countries. Penalties of violation of the FISA can be up to $1 million for individuals and up to $10 million for businesses. The Competition Act will be extended to false or misleading marketing in electronic messages. Certain exceptions within the Personal Information Protection and Electronic Documents Act (PIPEDA) will be restricted. And a private right of action will be extended to consumers and businesses to allow lawsuits for violation of FISA. The suggested damage awards are fierce, including $200 per violation to a maximum of $1 million per day, and actual loss, damages and expenses. And, if the Consumer Protection Act can be brought into play, the recent Appeals Court decision in Riendeau v. Brault & Martineau (a great description of the risk was presented in an article No Crime, Lots of Punishment, here, available in Mondaq, by Donald Bisson and Shaun Emery Finn, of McCarthy Tetrault, here,) could mean substantial punitive damages, even without compensatory damages, and Class Action exposures. (The insurance aside to this is that many Professional Liability and D&O policies can only be triggered based on ‘compensatory’ damages, and if this portion of potential loss is not triggered then there might be no defence costs available from the policy.) There is a great article by Arnold Ceballos, here, in Lawyers Weekly, here, provides much better description of bill C-28.
The intent of most evolving legislation on electronic communication is to deter spyware, malware, phishing and the other vehicles used for theft of private information, identity or direct money. FISA might not accomplish that on its own, but it looks like it is going to make waves. The promotion on this bill suggests it is focused on ‘criminal spammers’ and that taking the ‘pro-spam’ side could be political suicide. However, I am sure the law of unintended consequences (are they really unintended by everyone?) will apply and the bill could significantly alter the way legitimate businesses operate, and it could very likely increase the current cost and risks of doing business.
When we think of Social Networks, we think of Facebook and Twitter, but there is a universe of ‘electronic communities’. Message boards, interactive blog sites, membership based information providers, are all communities based on ‘opt-in’ or ‘consent’ based interaction, even if some privacy aspects were not fully understood or communicated. If FISA is farther reaching than criminal spamming and has the affect of stopping other legitimate unsolicited contact, opt-in communities might be the only way to legally reach a large audience. However, the use of a community for distribution has risks. If you want to avoid the direct advertising costs to reach the members of a community, you will have to go through the slow and painstaking task of building your own membership within each community by producing content that is attractive to users. Some companies might urge employees to help with this new method of distribution by building their individual social networks to help promote the company. The result is a lack of control and oversight or what is legitimately considered media and advertising activity.
It was not that many years ago that it was impossible for the average person or small company to reach a very large audience with any message. Now, one blog comment, tweet or video can ‘go viral’ and be viewed by millions of people within minutes. A few weeks ago I was sitting in my office, looking South down University, and could see a mass of black smoke billowing from a high-rise. I could not tell which building or the location, so I searched a number of different main-stream media sites, and could not find any information. It took them at least ten minutes to report on the story, but I had already gone to twitter and viewed multiple pictures from different angles, and knew the exact building and location of the fire, all within 60 seconds of seeing the smoke. One tweet about beg-bugs in a movie theatre is seen by millions of people and immediately broadcasted on mainstream media.
Many companies seeking to get that ‘viral’ hit for free corporate publicity will have almost no media experience and have few or no controls regarding copyright (music, art, video, image or print), libel, slander or defamation, and no planned response to a publication crisis. Many will say “there is no bad publicity” or “I will worry about that after I am able to reach 6 million people.” The problem is that electronic media cannot be controlled, it can’t be erased or deleted, and even an effort to mitigate a loss by ‘printing a retraction’ will not have the same affect because there is no chance the retraction will reach the same audience.
We have incredible opportunity to share information and promote ourselves and our businesses, but it does not come without risk. Legislative changes, like the proposed Bill C-28, PIPEDA and many others, might reduce annoying, invasive or even harmful electronic communication; might reduce the current level of disruption of online commerce; might increase consumer confidence and the electronic marketplace; but it won’t do any of this with risk.
Greg Shields, Partner, Mitchell Sandham Insurance Brokers, 416 862-5626, email@example.com
CAUTION: The information contained in the Mitchell Sandham website or blog does not constitute a legal opinion or insurance advice and must not be construed as such. It is important to always consult a registered insurance broker and a lawyer who is a member of the Bar or Law Society of the relevant jurisdiction with regard to this material before making any insurance or legal decision. All material is copyrighted by Mitchell Sandham Inc. and may not be reproduced in any form for commercial purposes without the express written consent of Mitchell Sandham Inc. Anyone seeking to link this site from any external website must seek the consent of Mitchell Sandham Inc. by sending an e-mail to firstname.lastname@example.org.