The Year in Tech Law and Policy: My Annual A to Z Review
The past twelve months in law and technology were exceptionally active, with new legislation, Canadian Radio-television and Telecommunications Commission hearings, national consultations, and very public battles over digital issues. My weekly technology law column (Toronto Star version, homepage version) takes a look back at 2009 from A to Z:
A is for the Anti-Counterfeiting Trade Agreement, the secret copyright treaty that generated opposition at home and abroad as details on proposed language leaked out.
B is for Chet Baker, the former jazz great and current lead plaintiff in a $6 billion copyright class action lawsuit filed against the Canadian recording industry for its failure to pay artists for the use of their work.
C is for the Conference Board of Canada, which withdrew three intellectual property reports after acknowledging they contained plagiarized material.
D is for drugs for Africa legislation, which unexpectedly passed second reading in the House of Commons and will be considered by a committee next year.
E is for eBay power sellers, who faced an aggressive campaign by the Canada Revenue Agency to collect unpaid GST. The campaign followed a successful legal effort to force eBay to disclose the sellers' identities.
F is for Facebook, which agreed to make significant privacy changes following a well-publicized investigation by the Privacy Commissioner of Canada.
G is for Google Street View, which launched in Canada this fall, but not before a House of Commons committee probed the likely impact of the new mapping feature.
H is for Louis Rene Hache, who was convicted on charges under the Criminal Code for the illegal reproduction of the film "Dan in Real Life" at a Montreal movie theatre.
I is for i4i, the tiny Toronto firm that scored a big patent victory over software giant Microsoft.
J is for Canadian Heritage Minister James Moore and Industry Minister Tony Clement, who presided over Canada's first national copyright consultation since 2001.
K is for CRTC chair Konrad von Finckenstein, who was in the spotlight with hearings on regulation of new media, Internet traffic management, and broadcast fees.
L is for Lawful access legislation introduced by Public Safety Minister Peter Van Loan in June. Bills C-46 and C-47 languished, however, and have yet to be discussed at committee.
M is for marketing claims on network speed and reliability, the subject of multiple lawsuits that forced Bell and Rogers to drop claims from their advertising campaigns.
N is for net neutrality, which made regulatory and political progress with the release of new CRTC guidelines as well as garnering political support from both the federal Liberal and NDP parties.
O is for one-click, the controversial Amazon.com business method patent that was denied validity by the Canadian Patent Appeal Board.
P is for Psion, the Toronto-owned firm that threatened Dell over the use of the term “netbook.”
Q is for the Queen v. Vasic, a criminal case in which an Ontario court ruled that combining Internet provider customer name and address information with IP address data could render the information sensitive.
R is for Heather Robertson, the freelance writer whose longstanding copyright class action lawsuit neared a conclusive settlement.
S is for spam legislation that was introduced by Tony Clement in April. Bill C-27 is currently before the Senate.
T is for the TV Tax and Local TV Matters marketing campaigns that irritated Canadians from coast to coast.
U is for unwanted telemarketing calls that kept coming despite the existence of a national do-not-call list.
V is for Joanne Veit, an Alberta judge who ruled that Alberta Information and Privacy Commissioner Frank Work was wrong when he concluded the City of Edmonton can't force pawnshops to upload personal client details to an outside company's database.
W is for WindMobile, the operating name of Globalive, a new wireless carrier that was told by the CRTC that it did not comply with foreign control restrictions, only to have the federal Cabinet overrule the regulator weeks later.
X is for the future “X” on electronic voting technologies, which Elections Canada reported it is considering.
Y is for YouTube, which received a video takedown demand from Canada Post. The crown corporation objected to a union-inspired video about the mail carrier's CEO.
Z is for Zoocasa, the real estate search site that was sued by Century 21 Canada for scraping listings from its website.
ECPA Receives First Reading in the Senate
The Electronic Commerce Protection Act received first reading in the Senate on Monday with plans for second reading tomorrow. It will then go to the Senate Standing Committee on Transport and Communications for review.
ECPA (C-27) Passes House of Commons, Moves to Senate
The Electronic Commerce Protection Act, Canada's anti-spam bill (Bill C-27) passed through the House of Commons yesterday as a motion to support sending the bill to the Senate received approval. The bill received all-party support but will undoubtedly face an intense lobbying campaign at the Senate. Copyright lobbyists, real estate agents, and marketing survey companies were among the most aggressive lobby groups seeking changes when the bill was considered by the Industry Committee. Clement stood his ground and the resulting bill is a good one. Indeed, the lobbying efforts and attempts to weaken the bill did not go unnoticed. During yesterday's discussion in the House, NDP MP Brian Masse, the party's representative on the Industry Committee, noted "when it gets to the Senate we will see whether or not there is going to be another lobby effort either to kill the bill or to weaken it some more."
Meanwhile, Liberal MPs who failed to garner support for their reforms were still pressing for changes. MP Siobhan Coady stated "while the Liberal Party believes the bill remains unnecessarily restrictive to legitimate business in its approach in many regards, we will support the bill at third reading as action must be taken against spam. We will monitor the legislation closely going forward to ensure that it does not stifle legitimate electronic commerce in Canada." Getting C-27 through the House is a big step, but the lobby attempts to water down the bill will no doubt be back for another round as the bill hits the Senate.
Industry Committee Issues C-27 Report
The Standing Committee on Industry, Science and Technology has issued its report on Bill C-27. The report includes all the changes to the anti-spam bill, the Electronic Commerce Protection Act.
Anti-Spam Bill Passes Committee Without Copyright Lobby Spyware Provision
Bill C-27, the anti-spam bill, passed through the Industry Committee late Monday with the bill largely intact. Indeed, Industry Minister Tony Clement was true to his word as the several provisions that would have watered down the legislation were dropped (third party referrals, exceptions for survey companies and self-regulated industries) as was a provision promoted by the copyright lobby that would have permitted unauthorized access to personal computers in certain circumstances.
The Liberals on the committee did attempt to introduce several watering down provisions, but each failed. First, the third party referral provision – dropped by the Conservatives – was brought back by the Liberals as Marc Garneau warned that it was important for realtors. The amendment was ruled out of order. Second, a provision to tighten the provision on false subject headers, so that it would only apply in more limited circumstances. The proposed amendment was defeated. Third, the Liberals introduced a provision to limit the scope of spyware to specifically enumerated concerns. It too was defeated.
There’s anonymity on the Internet. Get over it.
In a recent interview prominent antivirus developer Eugene Kaspersky decried the role of anonymity in cybercrime. This is not a new claim – it is touched on in the Commission on Cybersecurity for the 44th Presidency Report and Cybersecurity Act of 2009, among others – but it misses the mark. Any Internet design would allow anonymity. What renders our Internet vulnerable is primarily weakness of software security and authentication, not anonymity.
Consider a hypothetical of three Internet users: Alice, Bob, and Charlie. If Alice wants to communicate anonymously with Charlie, she may relay her messages through Bob. While Charlie knows Bob is an intermediary, Charlie does not know with whom he is ultimately communicating. For even greater anonymity Alice can pass her messages through multiple Bobs, and by applying cryptography she can ensure no individual Bob can piece together that she is communicating with Charlie. This basic approach to anonymity is remarkable in its independence of the Internet’s design: it only requires that some Bob(s) can and do run intermediary software. Even on an Internet where users could verify each other’s identity this means of anonymity would remain viable.
The sad state of software security – the latest DHS weekly bulletin alone identified over 40 “high severity” vulnerabilities – is what enables malicious users to exploit the Internet’s indelible capacity for anonymity. Modifying the prior hypothetical, suppose Alice now wants to spam, phish, denial of service (DoS) attack, or hack Charlie. After compromising Bob’s computer with malicious software (malware), Alice can send emails, host websites, and launch DoS attacks from it; Charlie knows Bob is apparently misbehaving, but has no means of discovering Alice’s role. Nearly all spam, phishing, and DoS attacks are now perpetrated with networks of compromised computers like Bob’s (botnets). At the writing of a July 2009 private sector report, just five botnets sourced nearly 75% of spam. Worse yet, botnets are increasingly self-perpetuating: spam and phishing websites propagate malware that compromises new computers for the botnet.
Shortcomings in authentication, the means of proving one’s identity either when necessary or at all times, are a secondary contributor to the Internet’s ills. Most applications rely on passwords, which are easily guessed or divulged through deception – the very mechanisms of most phishing and account hijacking. There are potential technical solutions that would enable a user to authenticate themselves without the risk of compromising accounts. But any approach will be undermined by weaknesses in underlying software security when a malicious party can trivially compromise a user’s computer.
The policy community is already trending towards acceptance of Internet anonymity and refocusing on software security and authentication; the recent White House Cyberspace Policy Review in particular emphasizes both issues. To the remaining unpersuaded, I can only offer at last a truism: There’s anonymity on the Internet. Get over it.
Defining Network Neutrality
The net neutrality fight is on, as FCC Chairman Julius Genachowski’s proposal for new rules moved on to a Notice of Proposed Rulemaking. Now, the two sides are digging in: AT&T, telcos, and unions on one side; Google and content providers on the other.
I tend to favor protecting end-to-end in the Internet context, but I’m [...]
Government Commits to Withdrawing Lobby Spyware Changes
Bill C-27, the anti-spam bill, is nearly through the Industry Committee with a limited number of changes. The Liberals have already stated that they would not be bringing forward the amendments promoted by the copyright lobby that would have permitted unauthorized access to personal computers in some situations. The same issue arose during Question Period in the House of Commons on Thursday. When asked about it by NDP MP Brian Masse, Industry Minister Tony Clement confirmed that the Conservatives would not bring forward a similar motion.
At Wednesday's hearing, there were a couple of changes instigated by Bloc. First, a specific exception for political parties was inserted into the bill. This is arguably unnecessary since the bill only covers commercial activity. Second, the Bloc succeeded in extending the period of a business relationship from 18 months to two years. The clause-by-clause review should conclude on Monday.
Liberals To Drop Controversial Copyright Lobby Spyware Amendments
With the Industry Committee now scheduled to contact its final clause-by-clause review of Bill C-27 on Wednesday, sources in the Liberal Party advise that its MPs plan to withdraw several controversial copyright lobby-inspired amendments to the computer program and spyware provisions. Since first reported on Friday, thousands of emails and letters protesting the proposals have been sent to Industry committee MPs from all parties. Sources indicate that the Liberals will withdraw three motions actively promoted by the copyright lobby:
- a new definition of computer program that would have excluded surreptitiously installed DRM from the ambit of the bill
- an exception to a ban on the "collection of personal information through any means of telecommunication, if the collection is made by accessing a computer system or causing a computer system to be accessed without authorization" in cases related to investigations of breach of agreements or laws
- an exception for telecom providers to the requirement to obtain express consent before users install programs on their computers
While anything can be happen over the next 24 hours, the decision to withdraw the motions – in combination with the Conservatives reversal on several exceptions that watered down the bill – should mean that the Electronic Commerce Protection Act is preserved as a consumer protection bill as it gets through committee. However, the lobbying to water down the bill will no doubt continue as the bill moves to the floor of the House of Commons and then on to the Senate.
Liberals To Drop Controversial Copyright Lobby Spyware Amendments
With the Industry Committee now scheduled to contact its final clause-by-clause review of Bill C-27 on Wednesday, sources in the Liberal Party advise that its MPs plan to withdraw several controversial copyright lobby-inspired amendments to the computer program and spyware provisions. Since first reported on Friday, thousands of emails and letters protesting the proposals have been sent to Industry committee MPs from all parties. Sources indicate that the Liberals will withdraw three motions actively promoted by the copyright lobby:
- a new definition of computer program that would have excluded surreptitiously installed DRM from the ambit of the bill
- an exception to a ban on the "collection of personal information through any means of telecommunication, if the collection is made by accessing a computer system or causing a computer system to be accessed without authorization" in cases related to investigations of breach of agreements or laws
- an exception for telecom providers to the requirement to obtain express consent before users install programs on their computers
While anything can be happen over the next 24 hours, the decision to withdraw the motions – in combination with the Conservatives reversal on several exceptions that watered down the bill – should mean that the Electronic Commerce Protection Act is preserved as a consumer protection bill as it gets through committee. However, the lobbying to water down the bill will no doubt continue as the bill moves to the floor of the House of Commons and then on to the Senate.
« go back — keep looking »
Categories
Blogroll
Ads and partners
