C-28 finished second reading in the Senate yesterday, and has been refered to the Standing Committee on Transport & Communications for review.
C-28 finished second reading in the Senate yesterday, and has been refered to the Standing Committee on Transport & Communications for review.
Posted by Neil Schwartzman on 10 December 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
Canada's anti-spam bill, C-28 was given a first reading Wednesday, November 24:
Fighting Internet and Wireless Spam Bill
First Reading
The Hon. the Speaker informed the Senate that a message had been received from the House of Commons with Bill C-28, An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act.
(Bill read first time.)
The Hon. the Speaker: Honourable senators, when shall this bill be read the second time?
(On motion of Senator Comeau, bill placed on the Orders of the Day for second reading two days hence.)
Order Paper for Friday, November 26, 2010
No. 1.
November 24, 2010—Second reading of Bill C-28, An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act.
Posted by Neil Schwartzman on 25 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
On Monday and Tuesday we will call ... Bill C-28, fighting Internet and wireless spam - Government House Leader John Baird | The Weekly Statement
Monday's Projected Order of Business indicates C-28 and C-29 are on the docket for today, Monday, November 22. Proceedings start at noon eastern. The house sits for 6.5 hours today. Listen here (HoC Sitting 101)
Posted by Neil Schwartzman on 22 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
From time to time, we see unenlightened comments about the efficacy of laws in the fight against spam. “Laws won’t stop spam” being the most common.
No, they won’t. What laws do is dissuade some people from undertaking shoddy mailing practices or even outright spam campaigns. Laws don’t stop murder, rape and robbery either, but for those un-dissuaded who undertake such heinous crimes, we, as a society, have laws for punitive effect. They pay the price society exacts for their actions. C-28 will attenuate spam in Canada, and help us to fight spam internationally.
Recently, a press release from a small anti-spam company crossed my desk. It was filled with self-serving assertions like the one above, ‘laws won’t stop spam’ and other incorrect facts.
I’d like to take a moment to dispel some rumours, and fear, uncertainty, and doubt (F.U.D.)
FUD #1: Canada is not a leading originator of spam.
False. There have been reports over the past six months that indicate that there are webhosting companies in this country that host command & control nodes of some of the most pernicious botnets in the world. Spamhaus, at the time of this writing, lists Canada as the eighth –worst country in the world in terms of SBL (Spamhaus BlockList) entries, with 212 of them. See for yourself here
Abuse.ch, who track ZeuS, the largest phishing botnet, has an interactive map which clearly shows activity north of the 49th parallel
Or perhaps the anti-spam company, despite being self-proclaimed ‘leading experts’ is unaware of one Adam Guerbuez, who recently was found liable for a second time to having spammer millions of Facebook users illegally. We suggest a quick Google search to inform themselves might be in order.
FUD #2: C-28 will have no impact on extra-jurisdictional criminal spammers
False. A careful reading of bills C-28 & C-29 show that they make long overdue provision for law enforcement in this country, including creating a Spam Reporting Centre, teams to work to investigate spam, and most importantly, the ability of Canadian LEA to share information with agencies in other countries, something they are ironically prevented from doing under PIPEDA at present time.
FUD #3: The CRTC is charged with enforcing the law, and their Do-Not-Call list didn’t work, so neither with C-28.
Apples & Oranges. The application of Canada’s new anti-spam bill is entirely different on any number of levels, for one, because it will be applied by not one, but three government agencies, initiatives coordinated under the rubric of a spam-reporting centre. Furthermore, the law has a private right of action, allowing private citizens to launch their own cases against spammers.
FUD #4: Businesses will be negatively impacted.
False. Businesses, both big and small have been repeatedly and consistently consulted under the C-28 development process starting as far back as The Federal Task Force on Spam in 2005. Business concerns have testified to parliament, and their comments incorporated into the revision between C-28 and its predecessor, C-27.
The Federal privacy legislation, PIPEDA, has been in place for a decade dictates that Canada is an opt-in régime. If a company is emailing now and is legal, they will very likely be legal under C-28, with some possible minor clarifications to their sending practices, such as header veracity (the subject line and From: addresses should not be falsified) and including a proper unsubscribe mechanism (most companies do this, anyway). C-28 will require business to obtain explicit consent from recipients. That is a simple preventative measure and good practice, which they should be undertaking now, under PIPEDA. Otherwise, they could not prove to the Office of the Privacy Commissioner of Canada that they had in fact gathered an address in a legitimate fashion, were there an investigation launched.
FUD#5 Companies are unaware of the impending passage into law of C-28.
False. I can’t understand how that could be unless company marketers don’t read newspapers, are not on the Internet (and if they aren’t on the Internet how could they possibly be sending email?), or seen nor heard numerous TV and radio pieces devoted to the subject. I’ve personally been interviewed any number of times in this regard.
Perhaps there are still some businesses that have not been made aware of C-28, or if they are aware that there are some small changes, they may need to make to their practices.
CAUCE has addressed both these concerns, by partnering with Canada's largest ESP ThinData, email experts Return Path and the law offices of Kris Klein to release a simple-to-understand C-28 compliance guide. Since October when it was released, the guide has had tremendous uptake, having been publicized to the literally several thousands of email sender clients of ThinData and Return Path.
There is nothing sneaky, or underhanded nor difficult about C-28 compliance, but if a sender does have a particular need, the guide also provides ample pointers to additional resources including marketing and legal consulting services to help them ensure everything in order.
Lastly, once the law is passed, a series of regulations will be published in the Canada Gazette which will explain in specific detail how the law will be applied, and how it impacts esoteric issues such as address book uploads, or other emailing practices.
Clarity (in both official languages) has been a long-standing fundament of the entire C-28 development process, CAUCE would not have had it any other way and to imply differently is completely, totally wrong.
We will be sending a copy of the C-28 Compliance Guide (available for free, here), to that anti-spam company, so they too can ensure they are up to speed with the (soon to be) law.
In the interests of transparency: CAUCE directors Neil Schwartzman, Matt Vernhout, and Shaun Brown work for Return Path, ThinData, and The Law Offices of Kris Klein, respectively
Posted by Neil Schwartzman on 17 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
The Projected Order of Business for Tuesday, November 16, 2010 says:
C-28 — The Minister of Industry — Fighting Internet and Wireless Spam Act — Report stage
Committee Report — presented on Wednesday, November 3, 2010, Sessional Paper No. 8510-403-120.
Motion for third reading — may be made in the same sitting when no report stage motion proposed and the bill is concurred in at that stage, pursuant to Standing Order 76.1(11).
Watch or Listen here (HoC sitting #97), starting at 10 a.m. eastern
Posted by Neil Schwartzman on 16 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
November 03, 2010.
Mr. David Sweet (Ancaster—Dundas—Flamborough—Westdale, CPC):
Mr. Speaker, I have the honour to present, in both official languages, the 10th report of the Standing Committee on Industry, Science and Technology. In accordance with its order of reference of Tuesday, October 18, the committee has considered Bill C-28, An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act, Fighting Internet and Wireless Spam Act, and agreed, on Tuesday, November 2, to report it with amendments.
Posted by Neil Schwartzman on 04 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
Canadian Anti-spam bill C-28 passed through House of Commons Industry, Science and Technology committee in 48 minutes. One objection was made to the short title, and it was removed from the bill. No other amendments were made.
The bill now goes back to the house for 3rd and final reading and a vote.
Posted by Neil Schwartzman on 02 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
Kidnap. Rape. There are no lesser words that can be used to describe what happened to the daughter of an anti-spam investigator in Russia.
His daughter was recently released, according to Joseph Menn’s recent article on Boing Boing, after having been kidnapped from her home five years ago, fed drugs, and made to service men, as a warning to ward off further investigations.
The criminals behind these vicious acts were also responsible for large spamming organization associated with Russian Mob activity.
Note that we say "also."
When someone is mugged, harassed, kidnapped or raped on a sidewalk, we don't call it "sidewalk crime" and call for new laws to regulate sidewalks. It is crime, and those who commit crimes are subject to the full force of the law.
For too long, people have referred to spam in dismissive terms: just hit delete, some say, or let the filters take care of it. Others — most of us, in fact — refer to phishing, which is the first step in theft of real money from real people and institutions, as "cyber crime." It's time for that to stop.
Some of these crimes involve technology. So what? Criminals have used technology before.
Some of these crimes cross borders. So what? Crimes have crossed borders before.
Spam isn't illegal everywhere yet. So what? Spam 2.0 (spam, malware & spyware) is the leading edge of far worse activities, often things that have been illegal as long as we've had laws.
It is high time that governments and law enforcement stop thinking of computer crime as that perpetrated by teenagers in their parent’s basement. It is the Russian Mob and other organized criminals that are doing this.
While we are at it, we should mention ‘cyber-warfare’, something too often conflated with cyber-crime. Cyber-crime is not "cyber-warfare.” There may be state or terrorist agencies copying the tactics and methods of these criminals, but that does not mean that the criminals must be left alone until new cyber-warfare agencies have been created and funded.
As Purdue computer science professor ‘Spaf’ Spafford was recently quoted as saying in a note-worthy piece ‘Cyberwar Vs. Cybercrime’ on the GovInfo Security blog
"Why aren't we seeing the investment and prioritization being made in law enforcement, first? Why is all the publicity, funding and prioritization being given to the military - with efforts such as the build-up of the military cyber command - when so much of the clear and present threat is from the criminal element and not from other nation-states?"
Just so, Prof. Spafford!
As we have said repeatedly on this site, these are criminal gangs who have found an incredible loophole in the justice systems of the world: they can rob banks and people, with little chance of getting caught, let alone going to jail. This is not because they're doing things that aren't illegal; they've just found a new way to hide.
David Black, manager of the RCMP's cyber infrastructure protection section recently said to CAUCE Executive Director Neil Schwartzman “we don’t do spam”. OK, but why not? Spam is no longer, and hasn’t been for some time, about simply sending unwanted emails. Spam is now a delivery mechanism for malware, which in turn threatens infrastructure, and facilitates theft. We have seen precious few cases filed using existing Federal computer intrusions laws in Canada, and none, to our knowledge have been filed under the renovated anti-phishing law, S-4, passed in September 2009.
Governments and law enforcement agencies need to begin to treat online theft with the same seriousness as they do other physical crimes. It is time to bring this up to the diplomatic level, or seriously consider refusing packets from places that treat the Internet, and innocent victims, as their personal ATM.
CAUCE is made up of people who care about email qua email. We understand it, we love it. It is still the ‘killer app’. Furthermore, we understand why some folks in law enforcement or the judiciary might ask, "When there are people stealing millions or hurting people in the commission of violent crimes, why are you wasting our time with 'just' a spam case?” Here's why:
Cyber criminals consider cyber crime to be a virtually riskless offense; they're unlikely to be identified; if identified, they're unlikely to be investigated; if investigated, they're unlikely to be charged and prosecuted; if prosecuted, they're unlikely to be convicted; if convicted, they're unlikely to do jail time.
The courts need to make it clear that that's wrong in all respects. If you commit cyber crimes, you will be identified, investigated, charged, prosecuted, convicted and sentenced to serious time and we will seize your assets.
This will not happen so long as crime, which involves the Internet, is dismissed as "cybercrime" and either scoffed at, or used to justify ever-increasing cyberwarfare budgets
This isn't just email. This isn't a war. This isn't "cyber.” This is crime. It is time to call a cop, and expect a response.
by CAUCE Executives J.D. Falk & Neil Schwartzman
Posted by Neil Schwartzman on 02 November 2010 in Canada, History, Prognostication, Technology, United States, Warnings, World | Permalink | Comments (1) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
Canadian Anti-spam Bill C-28, The Fighting Internet and Wireless Spam Act, FISA, will be discussed at House of Commons Industry, Science and Technology Committee Tuesday, November 02, 2010 11:00-13:00 eastern
Listen here : http://www.parl.gc.ca/Common/index.asp?Language=E
CAUCE will be live tweeting @cauce #FISA
Posted by Neil Schwartzman on 02 November 2010 in Canada | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
Earlier this week a Quebec Judge decided to rule in favour of upholding the record setting judgement of $873 Million USD Montreal resident Adam Guerbuez.
The original case of Facebook v. Atlantis Blue Capital, alleged millions of messges flooded Facebook's network via compromised accounts resulting in Statuatory damages of ~$436 million and aggravated damages of ~$436 million (or $100/$100 per recipient respectivly).
As Canada does not currently have a compariable law to CAN-SPAM, Facebook petitioned the Quebec courts to enforce the judgement in California.
Read the Story at the Globe and Mail here: Quebec court orders alleged spammer to pay $1-billion to Facebook
This is a great example of the importance of FISA being quickly passed through Goverment.
Posted by Matt V - @EmailKarma on 05 October 2010 in Canada, United States | Permalink | Comments (0) | TrackBack (0)
Reblog (0) | | Digg This | Save to del.icio.us |
CAUCE North America is financially supported by our organizational and individual members.
