Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Symantec Intelligence

Canada Passes Long-awaited Anti-spam Law

Created: 17 Dec 2010
MarissaVicario's picture
0 0 Votes
Login to vote

Posted on behalf of Matt Sergeant, Senior Anti-spam Technologist, Symantec Hosted Services

As of this week, Canada joins the rest of the G8 countries with its very own anti-spam law. Until now, Canada has been the only G8 country without anti-spam legislation. Bill C-28, the new Fighting Internet and Wireless Spam Act, will require businesses to follow best practices and aims to prevent unsolicited commercial e-mail distribution in Canada

First introduced in 2009 as Bill C-27, the Electronic Commerce Protection Act died when parliament was prorogued in December 2009 but was reintroduced earlier this year as Bill C-28. After much debate, it was finally approved by the Senate on December 15, 2010.

This legislation differs from the CAN SPAM Act in the U.S., which requires opt-out protocol. Canada’s powerful spam law requires businesses to obtain opt-in consent from recipients before sending commercial emails and other electronic messages, unless there’s a prior business relationship. This has implications for U.S. marketers as well – moving forward, organizations around the globe targeting Canadian recipients will also require consent.  The challenge will be for businesses to determine if email recipients are located in Canada.  Those who disobey the new law risk being fined with penalties ranging up to $1 Million for individuals and $10 Million for businesses.

The Bill also addresses a number of online threats, including malware, spyware, phishing and pharming and gives individuals the private right to sue spammers.

Bill C-28 is a real victory for Canada and sets a new global standard for anti-spam legislation.  Although the law won’t mean spam will disappear from our inboxes, it is a big step in the right direction for consumers and IT managers alike. The Bill will come into effect in September 2011, giving organizations most of the year to ensure they are compliant.