Canada vows to be less spammy in 2011 – At least after September

6 Canadian Flags courtest of WindsorDi's Flickr photostream

6 Canadian Flags courtest of WindsorDi's Flickr photostreamThe Canadian Parliament finally passed bill C-28 after more than 18 months and a proroguing of Parliament. It was officially passed as the Fighting Internet and Wireless Spam Act, or FISA, and enforcement will begin in September of 2011. This makes Canada the last nation in the G8 to make sending unsolicited email an illegal act.

We at SophosLabs, and especially those of us in Canada, are very pleased to see action on this important issue. Maybe by next time this year Canada will begin to drop in rank on our quarterly Dirty Dozen list of the spammiest countries. In Q3 of 2010, Canada ranked 15th in global spam volume, while we were only 36th in global population.

Although the United States passed the CAN-SPAM act in 2003, it has remained the spammiest country in the world. One advantage the Canadians gain from being late to the party is that they have been able to learn from, well, just about everyone else on how to create effective legislation. Sophos Australia’s Aaron Bugal and I discussed the impact Australia’s anti-spam laws have had in last week’s Chet Chat.Nevada license plate "No Spam"Canada’s bill mirrors similar laws that have been passed, requiring opt-in, messaging explaining how to opt-out, and valid contact information for the entity sending the mail that must remain valid for at least 60 days after the message was sent. The law prohibits forging any headers and covers all “electronic communications,” so marketers cannot make an end-run by continuing to use SMS, VoIP, fax, instant messaging or other automated communication methods.

Additionally, it prohibits websites, emails and other offers from installing software, plugins or toolbars without permission. All of these rules are to be enforced by the Canadian Radio-television Telecommunications Commission (CRTC), but the law has provisions for private enforcement if the governmental body proves insufficient. The CRTC can impose fines of up to $1 million per individual, or $10 million per organization. Private entities can be awarded up to $200 per infraction for a maximum of $1 million per day.

All in all it appears to be reasonably solid legislation that makes laudable attempts at being future-proof. Perhaps it will contribute to the Utopian vision that Bill Gates talked about in an interview with the BBC in 2004 when he said, “Spam will be a thing of the past in two years’ time.” We may just need two more years…

Creative Commons image of Canadian flags courtesy of WindorDi’s Flickr photostream.
Creative Commons image of No Spam Nevada license plate courtesy of Thomas Hawk’s Flickr photostream.