Canada vows to be less spammy in 2011 - At least after September

Filed Under: Law & order, Malware, Spam

6 Canadian Flags courtest of WindsorDi's Flickr photostreamThe Canadian Parliament finally passed bill C-28 after more than 18 months and a proroguing of Parliament. It was officially passed as the Fighting Internet and Wireless Spam Act, or FISA, and enforcement will begin in September of 2011. This makes Canada the last nation in the G8 to make sending unsolicited email an illegal act.

We at SophosLabs, and especially those of us in Canada, are very pleased to see action on this important issue. Maybe by next time this year Canada will begin to drop in rank on our quarterly Dirty Dozen list of the spammiest countries. In Q3 of 2010, Canada ranked 15th in global spam volume, while we were only 36th in global population.

Although the United States passed the CAN-SPAM act in 2003, it has remained the spammiest country in the world. One advantage the Canadians gain from being late to the party is that they have been able to learn from, well, just about everyone else on how to create effective legislation. Sophos Australia's Aaron Bugal and I discussed the impact Australia's anti-spam laws have had in last week's Chet Chat.Nevada license plate "No Spam"Canada's bill mirrors similar laws that have been passed, requiring opt-in, messaging explaining how to opt-out, and valid contact information for the entity sending the mail that must remain valid for at least 60 days after the message was sent. The law prohibits forging any headers and covers all "electronic communications," so marketers cannot make an end-run by continuing to use SMS, VoIP, fax, instant messaging or other automated communication methods.

Additionally, it prohibits websites, emails and other offers from installing software, plugins or toolbars without permission. All of these rules are to be enforced by the Canadian Radio-television Telecommunications Commission (CRTC), but the law has provisions for private enforcement if the governmental body proves insufficient. The CRTC can impose fines of up to $1 million per individual, or $10 million per organization. Private entities can be awarded up to $200 per infraction for a maximum of $1 million per day.

All in all it appears to be reasonably solid legislation that makes laudable attempts at being future-proof. Perhaps it will contribute to the Utopian vision that Bill Gates talked about in an interview with the BBC in 2004 when he said, "Spam will be a thing of the past in two years' time." We may just need two more years...

Creative Commons image of Canadian flags courtesy of WindorDi's Flickr photostream.
Creative Commons image of No Spam Nevada license plate courtesy of Thomas Hawk's Flickr photostream.

, , , ,

You might like

2 Responses to Canada vows to be less spammy in 2011 - At least after September

  1. But they can't do anything about spams orginating from outside Canada. Plus, how can they catch all spammers? Is there a "report" email to forward all spams? And how many people will actually bother to forward/report the spam. Most just click "spam" in their email client to train it and make sure all simliar messages get sent to the spam folder (but not stopped).

  2. guest · 1694 days ago

    I'd prefer a way to prevent people from falsely
    listing colleges on FB that they never went to. I've seen
    multiple CANADIAN penny stock scam accounts with a big name
    university listed on a profile using a clearly fake photos of some
    bikini babe in a bikini. The culprits fail to realize that us
    university people can fish these frauds out and expose them. The
    profile also has 3 fake accounts on it all under the same name and
    profile pic belonging to some fat guy in CANADA. I just
    don't see how these people can be so stupid, and FB misses
    it all the time and fails to shut them down.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on as Chester, Chester Wisniewski on Google Plus or send him an email at