snIP/ITs Insights on Canadian Technology and Intellectual Property Law

Category Archives: E-Commerce

Subscribe to E-Commerce RSS Feed

Bitcoin accepted here? Funding M&A transactions by way of Bitcoin

Posted in E-Commerce, M&A/Finance

There is no denying the increasing popularity and notoriety of the virtual currency Bitcoin.  Bitcoin market capitalization currently stands in the billions of dollars, with over 13 million Bitcoins having been mined and made available for circulation.  An increasing number of merchants, including Dell, have begun accepting payment by way of Bitcoin.  The list of goods and services that have been purchased with Bitcoin now includes university tuition, airline tickets, cars, and pizza delivery.  Some companies have started paying employees in Bitcoins.  Canada in particular has been a world leader in Bitcoin ATM’s: the first Bitcoin ATM in the world … Continue Reading

CRTC updates FAQs – some clarity, along with some contradictions

Posted in Anti-Spam, Consumer Protection, E-Commerce, Regulatory Compliance

The CRTC just released a new FAQ on CASL, replacing the old one that it released in December 2013 (“December FAQ”). Those hoping the CRTC would take this opportunity to clarify some of the more vexing aspects of CASL and the accompanying Guidelines will be disappointed, as the new FAQ largely incorporates and reiterates material found in the Guidelines and the Regulatory Impact Assessment Statement.

While there are few new tidbits, in some key respects the new FAQ only further muddies the waters. Below are some select issues.… Continue Reading

Clotting Heartbleed: Guidance on Privacy Breaches, Notification Obligations and Proposed Amendments to Privacy Legislation

Posted in E-Commerce, Privacy, Regulatory Compliance

Canadian organizations with control over personal information should be aware of the privacy vulnerabilities of Heartbleed and their related legal obligations. Below, we have summarized: (1) the risks of Heartbleed; (2) the notification obligations of organizations that have experienced a privacy breach; (3) amendments to those obligations, as proposed by the federal government; and (4) recommendations  to protect your organization from privacy breaches and legal liability.

HEARTBLEED

Heartbleed is a serious security vulnerability that exists in certain versions of the OpenSSL software. OpenSSL is an open source software module created to implement certain cryptographic functions and provide various utility functions. … Continue Reading

2013 Technology Law Year in Review

Posted in Consumer Protection, Contracting/Outsourcing, E-Commerce, M&A/Finance, Privacy, Regulatory Compliance

2013 was a very active year in the tech sector in Canada.  Some of the leading developments over the last year are summarised below.

Tech Transactions – Turbulent Year for BlackBerry (Fairfax transaction)

2013 was a turbulent year for the Canadian leader of the telecommunications industry. It started with a change of name, from Research in Motion Ltd. to BlackBerry, in order to rebrand the company and to be more successful on the stock market. A few months later, BlackBerry publicly announced that it was reviewing its strategic alternatives for the future. In November, BlackBerry received an investment of U.S. … Continue Reading

Le CRTC Publie des FAQs sur la Loi Canadienne Anti-Pourriel

Posted in E-Commerce

The English version of this article is available here.

Le 18 décembre 2013, le CRTC a publié une série de FAQs pour aider les organisations et les individus concernés dans leurs efforts pour se conformer à Loi canadienne anti-pourriel (la « Loi anti-pourriel »), qui entrera en vigueur en juillet 2014. Bien que les FAQs ne fournissent que des orientations supplémentaires limitées, elles sont utiles comme source agrégée d’information, des bulletins, de lignes directrices et d’autres déclarations concernant la Loi anti-pourriel publiés par le CRTC.

La Loi anti-pourriel est largement considérée comme la législation de messagerie électronique commercial la … Continue Reading

Canada’s Anti-Spam Law FAQs Released by CRTC

Posted in E-Commerce

La version française de cet article est publiée ici.

On December 18, 2013, the CRTC released a series of FAQs to help affected organizations and individuals in their efforts to comply with Canada’s Anti-Spam Legislation (CASL), which will begin coming into force in July 2014.  Though the FAQs provide limited additional guidance, they are useful as an aggregated source of information, bulletins, guidelines and other statements about CASL released by the CRTC.

CASL is widely considered to be the toughest commercial electronic messaging legislation in the world, and its coming into force will have significant implications for … Continue Reading

La loi canadienne anti-pourriel entre en vigueur bientôt – Êtes-vous prêt?

Posted in E-Commerce

The English version of this article is available here.

Le ministre de l’Industrie, James Moore, a annoncé récemment que la majorité des dispositions législatives canadiennes attendues depuis longtemps contre les pourriels et les maliciels (la « Loi anti-pourriel ») entreront en vigueur le 1er juillet 2014. Dans le cadre de cette annonce, Industrie Canada a également publié une version définitive révisée en profondeur de son important règlement relatif à la Loi anti-pourriel.

La Loi anti-pourriel est largement reconnue comme la loi en matière de messages électroniques commerciaux la plus sévère dans le monde, et son entrée … Continue Reading

Canada’s Anti-Spam Law is Coming – Are you Ready?

Posted in E-Commerce

La version française de cet article est publiée ici.

Industry Minister James Moore announced today that most of Canada’s long-anticipated anti-spam/malware legislation (“CASL” for short) will be coming into force on July 1, 2014.  As part of today’s announcement, Industry Canada also released a significantly revised and final version of its important CASL regulations.

CASL is widely considered to be the toughest commercial electronic messaging legislation in the world, and its coming into force will have significant implications for Canadian businesses, not-for-profit organizations and individuals using electronic means to communicate.  Those who violate CASL could face fines … Continue Reading

Tech Law Summit 2013 Recap – Six Minute Lawyer Sessions: Thinking Beyond

Posted in Consumer Protection, Copyright, E-Commerce, Intellectual Property, Regulatory Compliance

At McCarthy Tétrault’s Toronto Technology Law Summit, Bram Abramson, Daniel Glover, James Archer, Bob Nakano, Pat McCay, Naseem Malik, and David Tait, were featured in the Six Minute Lawyer panel. Each lawyer provided brief updates on a variety of topical and timely tech law issues, ranging from the regulation of commercial communications to tax issues.

Unsolicited Telecommunications Rules

Bram Abramson provided an overview of the CRTC Unsolicited Telecommunications Rules (“UTRs”), which are overseen by the Commission’s Compliance and Enforcement Section.  These rules cover unsolicited phone calls or faxes for the purpose of solicitation.  … Continue Reading

How to “.Com”ply with Disclosure Rules for Digital Advertising

Part 2: Tips for Businesses Advertising Online in the U.S.

Posted in Consumer Protection, E-Commerce, Regulatory Compliance

In Part 1 of this blog series on digital advertising, we canvassed the disclosure rules in light of the recent the U.S. Federal Trade Commission’s recent publication, “.com Disclosures, How to Make Effective Disclosures in Digital Advertising”. In Part 2 of this blog series, we will set out some tips and guidelines to assist businesses in complying with the disclosure rules and avoid falling afoul the FTC.

Entities conducting business online in the U.S. ought to consider whether its advertising meets these guidelines:

  1. Prominent and Unavoidable: Disclosure should be at least as large as the related claim and
  2. Continue Reading

How to “.Com”ply with Disclosure Rules for Digital Advertising

Part 1: Avoiding Deceptive Advertising in the Digital Age

Posted in Consumer Protection, E-Commerce, Regulatory Compliance

Does the medium matter? According to the U.S. Federal Trade Commission’s recent publication, “.com Disclosures, How to Make Effective Disclosures in Digital Advertising”, consumer protection laws apply equally to all forms of media and devices, including smartphones, tablets, Facebook, Twitter and the internet. The new FTC guidance, released on March 12, 2013, is an update to the FTC’s 2000 publication, “Dot Com Disclosures”.

As a general rule, the FTC requires that an advertiser provide additional information when an ad makes a claim, express or implied, that might be misleading without more information. To be effective, that … Continue Reading

CRTC Reports on CASL Consultation

Posted in E-Commerce

On February 25, 2013 the CRTC staff held an informal consultation with industry and consumer groups following the October 2012 release of CRTC’s guidelines regarding the interpretation of its CASL regulations (the “Consultation”) (To read a more detailed analysis of the Guidelines issued by the CRTC, see our related post on this topic).  On April 3, 2013, the CRTC published a brief report describing the discussions that took place during the Consultations.

The objective of the Consultation “was to facilitate a focused conversation and gather useful information regarding issues that businesses and consumer groups foresee when CASL comes into … Continue Reading

Règlement canadien anti-pourriels publié pour une période de 30 jours de consultation

Posted in E-Commerce

The English version of this article is available here.

Le projet du règlement afférent à la Loi canadienne anti-pourriels (LCAP) a été publié le 5 janvier 2013 dernier dans la Gazette du Canada pour une période de consultation d’une durée de 30 jours.

Ce projet tant attendu représente l’étape législative finale d’un des régimes les plus contraignants au monde en matière de règlementation anti-pourriels (« anti-spam ») et de menaces en ligne connexes, tel que les programmes malveillants (« malware »). Ce règlement apporte des clarifications en ce qu’il définit certains termes importants inclus dans la LCAP.

Il comporte … Continue Reading

Canadian Anti-Spam Regulations Published for a 30-Day Comment Period

Posted in E-Commerce

La version française de cet article est publiée ici.

The revised draft of the Industry Canada Regulations pertaining to Canada’s new anti-spam/malware law (CASL) was published in the Canada Gazette on January 5, 2013 for a 30-day comment period.

The highly anticipated draft regulations represent the final legislative aspect of one of the world’s most stringent anti-spam and anti-malware regimes and provide some clarity as to the use of some important terms in the CASL.

It also includes new exemptions in respect of subject matter not intended to fall within CASL’s reach. The goal of CASL according to Industry … Continue Reading

Mobile Payments 2012

Posted in E-Commerce

On October 25, 2012, McCarthy Tétrault’s national Consumer Retail group held a lunchtime client conference on mobile payment systems and digital wallets. For those of you unable to attend, the following are a few of the highlights.

But first, a little context for the uninitiated:

  • Near-field communication technology (NFC) allows a user with a mobile phone, equipped with the necessary mobile application, to pass card data stored on the phone to the point-of-sale device to complete payment and other transactions.
  • Mobile payments are often grouped into two levels of transaction: convenience vs. high value/risk transactions. Convenience transactions are characterized by
  • Continue Reading

CRTC Issues Guidelines on Canada’s Anti-Spam Law

Posted in E-Commerce

The CRTC has issued two sets of interpretative guidelines addressing important parts of Canada’s new anti-spam law (CASL). While guidance on CASL is welcome, these guidelines reinforce the great lengths to which many businesses will need to go to in order to ensure compliance.

The guidelines focus on the CRTC’s interpretation of the regulations it released in March, 2012 and the related provisions of CASL, and provide examples of what the CRTC considers to be compliant behavior.

By way of background, CASL was designed to regulate commercial electronic messages (CEMs) and the installation of computer programs on other … Continue Reading

Hot Off the Press – Canadian Telecommunications Regulatory Handbook

Posted in E-Commerce, Privacy, Regulatory Compliance

McCarthy Tétrault has just published Canadian Telecommunications Regulatory Handbook by partner Hank Intven.

The Handbook provides a detailed summary of Canadian telecommunications law and regulation and is a convenient single reference source for the text of the laws, treaties, regulations, directions, orders, rules and other key documents that govern Canadian telecommunications regulation.

This Handbook includes a chapter discussing the Do Not Call regime, Canadian anti-spam legislation and lawful access proposals, which may be of interest to in-house counsel in the tech and marketing space.

You can read more about the Handbook on McCarthy Tétrault’s website, where the book … Continue Reading

Do Not Track – Recent Developments in the World of Online Behavioural Advertising

Posted in E-Commerce, Privacy

Last week was a big week for “Do Not Track” (DNT) developments:

  1. Google officially joined company with a coalition of big internet players for voluntary controls on Online Behavioural Advertising (OBA). The controls take the form of an industry spanning self-regulatory program, backed by the Digital Advertising Alliance (DAA), that aims to provide a consistent and clear approach to OBA. The Council of Better Business Bureaus (CBBB) and the Direct Marketing Association (DMA) have agreed to monitor participants and enforce compliance.
  2. Google announced that it will add support for DNT to its Chrome browser by the end of the
  3. Continue Reading

Ten Tech Law Resolutions for 2012

Posted in Consumer Protection, Copyright, E-Commerce, Intellectual Property, Privacy

January is a great time to make some resolutions for the coming year. In addition to the personal ones you have made, here are 10 involving tech issues that are (or should be) important to your organization.

1. Closing the Loop on Open-Source

Open-source software code and other types of materials and technical artefacts that are subject to open-source licensing models are proliferating in your business.  Some of this material is made available under open-source license agreements that are fairly benign.  In some cases, however, the license agreement can be quite problematic, including requiring you to make available to the … Continue Reading

Online Brand Protection Strategies – Five Steps to Developing Your Plan

Posted in E-Commerce, Intellectual Property

A company’s brand is a key asset and needs protection both offline and online - so if you haven’t yet embarked on an online brand protection strategy, where do you start?

Your trade-mark, or brand name, is what distinguishes you from your competitors. In effect, trade-marks provide a shortcut to get consumers to where they want to go (as described by Mr Justice Binnie in the Mattel, Inc. v. 3894207 Canada Inc.) And, hopefully that is leading consumers to you, and not to a cybersquatter, pay-per-click site, or to a site that is trying to defraud your customers.

Continue Reading

Privacy Commissioner Releases New Online Behavioural Advertising Guidelines

Posted in E-Commerce, Privacy, Regulatory Compliance

The Privacy Commissioner of Canada recently released new guidelines to assist organizations involved in online behavioural advertising (OBA) ensure that their practices are transparent and comply with the federal private sector privacy legislation. The guidelines are attention-span friendly, weighing in at three pages, with few surprises and largely high-level takeaways.

The guidelines accept that OBA may be “considered a reasonable purpose under the Personal Information Protection and Electronic Documents Act (PIPEDA),” provided it is done within certain ”parameters”, namely:

  • Information collected for OBA is likely personal information: as a default position, the Privacy Commissioner takes the view that information collected

Continue Reading

Do Not Track and Online Behavioural Advertising – Part II: Best Practices

Posted in Consumer Protection, E-Commerce, Privacy

With the push from users and legislators towards DNT and with most browsers providing users with the choice of a DNT setting, it is important for businesses to be ahead of the curve. In addition to an organization’s existing policies and safeguards under the Personal Information Protection and Electronic Documents Act (PIPEDA), businesses should have a clear DNT policy and should effectively communicate that policy to the user, explaining exactly what the business is doing with consumer data once a user has chosen not to be tracked.

Mozilla recently put out a useful DNT guide for developers and businesses … Continue Reading

Do Not Track and Online Behavioural Advertising – Part I: Coming to a Parliament Near You?

Posted in Consumer Protection, E-Commerce, Privacy

Privacy versus personalized content – it is the tension that underlies online behavioural advertising (OBA), and increasingly that tension is threatening to snap. OBA is the practice of tracking consumer’s online activities in order to deliver targeted marketing. Businesses stitch together information, like the websites a consumer visits, the content a consumer views and the searches a consumer runs, into a fingerprint of interests and tastes so that the consumer receives more resonant (and ideally more valuable) advertising.

OBA can be extremely valuable to your business. For example, if I purchase peanut butter online, the shopping website may recommend that … Continue Reading