SlideShare a Scribd company logo

Michael fekete and howard fohr lexpert casl computer programs provisions and challenges

Download as PPT, PDF
B
bsookman

1) The document discusses various challenges and strategies for complying with Canada's Anti-Spam Legislation (CASL) in different vertical sectors such as software, mobile/telecom, product manufacturing, and online businesses. 2) Key issues addressed include identifying regulated computer program activities, obtaining express consent, developing consent strategies, satisfying disclosure rules, and proving consent. 3) Challenges for the mobile/telecom sector include obtaining consent during device setup processes and the app submission process, while product manufacturers face issues with no direct user interaction.

BusinessTechnology
1 of 34
CASL Computer Programs Provisions and Challenges in Specific Vertical Sectors Michael Fekete (Osler) Howard Fohr (BlackBerry Limited) April 30, 2014
Key Verticals 2 Software Mobile/Telecom Product manufacturing Online businesses
Software Vertical - Identifying regulated activities 3 Pre-installed/embedded software?  RIAS: “...the requirements under CASL for the installation of computer programs only apply to the installation of computer programs on another person’s computer system” User initiated installations (e.g., downloads)?  RIAS: “CASL will not apply to installations carried out by persons on their own computing devices.” Updates and upgrades  What if the installation is carried out by the consumer? Installations by IT help desks Installations on devices in other countries
Identifying Exempt Activities 4 Law enforcement, protection/defence of Canada, international affairs Public safety
Assessing whether the “enhanced disclosure” rules apply 5 Function listed in s.10(5) AND Knowledge and intent that function will cause the computer system to operate in a manner that is “contrary to the reasonable expectations of the owner or an authorized user of the computer system” Operational challenges  software products  update programs
Applying the knowledge and intent qualifier 6 Is it reasonable to take into account “reasonableness” overall, including whether:  The function is required for the very services the user signed up to receive?  The function would improve the services?  The function would provide some other utility to the user (outside of the particular software/services at issue)?  The function would have some non-invasive business purpose/utility for the vendor? How much information do consumers reasonably want? Do they want to understand the technical details, or do they want it to “just work”?
Deciding whether/when to request consent 7  Reliance on exceptions? What “conduct” is required to demonstrate it is reasonable to believe consent has been given  Reliance on 3 year transition provision (s.67)?  Seeking consent to updates and upgrades at the same time as consent for installation/downloading/first use?
Developing strategy for obtaining “CASL- compliant” express consent 8  Can consent be obtained through a licence agreement (if 10(4) not triggered)?  Can consent be obtained through the use of a pre-checked box (e.g., default settings, with user confirmation)?  Can consent be obtained for a “suite” of products?  Can consent to updates and upgrades be mandatory?  Can identity and contact information be provided through links?
Satisfying the Disclosure Rules 9 Minimum disclosures:  Describe the “function and purpose” “clearly and simply” “in general terms” Enhanced disclosures: Describe the “program’s material elements that perform the function or functions, including the nature and purpose of those elements and their reasonably foreseeable impact on the operation of the computer system”  “clearly and prominently”  “separately and apart from license agreement”  “separately from any other information provided”  “acknowledgement in writing... that they understand and agree”
Proving Consent 10 CRTC Enforcement Bulletin (2012-548)  “The Commission considers that the requirement for consent in writing is satisfied by information in electronic form if the information can subsequently be verified.”  “Examples of acceptable means of obtaining consent in writing include checking a box on a web page to indicate consent where a record of the date, time, purpose, and manner of that consent is stored in a database; and filling out a consent form at a point of purchase.”
Satisfying the withdrawal of consent rule (s.11(5)) 11 When does obligation to provide an electronic address apply?  Only if program performs a function regulated by s.10(4)?  Exempt if the program is covered by s.10(8)? How must contact information be provided?
“Deemed” express consent (s. 10(8)) 12 A person is considered to expressly consent to the installation of a computer program if: a) the program is: i. a cookie, ii. HTML code, iii. Java Scripts, iv. an operating system, v. any other program that is executable only through the use of another computer program whose installation or use the person has previously expressly consented to, or vi. any other program specified in the regulations; and b) the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation.
“Deemed” express consent for network security & updating a network (IC Reg’s, s. 6(a) & (b)) 13 (a) a program that is installed by or on behalf of a telecommunications service provider solely to protect the security of all or part of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network; (b) a program that is installed, for the purpose of updating or upgrading the network, by or on behalf of the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network;
“Deemed” express consent - Questions for both s. 6(a) & (b) of IC Reg’s 14 Non-definition of a “network” How to identify the “end node” of the network? Applicability to not just parts of a network that require a 24/7 ‘live’ connection to a telecommunications service? • E.g. What about a program which could be used in some cases without active/online wireless connectivity?
“Deemed” express consent - Questions for both s. 6(a) & (b) of IC Reg’s 15 Definition of “telecommunications service provider” Broad? Not so broad, due to constitutional limitations? (e.g. applicability of CASL’s computer program provisions to intraprovincial communications?)
“Deemed” express consent - Questions for s. 6(a) of IC Reg’s (network security exemption) 16 Is a “threat to the availability, reliability, efficiency or optimal use” just:  Malware?  Viruses?  Software bug?  Other? What is a “current and identifiable” threat?  Threats that are not ‘identifiable’ in addition to being ‘current’?  What about ‘future’ security threats? “Solely” – is the exemption available if the program has an additional legitimate purpose in addition to just addressing a ‘security’ threat?
“Deemed” express consent (IC Reg’s, s. 6(c) – correcting a failure) 17 (c) a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose. “Solely” – is the exemption available if the program provided ‘new’, improved or additional functionality or features, and not “solely” bug fixes?
“Deemed” express consent - Questions for each of s. 6(a), (b) & (c) of IC Reg’s 18 How to assess whether the person’s conduct is such that they consent to the program’s installation (s. 10(8)(b))?
Additional Compliance Challenges and Solutions – Mobile/Telecom 19 Scenario I: Initial software updates during “Out Of Box Experience” (OOBE) for a new BlackBerry 10 device
Out Of Box Experience (OOBE) on BlackBerry 10 - First substantive step after user chooses UI language is acceptance of BlackBerry Solution License Agreement, which indicates software may automatically check for updates and that BlackBerry may make required updates available
OOBE on BlackBerry 10 (cont’d) - The last substantive step before completion of initial setup is a user notice regarding software update as part of the OOBE (most current OS available for relevant carrier/region)
22 Scenario II: 3rd Party App Submission Process in BlackBerry World Additional Compliance Challenges and Solutions – Mobile/Telecom
Step 1: Developer creates a Vendor account – after acceptance of BlackBerry World vendor terms, etc various fields made available for vendor to complete. - These include for vendor identification and contact info. 3rd Party App Submission Process in BlackBerry World
Step 1 (cont’d): fields also made available for vendor‟s support email, Privacy Policy url etc. 3rd Party App Submission Process in BlackBerry World (cont’d)
Step 2: App submission process: Vendor creates the listing for the app under their Vendor account. 3rd Party App Submission Process in BlackBerry World (cont’d)
Step 2 (cont’d): Vendor adds Descriptive text which will be seen by the user when they view the app in BlackBerry World, prior to download. Substantial space available in “Long Description” – vendor free to provide information about the function and purpose of the computer program (or to provide additional disclosures as may be required by s. 10(4) or (5) of CASL if the vendor so chooses (presumably „separate and apart from the license agreement‟ as it is prior to download).) 3rd Party App Submission Process in BlackBerry World (cont’d)
Step 2 (cont’d): Vendor adds App icon and screenshots 3rd Party App Submission Process in BlackBerry World (cont’d)
Step 2 (cont’d): Vendor can limit the availability of their app by Carrier and or Country 3rd Party App Submission Process in BlackBerry World (cont’d)
Step 3: End user process: • Once app accepted for distribution in BlackBerry World, it is made available for users to access in BlackBerry World, either through the user browsing or searching for the desired app 3rd Party App Submission Process in BlackBerry World (cont’d)
Step 3: End user process (cont’d): • Users goes to the app listing in BlackBerry World, to view the information that the vendor had input about the app 3rd Party App Submission Process in BlackBerry World (cont’d)
• Users chooses to download the app Step 3 (cont’d): BlackBerry World End user process:
• Users presented with any required permissions sought by app prior to using the software • (Note: outside of BlackBerry World, once the user is in the app the vendor may also provide its EULA or other notice(s) for acceptance etc). Step 4: App permissions notice to end user
Additional Compliance Challenges and Solutions – Product Manufacturing 33 Lack of direct interaction with consumers  Express consent  Exceptions to consent Obtaining consent for products with no user interface Global marketplace challenges
Additional Compliance Challenges and Solutions – Online Business 34 Cookies Java scripts HTML code

Recommended

Dan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertDan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertbsookman
 
Oliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingOliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingbsookman
 
Sookman oba casl._slides
Sookman oba casl._slidesSookman oba casl._slides
Sookman oba casl._slidesbsookman
 
Sookman lexpert casl_slides
Sookman lexpert casl_slidesSookman lexpert casl_slides
Sookman lexpert casl_slidesbsookman
 
dac-beachcroft-thought-leadership-rta-process-clear-road-ahead
dac-beachcroft-thought-leadership-rta-process-clear-road-aheaddac-beachcroft-thought-leadership-rta-process-clear-road-ahead
dac-beachcroft-thought-leadership-rta-process-clear-road-aheadClaire Wright
 
830264 E-Rate Presentation
830264 E-Rate Presentation830264 E-Rate Presentation
830264 E-Rate PresentationRichard Sheffield
 
Monica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsMonica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsbsookman
 
Wally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesWally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesbsookman
 

Recommended

Dan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertDan glover casl computer software_mc_t_lexpert
Dan glover casl computer software_mc_t_lexpertbsookman
 
Oliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingOliver borgers lexpert misleading advertising
Oliver borgers lexpert misleading advertisingbsookman
 
Sookman oba casl._slides
Sookman oba casl._slidesSookman oba casl._slides
Sookman oba casl._slidesbsookman
 
Sookman lexpert casl_slides
Sookman lexpert casl_slidesSookman lexpert casl_slides
Sookman lexpert casl_slidesbsookman
 
dac-beachcroft-thought-leadership-rta-process-clear-road-ahead
dac-beachcroft-thought-leadership-rta-process-clear-road-aheaddac-beachcroft-thought-leadership-rta-process-clear-road-ahead
dac-beachcroft-thought-leadership-rta-process-clear-road-aheadClaire Wright
 
830264 E-Rate Presentation
830264 E-Rate Presentation830264 E-Rate Presentation
830264 E-Rate PresentationRichard Sheffield
 
Monica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsMonica papendick lexpert casl challenges in financial institutuions
Monica papendick lexpert casl challenges in financial institutuionsbsookman
 
Wally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesWally hill lexpert casl messaging provisions and challenges
Wally hill lexpert casl messaging provisions and challengesbsookman
 
Enterprise Application Distribution Technical White Paper[1]
Enterprise Application Distribution Technical White Paper[1]Enterprise Application Distribution Technical White Paper[1]
Enterprise Application Distribution Technical White Paper[1]genasun
 
I03402059063
I03402059063I03402059063
I03402059063theijes
 
What's new 2015 hf1
What's new 2015 hf1What's new 2015 hf1
What's new 2015 hf1brujula27
 
Logical systems-configuration-guide
Logical systems-configuration-guideLogical systems-configuration-guide
Logical systems-configuration-guideRaja Azeem
 
Software product or service
Software product or serviceSoftware product or service
Software product or serviceALIAS Network
 
NSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsNSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsRonald Bartels
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Priyanka Aash
 
Scs.pptx repaired
Scs.pptx repairedScs.pptx repaired
Scs.pptx repairedSaransh Garg
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupEswar Publications
 
License
LicenseLicense
LicenseReuben Baylon
 
qwe
qweqwe
qweAko Red
 
License
LicenseLicense
LicenseDava Divos
 
License
LicenseLicense
Licensevirgie yano
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
PentestflashkeybpardpaperAndrey Apuhtin
 
License
LicenseLicense
LicenseFelichi Sato
 
Imperva SecureSphere For AWS Configuration Guide
Imperva SecureSphere For AWS Configuration GuideImperva SecureSphere For AWS Configuration Guide
Imperva SecureSphere For AWS Configuration GuideSECURE SOFT CORPORATION
 
License
LicenseLicense
Licensediaz cliquers
 
License
LicenseLicense
LicenseIta B Keraf
 
License
LicenseLicense
LicenseCharmante Ariunaa
 
The Business Case for Open Source GIS
The Business Case for Open Source GISThe Business Case for Open Source GIS
The Business Case for Open Source GISJoanne Cook
 
Sookman primetime presentation
Sookman primetime presentationSookman primetime presentation
Sookman primetime presentationbsookman
 
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016bsookman
 

More Related Content

Similar to Michael fekete and howard fohr lexpert casl computer programs provisions and challenges

Enterprise Application Distribution Technical White Paper[1]
Enterprise Application Distribution Technical White Paper[1]Enterprise Application Distribution Technical White Paper[1]
Enterprise Application Distribution Technical White Paper[1]genasun
 
I03402059063
I03402059063I03402059063
I03402059063theijes
 
What's new 2015 hf1
What's new 2015 hf1What's new 2015 hf1
What's new 2015 hf1brujula27
 
Logical systems-configuration-guide
Logical systems-configuration-guideLogical systems-configuration-guide
Logical systems-configuration-guideRaja Azeem
 
Software product or service
Software product or serviceSoftware product or service
Software product or serviceALIAS Network
 
NSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsNSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsRonald Bartels
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Priyanka Aash
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupEswar Publications
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
PentestflashkeybpardpaperAndrey Apuhtin
 
Imperva SecureSphere For AWS Configuration Guide
Imperva SecureSphere For AWS Configuration GuideImperva SecureSphere For AWS Configuration Guide
Imperva SecureSphere For AWS Configuration GuideSECURE SOFT CORPORATION
 
The Business Case for Open Source GIS
The Business Case for Open Source GISThe Business Case for Open Source GIS
The Business Case for Open Source GISJoanne Cook
 

Similar to Michael fekete and howard fohr lexpert casl computer programs provisions and challenges (20)

Enterprise Application Distribution Technical White Paper[1]
Enterprise Application Distribution Technical White Paper[1]Enterprise Application Distribution Technical White Paper[1]
Enterprise Application Distribution Technical White Paper[1]
 
I03402059063
I03402059063I03402059063
I03402059063
 
What's new 2015 hf1
What's new 2015 hf1What's new 2015 hf1
What's new 2015 hf1
 
Logical systems-configuration-guide
Logical systems-configuration-guideLogical systems-configuration-guide
Logical systems-configuration-guide
 
Software product or service
Software product or serviceSoftware product or service
Software product or service
 
NSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsNSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threats
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture
 
Scs.pptx repaired
Scs.pptx repairedScs.pptx repaired
Scs.pptx repaired
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
 
License
LicenseLicense
License
 
qwe
qweqwe
qwe
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
Pentestflashkeybpardpaper
 
License
LicenseLicense
License
 
Imperva SecureSphere For AWS Configuration Guide
Imperva SecureSphere For AWS Configuration GuideImperva SecureSphere For AWS Configuration Guide
Imperva SecureSphere For AWS Configuration Guide
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
License
LicenseLicense
License
 
The Business Case for Open Source GIS
The Business Case for Open Source GISThe Business Case for Open Source GIS
The Business Case for Open Source GIS
 

More from bsookman

Sookman primetime presentation
Sookman primetime presentationSookman primetime presentation
Sookman primetime presentationbsookman
 
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016bsookman
 
Copyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v SodracCopyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v Sodracbsookman
 
ALAI Canada: Colloque Annual
ALAI Canada: Colloque AnnualALAI Canada: Colloque Annual
ALAI Canada: Colloque Annualbsookman
 
Sookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slidesSookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slidesbsookman
 
Sookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in reviewSookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in reviewbsookman
 
Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)bsookman
 
Casl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slidesCasl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slidesbsookman
 
Sookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_finalSookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_finalbsookman
 
Bloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-reviewBloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-reviewbsookman
 
Sookman justice canada_keynote
Sookman justice canada_keynoteSookman justice canada_keynote
Sookman justice canada_keynotebsookman
 
Sookman montreal bar_casl_talk
Sookman montreal bar_casl_talkSookman montreal bar_casl_talk
Sookman montreal bar_casl_talkbsookman
 
Challenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology CompaniesChallenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology Companiesbsookman
 
Docs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposiumDocs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposiumbsookman
 
Sookman casl and universities
Sookman casl and universitiesSookman casl and universities
Sookman casl and universitiesbsookman
 
Sookman oba confernece_using_social_media
Sookman oba confernece_using_social_mediaSookman oba confernece_using_social_media
Sookman oba confernece_using_social_mediabsookman
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_bsookman
 
Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013bsookman
 
Sookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentationSookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentationbsookman
 
Sookman law society_6_min_business_law
Sookman law society_6_min_business_lawSookman law society_6_min_business_law
Sookman law society_6_min_business_lawbsookman
 

More from bsookman (20)

Sookman primetime presentation
Sookman primetime presentationSookman primetime presentation
Sookman primetime presentation
 
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
Sookman Toronto Computer Lawyers' Group: The Year in Review 2015-2016
 
Copyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v SodracCopyright and Technological Neutrality: CBC v Sodrac
Copyright and Technological Neutrality: CBC v Sodrac
 
ALAI Canada: Colloque Annual
ALAI Canada: Colloque AnnualALAI Canada: Colloque Annual
ALAI Canada: Colloque Annual
 
Sookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slidesSookman tclg 2015_year_in_review_slides
Sookman tclg 2015_year_in_review_slides
 
Sookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in reviewSookman lsuc 2015_copyright_year in review
Sookman lsuc 2015_copyright_year in review
 
Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)Sookman tclg 2013 to 2014 (1)
Sookman tclg 2013 to 2014 (1)
 
Casl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slidesCasl and freedom_of_expression_-_final_lsuc_conference_slides
Casl and freedom_of_expression_-_final_lsuc_conference_slides
 
Sookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_finalSookman lsuc copyright_year_in_review_2013_final
Sookman lsuc copyright_year_in_review_2013_final
 
Bloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-reviewBloom sookman lsuc 2013 copyright year-in-review
Bloom sookman lsuc 2013 copyright year-in-review
 
Sookman justice canada_keynote
Sookman justice canada_keynoteSookman justice canada_keynote
Sookman justice canada_keynote
 
Sookman montreal bar_casl_talk
Sookman montreal bar_casl_talkSookman montreal bar_casl_talk
Sookman montreal bar_casl_talk
 
Challenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology CompaniesChallenges Faced by Legal in Global technology Companies
Challenges Faced by Legal in Global technology Companies
 
Docs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposiumDocs #12847612-v1-osgoode ugc-symposium
Docs #12847612-v1-osgoode ugc-symposium
 
Sookman casl and universities
Sookman casl and universitiesSookman casl and universities
Sookman casl and universities
 
Sookman oba confernece_using_social_media
Sookman oba confernece_using_social_mediaSookman oba confernece_using_social_media
Sookman oba confernece_using_social_media
 
Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_Sookman federal circuit_internet_and_copyright_
Sookman federal circuit_internet_and_copyright_
 
Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013Sookman tclg year_in_review_2013
Sookman tclg year_in_review_2013
 
Sookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentationSookman aston it can representations warranties and indemnities presentation
Sookman aston it can representations warranties and indemnities presentation
 
Sookman law society_6_min_business_law
Sookman law society_6_min_business_lawSookman law society_6_min_business_law
Sookman law society_6_min_business_law
 

Recently uploaded

Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdflaloo_007
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingNauman Safdar
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...ssuserf63bd7
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
 
BeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfBeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfDerekIwanaka1
 
Falcon Invoice Discounting: Tailored Financial Wings
Falcon Invoice Discounting: Tailored Financial WingsFalcon Invoice Discounting: Tailored Financial Wings
Falcon Invoice Discounting: Tailored Financial WingsFalcon Invoice Discounting
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperityhemanthkumar470700
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challengeshemanthkumar470700
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwaitdaisycvs
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizharallensay1
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentationuneakwhite
 
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdfTVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdfbelieveminhh
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecZurliaSoop
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
Arti Languages Pre Seed Teaser Deck 2024.pdf
Arti Languages Pre Seed Teaser Deck 2024.pdfArti Languages Pre Seed Teaser Deck 2024.pdf
Arti Languages Pre Seed Teaser Deck 2024.pdfwill854175
 

Recently uploaded (20)

Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
BeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfBeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdf
 
Falcon Invoice Discounting: Tailored Financial Wings
Falcon Invoice Discounting: Tailored Financial WingsFalcon Invoice Discounting: Tailored Financial Wings
Falcon Invoice Discounting: Tailored Financial Wings
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 
HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdfTVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
 
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Arti Languages Pre Seed Teaser Deck 2024.pdf
Arti Languages Pre Seed Teaser Deck 2024.pdfArti Languages Pre Seed Teaser Deck 2024.pdf
Arti Languages Pre Seed Teaser Deck 2024.pdf
 

Michael fekete and howard fohr lexpert casl computer programs provisions and challenges

  • 1. CASL Computer Programs Provisions and Challenges in Specific Vertical Sectors Michael Fekete (Osler) Howard Fohr (BlackBerry Limited) April 30, 2014
  • 3. Software Vertical - Identifying regulated activities 3 Pre-installed/embedded software?  RIAS: “...the requirements under CASL for the installation of computer programs only apply to the installation of computer programs on another person’s computer system” User initiated installations (e.g., downloads)?  RIAS: “CASL will not apply to installations carried out by persons on their own computing devices.” Updates and upgrades  What if the installation is carried out by the consumer? Installations by IT help desks Installations on devices in other countries
  • 4. Identifying Exempt Activities 4 Law enforcement, protection/defence of Canada, international affairs Public safety
  • 5. Assessing whether the “enhanced disclosure” rules apply 5 Function listed in s.10(5) AND Knowledge and intent that function will cause the computer system to operate in a manner that is “contrary to the reasonable expectations of the owner or an authorized user of the computer system” Operational challenges  software products  update programs
  • 6. Applying the knowledge and intent qualifier 6 Is it reasonable to take into account “reasonableness” overall, including whether:  The function is required for the very services the user signed up to receive?  The function would improve the services?  The function would provide some other utility to the user (outside of the particular software/services at issue)?  The function would have some non-invasive business purpose/utility for the vendor? How much information do consumers reasonably want? Do they want to understand the technical details, or do they want it to “just work”?
  • 7. Deciding whether/when to request consent 7  Reliance on exceptions? What “conduct” is required to demonstrate it is reasonable to believe consent has been given  Reliance on 3 year transition provision (s.67)?  Seeking consent to updates and upgrades at the same time as consent for installation/downloading/first use?
  • 8. Developing strategy for obtaining “CASL- compliant” express consent 8  Can consent be obtained through a licence agreement (if 10(4) not triggered)?  Can consent be obtained through the use of a pre-checked box (e.g., default settings, with user confirmation)?  Can consent be obtained for a “suite” of products?  Can consent to updates and upgrades be mandatory?  Can identity and contact information be provided through links?
  • 9. Satisfying the Disclosure Rules 9 Minimum disclosures:  Describe the “function and purpose” “clearly and simply” “in general terms” Enhanced disclosures: Describe the “program’s material elements that perform the function or functions, including the nature and purpose of those elements and their reasonably foreseeable impact on the operation of the computer system”  “clearly and prominently”  “separately and apart from license agreement”  “separately from any other information provided”  “acknowledgement in writing... that they understand and agree”
  • 10. Proving Consent 10 CRTC Enforcement Bulletin (2012-548)  “The Commission considers that the requirement for consent in writing is satisfied by information in electronic form if the information can subsequently be verified.”  “Examples of acceptable means of obtaining consent in writing include checking a box on a web page to indicate consent where a record of the date, time, purpose, and manner of that consent is stored in a database; and filling out a consent form at a point of purchase.”
  • 11. Satisfying the withdrawal of consent rule (s.11(5)) 11 When does obligation to provide an electronic address apply?  Only if program performs a function regulated by s.10(4)?  Exempt if the program is covered by s.10(8)? How must contact information be provided?
  • 12. “Deemed” express consent (s. 10(8)) 12 A person is considered to expressly consent to the installation of a computer program if: a) the program is: i. a cookie, ii. HTML code, iii. Java Scripts, iv. an operating system, v. any other program that is executable only through the use of another computer program whose installation or use the person has previously expressly consented to, or vi. any other program specified in the regulations; and b) the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation.
  • 13. “Deemed” express consent for network security & updating a network (IC Reg’s, s. 6(a) & (b)) 13 (a) a program that is installed by or on behalf of a telecommunications service provider solely to protect the security of all or part of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network; (b) a program that is installed, for the purpose of updating or upgrading the network, by or on behalf of the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network;
  • 14. “Deemed” express consent - Questions for both s. 6(a) & (b) of IC Reg’s 14 Non-definition of a “network” How to identify the “end node” of the network? Applicability to not just parts of a network that require a 24/7 ‘live’ connection to a telecommunications service? • E.g. What about a program which could be used in some cases without active/online wireless connectivity?
  • 15. “Deemed” express consent - Questions for both s. 6(a) & (b) of IC Reg’s 15 Definition of “telecommunications service provider” Broad? Not so broad, due to constitutional limitations? (e.g. applicability of CASL’s computer program provisions to intraprovincial communications?)
  • 16. “Deemed” express consent - Questions for s. 6(a) of IC Reg’s (network security exemption) 16 Is a “threat to the availability, reliability, efficiency or optimal use” just:  Malware?  Viruses?  Software bug?  Other? What is a “current and identifiable” threat?  Threats that are not ‘identifiable’ in addition to being ‘current’?  What about ‘future’ security threats? “Solely” – is the exemption available if the program has an additional legitimate purpose in addition to just addressing a ‘security’ threat?
  • 17. “Deemed” express consent (IC Reg’s, s. 6(c) – correcting a failure) 17 (c) a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose. “Solely” – is the exemption available if the program provided ‘new’, improved or additional functionality or features, and not “solely” bug fixes?
  • 18. “Deemed” express consent - Questions for each of s. 6(a), (b) & (c) of IC Reg’s 18 How to assess whether the person’s conduct is such that they consent to the program’s installation (s. 10(8)(b))?
  • 19. Additional Compliance Challenges and Solutions – Mobile/Telecom 19 Scenario I: Initial software updates during “Out Of Box Experience” (OOBE) for a new BlackBerry 10 device
  • 20. Out Of Box Experience (OOBE) on BlackBerry 10 - First substantive step after user chooses UI language is acceptance of BlackBerry Solution License Agreement, which indicates software may automatically check for updates and that BlackBerry may make required updates available
  • 21. OOBE on BlackBerry 10 (cont’d) - The last substantive step before completion of initial setup is a user notice regarding software update as part of the OOBE (most current OS available for relevant carrier/region)
  • 22. 22 Scenario II: 3rd Party App Submission Process in BlackBerry World Additional Compliance Challenges and Solutions – Mobile/Telecom
  • 23. Step 1: Developer creates a Vendor account – after acceptance of BlackBerry World vendor terms, etc various fields made available for vendor to complete. - These include for vendor identification and contact info. 3rd Party App Submission Process in BlackBerry World
  • 24. Step 1 (cont’d): fields also made available for vendor‟s support email, Privacy Policy url etc. 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 25. Step 2: App submission process: Vendor creates the listing for the app under their Vendor account. 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 26. Step 2 (cont’d): Vendor adds Descriptive text which will be seen by the user when they view the app in BlackBerry World, prior to download. Substantial space available in “Long Description” – vendor free to provide information about the function and purpose of the computer program (or to provide additional disclosures as may be required by s. 10(4) or (5) of CASL if the vendor so chooses (presumably „separate and apart from the license agreement‟ as it is prior to download).) 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 27. Step 2 (cont’d): Vendor adds App icon and screenshots 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 28. Step 2 (cont’d): Vendor can limit the availability of their app by Carrier and or Country 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 29. Step 3: End user process: • Once app accepted for distribution in BlackBerry World, it is made available for users to access in BlackBerry World, either through the user browsing or searching for the desired app 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 30. Step 3: End user process (cont’d): • Users goes to the app listing in BlackBerry World, to view the information that the vendor had input about the app 3rd Party App Submission Process in BlackBerry World (cont’d)
  • 31. • Users chooses to download the app Step 3 (cont’d): BlackBerry World End user process:
  • 32. • Users presented with any required permissions sought by app prior to using the software • (Note: outside of BlackBerry World, once the user is in the app the vendor may also provide its EULA or other notice(s) for acceptance etc). Step 4: App permissions notice to end user
  • 33. Additional Compliance Challenges and Solutions – Product Manufacturing 33 Lack of direct interaction with consumers  Express consent  Exceptions to consent Obtaining consent for products with no user interface Global marketplace challenges
  • 34. Additional Compliance Challenges and Solutions – Online Business 34 Cookies Java scripts HTML code