Feed aggregator

The Trouble with the TPP, Day 22: Expanding Border Measures Without Court Oversight

Michael Geist Law RSS Feed - Tue, 2016/02/02 - 10:10

The Trouble with the TPP series continues with IP enforcement and border measures provisions, which are illustrative of Jim Balsillie’s concern about Canada’s failure to set its own IP policy. Yesterday’s post noted that the U.S. demanded that Canada provide a report card every six months on its customs activities, meet on the issue whenever the U.S. demands, and face the possibility of a dispute settlement complaint for failing to comply with these rules. The TPP goes further, however, as it will require Canada to create a system to allow for the detention of goods with “confusingly similar” trademarks.

Article 18.76 of the TPP establishes “special requirements related border measures” which includes allowing for applications to detain suspected confusingly similar trademark goods as well as  procedures for rights holders to suspend the release of those goods. The required change is striking since Canada just overhauled its rules for border measures under pressure from the U.S. The Canadian approach did not include “confusingly similar” trademark goods, recognizing that such goods are not counterfeit and that requiring border guards (who rarely have legal training) to make exceptionally difficult judgments about whether imported goods violate the law is bad policy.

In 2011, Daniel Drapeau, a lawyer with Smart & Biggar, emphasized the difference between counterfeits and confusingly similar trademark goods at a Canadian Heritage hearing on counterfeiting:

Nor are counterfeits goods that bear a trademark that is confusingly similar to the genuine one, say, some other form of reptile besides the little alligator. These are not counterfeits. Counterfeits reproduce the trademark.

Kim Weatherall explains why the extension of trademark infringement to “confusingly similar” marks is controversial around the world:

The extension to cases of trade mark infringement involving ‘confusingly similar’ marks is internationally controversial, because (a) it requires customs officials to engage in legal analysis that is arguably beyond their level of expertise, (b) it creates the potential for competitive activity to be caught by and fought out at the level of border measures where it would be more appropriate for those fights to occur through the courts (ie it allows a company that believes a competitor is ‘too close’ to use border measures); and (c) it creates potential for application of border measures against generic pharmaceuticals, because allegations are regularly raised that generic pharmaceutical companies are using confusingly similar marks, thus potentially impacting on access to medicine.

Given those concerns, it should not come as a surprise that Canada opposed the extension to confusingly similar trademarks throughout the TPP negotiations. In fact, earlier leaked drafts show that almost half the TPP opposed the extension (Singapore, Brunei, Malaysia, Vietnam, and Canada). Yet as is the case in so many other areas, Canada ultimately caved on the issue and if we decide to ratify the TPP, will be required to change domestic law months after passing new rules specifically designed to provide enhanced border measures provisions.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards, Day 16: Intervening in Internet Governance, Day 17: Weak E-commerce Rules, Day 18: Failure to Protect Canadian Cultural Policy, Day 19: No Canadian Side Agreement to Advance Tech Sector, Day 20: Unenforceable Net Neutrality Rules, Day 21: U.S. Requires Canadian Anti-Counterfeiting Report Card)

The post The Trouble with the TPP, Day 22: Expanding Border Measures Without Court Oversight appeared first on Michael Geist.

The Trouble with the TPP, Day 21: U.S. Requires Canadian Anti-Counterfeiting Report Card

Michael Geist Law RSS Feed - Mon, 2016/02/01 - 11:03

This weekend, former Research in Motion co-CEO Jim Balsillie wrote a must-read opinion piece in the Globe and Mail on the TPP. Balsillie makes a compelling case for how Canadian IP policy has failed in light of decisions to consistently cave to foreign pressures:

Starting in the 1980s, Canadian policy makers and politicians blindly bought the narrative lobbied by foreign corporations, first in the pharmaceutical industry and then across all sectors, that stronger IP protection would lead to more domestic innovation and prosperity.

Three decades later, our pharma R&D has declined dramatically and drug prices for Canadian consumers are among the highest in the world. Our largest technology companies are much smaller now than 10 years ago and we have zero growth in innovation outputs over the past 30 years.

We should have learned our lesson by now, and yet the same outdated thinking from the 1980s is back on display from today’s TPP proponents: Focus on aligning our domestic IP laws with the U.S. system and hope for the best. TPP needs to be assessed not for its legal purity or alignment to U.S. laws, but for the economic impacts colonial IP policies have on Canada. After all, Canada has aligned its laws with the United States both directly and indirectly in several international treaties over the past three decades, and our innovation performance always faltered thereafter.

The Trouble with the TPP series has already reviewed how the TPP offers more of the same through policies such as copyright term extension and locking in extended patent protections. The agreement also addresses IP enforcement and border measures, just months after Canada changed its rules to provide more protections and enforcement.

For example, Article 18.76 of the TPP seeks to expand the power of customs officials by granting them the right to initiate border measures without court oversight, even for goods that are in-transit (ie. not destinated to stay within the country). The in-transit issue was a major source of U.S. lobbying during the debate over Bill C-8, Canada’s anti-counterfeiting bill. Canada ultimately excluded in-transit shipments from the ambit of the bill with the government arguing that “our government doesn’t believe taxpayers should be on the hook for the cost of seizing counterfeit products that are destined for the United States that do not threaten health or safety.”

The U.S. hoped to reverse Bill C-8 through the TPP.  In-transit seizures are mandated in the agreement, but footnote 122 in the TPP states:

As an alternative to this subparagraph, a Party shall instead endeavour to provide, if appropriate and with a view to eliminating international trade in counterfeit trademark goods or pirated copyright goods, available information to another Party in respect of goods that it has examined without a local consignee and that are transhipped through its territory and destined for the territory of the other Party, to inform that other Party’s efforts to identify suspect goods upon arrival in its territory.

With the “endeavour to provide” requirement, this provision appears to be another best efforts provision that is not a strict requirement. Yet the U.S. wanted a clear requirement from Canada and apparently demanded a side letter between the two countries:

Each government shall provide to the other, on a semi-annual basis, a compilation of notifications provided to the other government’s customs administration under footnote 122 of Article 18.76.5(c), highlighting description and quantity of the suspected infringing goods.  Finally, representatives of both governments shall meet upon the request of the other government to discuss any aspect of this agreement.


I have the honor to propose that this letter and your letter of confirmation in reply, equally valid in English and French, shall constitute an agreement between our two Governments, subject to dispute settlement under Chapter 28 of the TPP Agreement, which shall enter into force on the date of entry into force of the TPP Agreement as between Canada and the United States.

In other words, the Canadian obligation is not optional. The U.S. is requiring Canada to provide a report card every six months on its customs activities, meet on the issue whenever the U.S. demands, and face the possibility of a dispute settlement complaint for failing to comply with these rules. While some might view this as a modest requirement, the U.S. does not require similar reports from anyone else. Rather, consistent with the history articulated in Balsillie’s piece, Canada is once again bullied into complying with U.S. demands on intellectual property laws and enforcement.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards, Day 16: Intervening in Internet Governance, Day 17: Weak E-commerce Rules, Day 18: Failure to Protect Canadian Cultural Policy, Day 19: No Canadian Side Agreement to Advance Tech Sector, Day 20: Unenforceable Net Neutrality Rules)

The post The Trouble with the TPP, Day 21: U.S. Requires Canadian Anti-Counterfeiting Report Card appeared first on Michael Geist.

Canada considers copyright registration - again

Sara Bannerman - Sun, 2016/01/31 - 18:07
The Embassy News reports that Canada is considering making the extra twenty years' term extension under the Trans-Pacific Partnership Agreement conditional on copyright registration.

Such a move would have many advantages, and would permit those works that are not registered to fall into the public domain.  However, Embassy notes that the Berne Convention, a foundational copyright treaty, prohibits making formalities such as registration a condition of granting copyright.  As Embassy notes, the Berne Convention is ambiguous as to whether this prohibition lasts for the full term of copyright, or whether it covers only the initial Berne-mandated term of life plus fifty years, leaving countries free to do what they want after that.

This isn't the first time that Canada has hit up against this dilemma.  In 1931 Canada passed a Copyright Act that also required certain types of registration, and the same question arose.  At issue, in particular, was the requirement that copyright collectives register lists of the works they claimed to grant licenses in.  It was felt that copyright collectives were claiming copyright infringement in works they had no rights in and that, to hold them accountable, lists of their works should be published.

No major challenge to Canada's provisions was ever brought under the Berne Convention.

For more details, see The Struggle for Canadian Copyright, pp. 121-125.

Here are the relevant sections of Canada's 1931 Copyright Act:





While the proposed option could be a move demonstrating much-needed copyright innovation with the public interest in mind, an even better option would be not to implement the TPP.

The Trouble with the TPP, Day 20: Unenforceable Net Neutrality Rules

Michael Geist Law RSS Feed - Fri, 2016/01/29 - 10:15

One of President Barack Obama’s selling points for the TPP has been claims that it helps preserve “an open and free Internet.” The references to an open and free Internet, which is closely linked to net neutrality, may strike a chord with those concerned with digital issues. However, the Trouble with the TPP is that a close examination of the text and a comparison with existing net neutrality rules in many TPP countries reveals that it doesn’t advance the issue. In fact, the standards are so weak and unenforceable that at least half of the TPP countries already far exceed them.

Article 14.10
of the TPP provides:

Subject to applicable policies, laws and regulations, the Parties recognise the benefits of consumers in their territories having the ability to:
(a) access and use services and applications of a consumer’s choice available on the Internet, subject to reasonable network management;
(b) connect the end-user devices of a consumer’s choice to the Internet, provided that such devices do not harm the network; and
(c) access information on the network management practices of a consumer’s Internet access service supplier.

As a starting point, this is not mandated obligation. The TPP countries merely “recognize” the benefits of some net neutrality provisions. For those countries without net neutrality rules, there is no requirement to implement anything in order to comply with the agreement. In fact, if there was any doubt about the lack of enforceability, the entire provision is prefaced by the reference to “subject to applicable policies, and regulations.” In other words, the provision doesn’t advance anything for countries without net neutrality provisions.

For those with net neutrality provisions, the TPP typically falls well short of what they already have in place. In Canada, the CRTC’s Internet Traffic Management Practices go far beyond the TPP, offering more comprehensive coverage, a complaints mechanism, and enforceable obligations overseen by the CRTC.  Many other TPP countries also have stronger net neutrality rules:

  • The U.S. FCC net neutrality order prevents ISPs from blocking legal content, throttling on the basis on content, applications or services, and from charging content providers for paid prioritization.
  • Peru adopted net neutrality rules in 2012, preventing ISPs from blocking interfering, discriminating, or restricting internet users from using an application regardless of its nature, origin or destination
  • Mexico has passed amendments to its telecommunications legislation that adopt net neutrality.
  • Singapore introduced a limited net neutrality policy in 2011 that prevents ISPs from blocking legitimate internet content, and forbids ISPs from imposing measures which effectively render content inaccessible or unusable.
  • Chile has had net neutrality laws since 2010. The law requires ISPs “ensure access to all types of content, services or applications available on the network and offer a service that does not distinguish content, applications or services, based on the source of it or their property.
  • Japan’s net neutrality policy is centred on fairness in network use with fairness in network cost sharing. Japanese ISPs have adopted packet shaping in order to insure consistent internet speeds, but recognize that packet shaping should be used a last resort, and ISP should focus on enhancing network capacity.

Net neutrality has also emerged as a policy issue in other TPP countries such as Australia and New Zealand. The net neutrality provisions may be promoted as a positive step forward by TPP supporters, but they are unlikely to have much, if any, impact.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards, Day 16: Intervening in Internet Governance, Day 17: Weak E-commerce Rules, Day 18: Failure to Protect Canadian Cultural Policy, Day 19: No Canadian Side Agreement to Advance Tech Sector)

The post The Trouble with the TPP, Day 20: Unenforceable Net Neutrality Rules appeared first on Michael Geist.

The Trouble with the TPP, Day 19: No Canadian Side Agreements to Advance Tech Sector

Michael Geist Law RSS Feed - Thu, 2016/01/28 - 10:16

The Trouble with the TPP series this week has focused on issues such as the failure to obtain a full cultural exception and the weak e-commerce rules that do little to assist online businesses, particularly small and medium sized enterprises. Yet the Canadian digital failure goes even further. While other countries saw the opportunity to use the TPP to advance their domestic online sector through side agreements, Canada remained on the sidelines. Indeed, as some leading critics such as Jim Balsillie have noted, the Canadian government did little to even consult with Canada’s technology sector.

Consider a side letter on online education between Australia and Vietnam. The side letter opens the door to technical assistance and pilot programs for online education between the two countries, providing for assistance on distance education delivery models, assessing applications from Australian providers to deliver online education, and work to recognize the qualifications obtained from such courses. Moreover, the letter states that:

Viet Nam will cooperate with Australia to facilitate a pilot program under which Australian universities would deliver courses in Viet Nam that may be delivered wholly or substantially online.

The letter continues with details on the pilot program, which is geared toward enhancing Australia’s higher education presence in the country and taking advantage of digital opportunities. This a good strategy for Australia, but raises the question of why Canada failed to take similar steps to make digital inroads in TPP countries.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards, Day 16: Intervening in Internet Governance, Day 17: Weak E-commerce Rules, Day 18: Failure to Protect Canadian Cultural Policy)

The post The Trouble with the TPP, Day 19: No Canadian Side Agreements to Advance Tech Sector appeared first on Michael Geist.

Why Canadian Telecom Companies Must Defend Your Right to Privacy

Michael Geist Law RSS Feed - Thu, 2016/01/28 - 09:58

In today’s communications driven world, no one collects as much information about its customers as telecom companies. As subscribers increasingly rely on the same company for Internet connectivity, wireless access, local phone service, and television packages, the breadth of personal data collection is truly staggering.

Whether it is geo-location data on where we go, information on what we read online, details on what we watch, or lists identifying with whom we communicate, telecom and cable companies have the capability of pulling together remarkably detailed profiles of millions of Canadians.

My weekly technology law column (Toronto Star version, homepage version) notes that how that information is used and who can gain access to it has emerged as one the most challenging and controversial privacy issues of our time. The companies themselves are tempted by the prospect of “monetizing” the information by using it for marketing purposes, law enforcement wants easy access during criminal investigations, and private litigants frequently demand that the companies hand over the data with minimal oversight.

As a result, courts and privacy commissioners have regularly faced questions about the rights and responsibilities associated with subscriber information. For example, the Privacy Commissioner of Canada ruled last year that Bell’s “relevant advertising program”, which provided advertisers with the ability to target ads based on subscriber personal information, ran afoul of Canadian privacy law because the company simply presumed that it could use the information without an explicit, opt-in consent.

The Canadian courts have similarly grappled with a myriad of privacy issues, including whether basic subscriber information carries with it a reasonable expectation of privacy (the Supreme Court of Canada ruled that it does) or if an Internet provider can be required to reveal the identities of Internet subscribers in a copyright infringement lawsuit (it can subject to conditions limiting how the information is used).

Earlier this month, an Ontario court escalated the privacy rights of subscribers in a high-profile case involving Rogers and Telus, who were asked by police to provide “tower dump” records that would have revealed information on thousands of cellphone users. The two telecom companies rejected the request, noting that the disclosure would affect tens of thousands of people who were merely located in the vicinity of a cellphone tower during the specified period.

Given the detailed information that would have been available (including billing and credit card information), the lack of safeguards over the information, and the over breadth of the request, the companies argued that an order to produce the information would breach the reasonable expectation of privacy of the affected cellphone users. The court proceeded to establish a series of guidelines aimed at forcing law enforcement to provide detailed justifications for disclosures in similar circumstances.

While that alone would be a notable ruling, the court went further by ruling that the companies had a positive obligation to defend the privacy interests of their subscribers.

Lawyers representing the police had questioned whether the telecom companies were entitled to raise the privacy rights of their subscribers. The court noted that individual cellphone users were unlikely to appear in court to defend their privacy interests, meaning their concerns would be unaddressed unless the companies took it upon themselves to question the production order. Moreover, since customer contracts reference privacy rights, the court reasoned that the companies were contractually obligated to assert the privacy interests of their subscribers.

The confirmation that telecom and Internet providers are obligated to defend the privacy interests of their subscribers represents a sea change in approach. For years, companies have been largely content to remain on the sidelines, arguing that they are merely intermediaries without the ability to step into the shoes of their customers. In fact, even in the Telus and Rogers tower dump case, Bell was conspicuously absent.

The courts are now sending the unmistakable message that the privacy interests of subscribers are too important to be left without representation. Companies promise privacy protection in their contracts and that includes stepping up to defend customers to ensure that personal information is properly safeguarded, that appropriate justifications for disclosure are provided, and the information is not misused in any way.

The post Why Canadian Telecom Companies Must Defend Your Right to Privacy appeared first on Michael Geist.

Why Telecoms Must Defend Your Right to Privacy

Michael Geist Law RSS Feed - Thu, 2016/01/28 - 09:52

Appeared in the Toronto Star on January 25, 2016 as Why Your Telecom Must Defend Your Right to Privacy

In today’s communications driven world, no one collects as much information about its customers as telecom companies. As subscribers increasingly rely on the same company for Internet connectivity, wireless access, local phone service, and television packages, the breadth of personal data collection is truly staggering.

Whether it is geo-location data on where we go, information on what we read online, details on what we watch, or lists identifying with whom we communicate, telecom and cable companies have the capability of pulling together remarkably detailed profiles of millions of Canadians.

How that information is used and who can gain access to it has emerged as one the most challenging and controversial privacy issues of our time. The companies themselves are tempted by the prospect of “monetizing” the information by using it for marketing purposes, law enforcement wants easy access during criminal investigations, and private litigants frequently demand that the companies hand over the data with minimal oversight.

As a result, courts and privacy commissioners have regularly faced questions about the rights and responsibilities associated with subscriber information. For example, the Privacy Commissioner of Canada ruled last year that Bell’s “relevant advertising program”, which provided advertisers with the ability to target ads based on subscriber personal information, ran afoul of Canadian privacy law because the company simply presumed that it could use the information without an explicit, opt-in consent.

The Canadian courts have similarly grappled with a myriad of privacy issues, including whether basic subscriber information carries with it a reasonable expectation of privacy (the Supreme Court of Canada ruled that it does) or if an Internet provider can be required to reveal the identities of Internet subscribers in a copyright infringement lawsuit (it can subject to conditions limiting how the information is used).

Earlier this month, an Ontario court escalated the privacy rights of subscribers in a high-profile case involving Rogers and Telus, who were asked by police to provide “tower dump” records that would have revealed information on thousands of cellphone users. The two telecom companies rejected the request, noting that the disclosure would affect tens of thousands of people who were merely located in the vicinity of a cellphone tower during the specified period.

Given the detailed information that would have been available (including billing and credit card information), the lack of safeguards over the information, and the over breadth of the request, the companies argued that an order to produce the information would breach the reasonable expectation of privacy of the affected cellphone users. The court proceeded to establish a series of guidelines aimed at forcing law enforcement to provide detailed justifications for disclosures in similar circumstances.

While that alone would be a notable ruling, the court went further by ruling that the companies had a positive obligation to defend the privacy interests of their subscribers.

Lawyers representing the police had questioned whether the telecom companies were entitled to raise the privacy rights of their subscribers. The court noted that individual cellphone users were unlikely to appear in court to defend their privacy interests, meaning their concerns would be unaddressed unless the companies took it upon themselves to question the production order. Moreover, since customer contracts reference privacy rights, the court reasoned that the companies were contractually obligated to assert the privacy interests of their subscribers.

The confirmation that telecom and Internet providers are obligated to defend the privacy interests of their subscribers represents a sea change in approach. For years, companies have been largely content to remain on the sidelines, arguing that they are merely intermediaries without the ability to step into the shoes of their customers. In fact, even in the Telus and Rogers tower dump case, Bell was conspicuously absent.

The courts are now sending the unmistakable message that the privacy interests of subscribers are too important to be left without representation. Companies promise privacy protection in their contracts and that includes stepping up to defend customers to ensure that personal information is properly safeguarded, that appropriate justifications for disclosure are provided, and the information is not misused in any way.

Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can be reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.

The post Why Telecoms Must Defend Your Right to Privacy appeared first on Michael Geist.

The Trouble with the TPP, Day 18: Failure to Protect Canadian Cultural Policy

Michael Geist Law RSS Feed - Wed, 2016/01/27 - 10:28

Culture and the TPP has yet to garner much attention, but that is a mistake. The TPP departs from longstanding Canadian policy by not containing a full cultural exception and creates unprecedented restrictions on policies to support the creation of Canadian content. The Canadian position on trade and culture has been consistent for decades with successive governments requiring a full exemption for the cultural industries. The exemption, which is found in agreements such as NAFTA and CETA, give the government full latitude to implement cultural policies to support the creation of Canadian content.

The TPP’s approach to culture is different from Canada’s other trade agreements. Rather than include an exception chapter or provision, the TPP contains several annexes that identify “non-conforming measures.” This allows countries, including Canada, to list exceptions to specific TPP rules. Without an exception for the cultural industries, the TPP rules banning local presence requirements and national treatment for service providers would place Canadian cultural rules at risk. Annex II includes a Canadian exception for the cultural industries. The exception is promoted in the government’s summary of the TPP, which claims that the agreement:

includes a broad reservation under Services and Investment for existing and future programs and policies with respect to cultural industries that aim to support, directly or indirectly, the creation, development or accessibility of Canadian artistic expression and content.


That led to media coverage reporting that Canada had obtained a full exception to protect cultural policies. A closer look at the actual text, however, reveals that Canada did not obtain a full cultural exception. Rather, there are two notable exceptions to the general cultural exception, which state:

Canada reserves the right to adopt or maintain any measure that affects cultural industries and that has the objective of supporting, directly or indirectly, the creation, development or accessibility of Canadian artistic expression or content, except:

a) discriminatory requirements on services suppliers or investors to make financial contributions for Canadian content development; and 

b) measures restricting the access to on-line foreign audiovisual content. 


As someone who has argued against Netflix regulation or expanded Cancon rules, there is an appeal to these exceptions to the exception. Yet it is shocking to find the Canadian government locking itself into rules that restrict its ability to consider expanding Cancon contributions to entities currently exempt from payment or adopting rules that limit regulatory jurisdiction over foreign online video providers that target Canadian consumers. Expanding Cancon payments may be a bad idea today (the Ontario and Quebec governments along with the CBC have suggested it is a good idea), but as the market evolves it is certainly possible that some form of regulation will be contemplated tomorrow.

The TPP provision appears to be a permanent ban on a “Netflix tax” or virtually any expansion of Cancon contributions to currently exempt services. The Conservatives campaigned against such a levy and no opposition party expressly supported required payments for providers such as Netflix. However, the Liberals did promise during the election campaign to gather data on online video services “with particular focus on consumer habits, the availability of Canadian films, and revenues and expenses associated with these services.” That is useful information, but its value is diminished if the government is committing itself through the TPP to never explore certain policies to benefit Canadian content development. In fact, the scope of the provision goes far beyond just online video: the music industry and publishing industry would face similar restrictions.

The exception may be limited to “discriminatory” Cancon payment requirements, but currently exempt providers (such as online video services) will argue that any Cancon payments would be discriminatory against them, because they do not enjoy many of the protections and benefits that go to the Canadian companies that make Cancon contributions as part of a regulatory quid pro quo (Netflix raised the concern when it appeared before the CRTC in 2014 and in its submission that was removed from the record). This would include development funding, production funding, and multiple windows for achieving Cancon requirements. Assuming those services argue that any mandated Cancon contribution is discriminatory if they do not also receive the benefits accorded to established broadcasters or broadcast distributors, the TPP will effectively ban applying Cancon contributions to exempt entities. That might be a sensible policy for the moment, but the TPP removes the ability to revisit the issue and essentially freezes the Cancon system in its current form.

There are similar concerns with measures restricting access to online foreign audiovisual content. Given its popularity, few would want to restrict access to Netflix (indeed, the opposite is true as many want access to more Netflix). But what if foreign services have unfair advantages over Canadian-based competition? What if a foreign music service (with videos) targets the Canadian market in a manner that raises legal concerns? What if the government seeks to negotiate better opportunities for Canadian content on a foreign service?  The TPP would seem to block the ability to take action, since new rules may restrict access to foreign content or constitute the discriminatory requirements.

Why did Canada depart from longstanding cultural policy in the TPP?

I asked Global Affairs Canada for answers several times over the past week, but did not receive a response [Update 1/28: I received a response late yesterday. The government did not respond to questions about why the TPP departs from longstanding cultural trade policy. A spokesperson for the Minister of International Trade did confirm, however, that the TPP contains two exceptions to the cultural exception]. Perhaps the answer lies in U.S. opposition to Canada’s entry into the TPP negotiations. I’ve already highlighted several of the restrictive conditions faced by the Canadian delegation. But it is worth noting that the cultural exception was opposed by U.S. lobby groups, who warned that the TPP would not contain Canada’s traditional cultural exception:

IIPA is also concerned about the significant market access barriers to U.S. copyrighted materials that Canada maintains pursuant to the “cultural exception” in its FTA with the U.S. Canada has interpreted this exception to be unreasonably broad, even to encompass discriminatory application of its copyright law, and has insisted on this misinterpretation of the exception in similar provisions in other trade agreements. IIPA strongly opposes the inclusion of any such cultural exclusion in the TPP, and the Canadian government must understand that TPP will not admit of such exceptions.


Perhaps the carve out was another part of the price of admission. Or maybe the Conservative government was looking for a way to restrict the possibility of expanding Cancon payments or to block a Netflix tax forever.  Regardless, the TPP creates significant cultural concerns for those that support a cultural policy that includes mandated contributions to support the creation of Canadian content.

 Moreover, it represents a major departure from longstanding Canadian trade policy that sought a full exception to ensure full flexibility in implementing Canadian cultural policy.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards, Day 16: Intervening in Internet Governance, Day 17: Weak E-commerce Rules)

The post The Trouble with the TPP, Day 18: Failure to Protect Canadian Cultural Policy appeared first on Michael Geist.

The Trouble with the TPP, Day 17: Weak E-commerce Rules

Michael Geist Law RSS Feed - Tue, 2016/01/26 - 11:07

As part of the U.S. effort to drum up support for the TPP, President Barack Obama enlisted the support of eBay, sending an email to 600,000 merchants that claimed that the agreement would help e-commerce and small merchants. That message was repeated by Andrea Stairs, the managing director of eBay Canada, who wrote an op-ed in the Financial Post that similarly pointed to the e-commerce rules, de minimis customs rules, and the benefits for small and medium sized business. The Trouble with the TPP is that a closer look at the text reveals that the benefits from the e-commerce provisions, de minimis rules, and the much-touted SME chapter are practically non-existent.

Article 14.6 of the TPP addresses the issues of electronic authentication and electronic signatures, key aspects of ensuring that e-commerce transactions are enforceable. The foundational issue, as found in many e-commerce laws, is that electronic signatures have the same validity as paper-based ones. The TPP provides:

Except in circumstances otherwise provided for under its law, a Party shall not deny the legal validity of a signature solely on the basis that the signature is in electronic form.

In other words, unless a country rules otherwise, electronic signatures are valid. By providing for the flexibility to determine otherwise, the TPP gives business with no additional certainty with respect to electronic signatures as it remains up to each country to develop its own rules. Additional provisions on electronic signatures contain similar limitations, while the electronic authentication issue is limited to “encouraging” the use of interoperable authentication systems.

The de minimis customs rules are of little help as well. The rules allow low-value shipments to proceed without further customs duties. The eBay Canada op-ed notes that the de mimimis threshold “remains a key barrier to Canadian consumer and small business participation in the global economy.” How does the TPP address the issue?  It states:

no customs duties will be assessed on express shipments valued at or below a fixed amount set under the Party’s law.

In other words, it doesn’t. The TPP leaves it up to each country to set the threshold and only requires periodic review.

The SME chapter is even weaker. It creates two obligations.  First, creating a website that contains the TPP text. Additional information, such as tax data, foreign investment regulations or business registration procedures are optional.  Second, the TPP countries agree to establish a Committee on SMEs that is required to meet once within one year of the TPP taking effect. That’s it. In fact, the chapter notes that non-compliance with these “obligations” are not subject to treaty dispute resolution procedures. These provisions do not meaningfully advance e-commerce. If anything, they serve as a reminder of how little the agreement does to better promote online transactions.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards, Day 16: Intervening in Internet Governance)

The post The Trouble with the TPP, Day 17: Weak E-commerce Rules appeared first on Michael Geist.

The Trouble with the TPP, Day 16: Intervening in Internet Governance

Michael Geist Law RSS Feed - Mon, 2016/01/25 - 10:19

The Trouble with the TPP series explores Internet-related issues this week, starting with the surprising inclusion of Internet governance in a trade deal. The debate over Internet governance for much of the past decade has often come down to a battle between ICANN and the ITU (a UN body), which in turn is characterized as a choice between a private-sector led, bottoms-up, consensus model (ICANN) or a governmental-controlled approach. Canada (along with countries like the U.S. and Australia) have consistently sided with the ICANN-model, arguing for a multi-stakeholder approach with limited government intervention. In fact, at the 2014 NetMundial conference, the Canadian government stated:

The multistakeholder model of Internet governance has been a key driver in the success of the Internet to date. Canada firmly supports this model and believes it must continue to be the foundation for all discussions in order to preserve the Internet’s open architecture. Canada firmly supports strengthening this model. Government centric approaches would stifle the innovation and dynamism associated with the Internet.

The Trouble with the TPP is that it contradicts Canada’s longstanding policy on Internet governance. While Canada, the U.S. and other TPP countries urge the governments of the world to take a hands-off approach to the Internet, the TPP opens the door to country-code domain intervention (note that I am on the board of the Canadian Internet Registration Authority, which manages the dot-ca domain).

Article 18.28 on domain names requires each party to have a domain name dispute resolution system similar to the ICANN UDRP, to provide online public access to the WHOIS database that provides contact information for domain name registrants, and to have “appropriate remedies” for bad faith intent to profit from similar domains. According to earlier leaks, Canada joined most of the TPP in opposing the provision requiring remedies for bad faith intent to profit, perhaps recognizing the implications of mandated domain name regulation. The U.S. demand for a provision prevailed, however, creating trade rules that effectively require governments to regulate their national domains.

The current Canadian rules likely meet the the TPP requirements, but what if CIRA, acting as an independent manager of the dot-ca domain in consultation with its stakeholders, decided to amend its dispute resolution rules or to further restrict access to the WHOIS database? If the new CIRA rules were inconsistent with the TPP, the Canadian government would either face the prospect of violating the trade agreement or compelling CIRA to amend its rules. It is not clear how it would do that – perhaps a legislative act or an assertion of power over CIRA – but however achieved, it would require the government to directly intervene within the Canadian Internet governance model. That approach is what the government has long rejected, yet the TPP raises the possibility of abdicating those principles in order to meet the agreement’s obligations.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy, Day 15: Weak Anti-Spam Law Standards)

The post The Trouble with the TPP, Day 16: Intervening in Internet Governance appeared first on Michael Geist.

Updating the Defend Trade Secrets Act?

Freedom to Tinker - Sat, 2016/01/23 - 14:02
Despite statements to the contrary by sponsors and supporters in April 2014, August 2015, and October 2015, backers of the Defend Trade Secrets Act (DTSA) now aver that “cyber espionage is not the primary focus” of the legislation. At last month’s Senate Judiciary Committee hearing, the DTSA was instead supported by two different primary reasons: […]

Fair Access: Striking the Right Balance on Education and Copyright

Michael Geist Law RSS Feed - Fri, 2016/01/22 - 10:37

Academic Matters, a semi-annual publication that explores issues related to higher education, has just published a pair of essays on education, fair dealing, copyright, and collective licensing. Roanie Levy, the Executive Director of Access Copyright, wrote an essay in support of the role of her copyright collective. I wrote the other essay, arguing that emerging forms of access for copyrighted works lessens the value of the Access Copyright licence.

The full piece – Fair Access: Striking the Right Balance on Education and Copyright – can be found here.  I conclude that:

any [copyright law] review must account for the millions being paid by educational institutions for access and the modest interpretations of fair dealing law in Canada, which have resulted in copying guidelines that are still more restrictive than those found in some other countries. Indeed, a fair review of the current system reveals that the problem facing Access Copyright is not that copies are not valued, but rather that in light of new forms of access and the evolution of the law, its licence is no longer valuable. 

The post Fair Access: Striking the Right Balance on Education and Copyright appeared first on Michael Geist.

The Trouble with the TPP, Day 15: Weak Anti-Spam Law Standards

Michael Geist Law RSS Feed - Fri, 2016/01/22 - 10:33

The Trouble with the TPP and privacy, which includes weak privacy laws, restrictions on data localization, bans on data transfer restrictions, and a failure to obtain privacy assurances from the U.S., also includes the agreement’s weak anti-spam standards. Given the fact that nearly all TPP countries have some form of anti-spam law (with the exception of Brunei), the inclusion of anti-spam provision in the TPP was not surprising, yet the agreement sets the bar far lower than that found in many countries. Article 14.14 states:

Each Party shall adopt or maintain measures regarding unsolicited commercial electronic messages that:
(a) require suppliers of unsolicited commercial electronic messages to facilitate the ability of recipients to prevent ongoing reception of those messages;
(b) require the consent, as specified according to the laws and regulations of each Party, of recipients to receive commercial electronic messages; or
(c) otherwise provide for the minimisation of unsolicited commercial electronic messages.

The TPP provision features two key requirements: anti-spam laws that provide for a binding unsubscribe mechanism and some form of consent. Yet with the standard of consent left wide open, countries are free to adopt weak, ineffective standards and still comply with the TPP requirements. In fact, since spam raises global concerns that frequently requires cross-border co-operation, the TPP would have been an ideal mechanism to strengthen international anti-spam rules and enforcement.

For example, the Canadian anti-spam law establishes an opt-in requirement for consent to receive commercial electronic messages. The same is true in leading TPP countries such as Japan and Australia (and the European Union). Setting a higher bar for consent would have improved privacy and the effectiveness of anti-spam laws throughout the TPP member countries.

Similarly, Canada’s penalties for anti-spam violations were a direct result of Australian success with serious penalties for anti-spam violations. Despite the success, there are no prescribed penalties in the TPP, meaning that even cross-border anti-spam crackdowns within TPP countries may be undermined by inconsistent penalties and enforcement powers.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions, Day 14: No U.S. Assurances for Canada on Privacy)

The post The Trouble with the TPP, Day 15: Weak Anti-Spam Law Standards appeared first on Michael Geist.

The Trouble with the TPP, Day 14: No U.S. Assurances for Canada on Privacy

Michael Geist Law RSS Feed - Thu, 2016/01/21 - 11:23

The Trouble with the TPP series focus on privacy has thus far examined weak privacy laws, restrictions on data localization requirements, and a ban on data transfer restrictions. The data transfer restriction post cited one of my recent technology law columns in concluding that the net effect of a recent European privacy case and the TPP provisions is that Canada could end up caught in a global privacy battle in which Europe restricts data transfers with Canada due to surveillance activities and the TPP restricts Canada’s ability address European concerns.

Interestingly, at least one TPP country identified the potential risk of a clash between European privacy rules and the TPP. Australia obtained a side letter with the United States that largely addresses the concern. The letter states:

Should the Government of the United States of America undertake any relevant additional commitments to those in the TPP Agreement with respect to the treatment of personal information of foreign nationals in another free trade agreement, it shall extend any such commitments to Australia. The United States will also endeavor to apply extensions of privacy protections with respect to personal information of foreign nationals held by the United States Government to Australian citizens and permanent residents.

The letter contains two key undertakings: a U.S. promise to extend any privacy commitments in other trade agreements to Australia and a promise to work to extend privacy protections to Australian data held by the U.S. government. The side letter could prove important should the U.S. and European Union renegotiate the safe harbour agreement in order to address the concerns expressed in the Schrems case. While Australia would enjoy the benefits of additional protections, Canadian officials did not obtain a similar commitment, potentially leaving Canada caught in privacy perfect storm.

(prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements, Day 13: Ban on Data Transfer Restrictions)

The post The Trouble with the TPP, Day 14: No U.S. Assurances for Canada on Privacy appeared first on Michael Geist.

The Trouble with the TPP, Day 13: Ban on Data Transfer Restrictions

Michael Geist Law RSS Feed - Wed, 2016/01/20 - 10:10

The Trouble with the TPP yesterday examined the barriers to data localization requirements, an emerging policy choice for countries concerned with weak privacy protections once personal data is transferred outside the country. The TPP goes further in undermining potential privacy protections, however, as it also establishes a ban on data transfer restrictions (prior posts in the series include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards, Day 12: Restrictions on Data Localization Requirements).

Data transfer restrictions are a key element of the European approach to privacy, which restricts data transfers to those countries with laws that meet the “adequacy” standard for protection. That approach is becoming increasingly popular, particularly in light of the Snowden revelations about governmental surveillance practices. Several TPP countries, including Malaysia, Singapore and Chile, are moving toward data transfer restrictions as are countries such as Brazil and Hong Kong.

The TPP’s restriction on data transfer limitations is very similar to the data localization provision. Article 14.11 states:

Each Party shall allow the cross-border transfer of information by electronic means, including personal information, when this activity is for the conduct of the business of a covered person.

The rule is subject the same general exception found in the data localization provision that the historical record overwhelmingly suggests will not work. As noted yesterday, a Public Citizen study found that the exception is illusory since the the requirements are so complex (each aspect must be met) that countries relying on the exception have failed in 43 out of 44 cases.

The problem for Canada with the TPP’s data transfer restriction goes beyond just the loss of a potential legislative tool to address privacy concerns. As I discuss in my weekly technology law column (Toronto Star version, homepage version), Canada could find itself in caught in a privacy perfect storm due to a European privacy decision and the TPP.

The European case starts with Max Schrems, an Austrian law student, who became interested in privacy issues several years ago as a visitor at Santa Clara University in California. Concerned with the privacy implications of personal information collected by companies such as Facebook, he filed numerous complaints against the social media giant. While most were dismissed, one ended up before the European Court of Justice, which considered whether transferring data to the U.S. violated European privacy laws in light of the widespread use of government surveillance.

Last fall, the court shocked observers by siding with Schrems, effectively declaring the agreement that governs data transfers between the U.S. and European Union invalid. The decision sparked immediate concern among the thousands of companies that rely on the decade-old “safe harbour” agreement.

As noted above, European law sets strict restrictions on data transfers to countries without “adequate” privacy protections (as determined by European officials). The U.S. and European Union avoided an earlier data battle by compromising on the safe harbour approach in which the U.S. agreed to enforce privacy violations and the EU agreed to overlook the absence of a national privacy law.

Given the Schrems decision, the future of the data transfers between the U.S. and the European Union remains up in the air, but the case could have implications that extend to other countries, including Canada. Canadian privacy law received an adequacy designation in 2001, but there is mounting concern that the finding may be at placed at risk in light of the ease with which U.S. surveillance practices may capture data coming from Canada.

In fact, the risk to data transfers between the Canada and the European Union extend beyond the immediate reaction to the Schrems case. If the European Union requires data transfer restrictions as a condition for maintaining the Canadian adequacy ruling, the TPP means that Canada may be unable to comply. The net effect of the Schrems case and the TPP provisions is that Canada could end up caught in a global privacy battle in which Europe restricts data transfers with Canada due to surveillance activities and the TPP restricts Canada’s ability address European concerns.

The post The Trouble with the TPP, Day 13: Ban on Data Transfer Restrictions appeared first on Michael Geist.

Why Canada Could Get Caught in a Global Privacy Battle

Michael Geist Law RSS Feed - Wed, 2016/01/20 - 10:01

Appeared in the Toronto Star on January 18, 2015 as Why Canada Could Get Caught in a Global Privacy Battle

Amazon’s announcement last week that it plans to establish Canadian-based data centres to address mounting fears over the privacy and surveillance implications of information stored in the United States highlights how businesses and consumers have become increasingly concerned with where their data is transferred and stored. Yet two unconnected developments – a recent European privacy decision and the Trans Pacific Partnership – could create a Canadian privacy problem that even local data centres will not solve.

The European case starts with Max Schrems, an Austrian law student, who became interested in privacy issues several years ago as a visitor at Santa Clara University in California. Concerned with the privacy implications of personal information collected by companies such as Facebook, he filed numerous complaints against the social media giant. While most were dismissed, one ended up before the European Court of Justice, which considered whether transferring data to the U.S. violated European privacy laws in light of the widespread use of government surveillance.

Last fall, the court shocked observers by siding with Schrems, effectively declaring the agreement that governs data transfers between the U.S. and European Union invalid. The decision sparked immediate concern among the thousands of companies that rely on the decade-old “safe harbour” agreement.

European law sets strict restrictions on data transfers to countries without “adequate” privacy protections (as determined by European officials). The U.S. and European Union avoided an earlier data battle by compromising on the safe harbour approach in which the U.S. agreed to enforce privacy violations and the EU agreed to overlook the absence of a national privacy law.

Given the Schrems decision, the future of the data transfers between the U.S. and the European Union remains up in the air, but the case could have implications that extend to other countries, including Canada. Canadian privacy law received an adequacy designation in 2001, but there is mounting concern that the finding may be at placed at risk in light of the ease with which U.S. surveillance practices may capture data coming from Canada.

In fact, the risk to data transfers between the Canada and the European Union extend beyond the immediate reaction to the Schrems case. The TPP, the massive Pacific trade deal that the Canadian government is currently considering for signature and ratification, could further complicate the issue by restricting the ability of Canadian officials to react to global privacy developments.

The TPP features a ban on the ability of member countries to establish restrictions on data transfers. Financial services are exempt from the rule since the U.S. Treasury wanted to ensure it could implement such requirements for its banking institutions. There is also a “public policy” exception. However, that exception relies on rules that have proven notoriously difficult to apply. If the European Union requires data transfer restrictions as a condition for maintaining the Canadian adequacy ruling, the TPP means that Canada may be unable to comply.

Interestingly, other TPP countries appear to have anticipated this issue and obtained additional privacy assurances from the U.S. For example, a TPP side letter between the U.S. and Australia features a U.S. promise to extend any privacy commitments in other trade agreements to Australia. Moreover, the same side letter promises to work to extend privacy protections to Australian data held by the U.S. government.

The side letter could prove important should the U.S. and European Union renegotiate the safe harbour agreement in order to address the concerns expressed in the Schrems case. While Australia would enjoy the benefits of additional protections, Canadian officials did not obtain a similar commitment.

The net effect of the Schrems case and the TPP provisions is that Canada could end up caught in a global privacy battle in which Europe restricts data transfers with Canada due to surveillance activities, the TPP restricts Canada’s ability to address European concerns, and the absence of a U.S. commitment means that Canada can’t count on it to provide Canadians with upgraded privacy protections.

Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can be reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.

The post Why Canada Could Get Caught in a Global Privacy Battle appeared first on Michael Geist.

Who Will Secure the Internet of Things?

Freedom to Tinker - Tue, 2016/01/19 - 13:44
Over the past several months, CITP-affiliated Ph.D. student Sarthak Grover and fellow Roya Ensafi been investigating various security and privacy vulnerabilities of Internet of Things (IoT) devices in the home network, to get a better sense of the current state of smart devices that many consumers have begun to install in their homes. To explore this question, […]

The Trouble with the TPP, Day 12: Restrictions on Data Localization Requirements

Michael Geist Law RSS Feed - Tue, 2016/01/19 - 10:37

If all TPP countries implemented similarly strong privacy protections, there would be little need to consider alternative mechanisms to enhance public confidence in their privacy through additional legal safeguards. However, the Trouble with the TPP is that it actually weakens privacy protections by treating voluntary undertakings as equivalent to comprehensive privacy laws (prior posts include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law, Day 11: Weak Privacy Standards). The TPP goes further in harming privacy, however, by restricting the use of data localization requirements that might otherwise be used to provide privacy protection.

Data localization has emerged as an increasingly popular legal method for providing some additional assurances about the privacy protection for personal information. Although heavily criticized by those who fear that it harms the free flow of information, requirements that personal information be stored within the local jurisdiction is an unsurprising reaction to concerns about the lost privacy protections if the data is stored elsewhere. Data localization requirements are popping up around the world with European requirements in countries such as Germany, Russia, and Greece; Asian requirements in Taiwan, Vietnam, and Malaysia; Australian requirements for health records, and Latin America requirements in Brazil. Canada has not been immune to the rules either with both British Columbia and Nova Scotia creating localization requirements for government data.

In response to mounting public concern and government regulations, global companies are starting to offer local servers. Last week, Amazon announced plans to establish Canadian-based cloud computing services, and last year Microsoft pledged to do the same. In fact, Microsoft’s general counsel Brad Smith is on record that people should be able to choose where their data resides.

Despite the momentum toward data localization as a privacy protection measure, Article 14.13 of the TPP establishes a restriction on legal requirements to do so:

No Party shall require a covered person to use or locate computing facilities in that Party’s territory as a condition for conducting business in that territory.

This general provision is subject to at least three exceptions. First, government services are excluded, meaning that the Canadian provincial laws remain in place. Second, there is an exception for financial services, which has sparked protest from some members of the U.S. Congress. The exclusion is reportedly due to demands from the U.S. Treasury, which wanted to retain the right to establish restrictions on financial data flows.

The third exception is cited by supporters of the TPP as evidence that privacy protections are still a possibility. The exception states:

Nothing in this Article shall prevent a Party from adopting or maintaining measures inconsistent with paragraph 2 to achieve a legitimate public policy objective, provided that the measure:
(a) is not applied in a manner which would constitute a means of arbitrary or unjustifiable discrimination or a disguised restriction on trade; and
(b) does not impose restrictions on the use or location of computing facilities greater than are required to achieve the objective.

When combined with a 1999 WTO reference to privacy, the argument is that privacy could be viewed as a legitimate public policy objective and therefore qualify for an exception.

The problem is that the historical record overwhelmingly suggests that reliance on this exception will not work. As Public Citizen noted in a study on the general exception language:

the exceptions language being negotiated for the TPP is based on the same construct used in Article XX of the World Trade Organization’s (WTO) General Agreement on Tariffs and Trade (GATT) and Article XIV of the General Agreement on Trade in Services (GATS). This is alarming, as the GATT and GATS exceptions have only ever been successfully employed to actually defend a challenged measure in one of 44 attempts. That is, the exceptions being negotiated in the TPP would, in fact, not provide effective safeguards for domestic policies.

In other words, the exception is illusory since the requirements are so complex (each aspect must be met) that countries relying on the exception have failed in 43 out of 44 cases.  For countries concerned about the weakened privacy protections, the TPP restricts the use of data localization requirements as a remedy just as more and more countries are exploring such rules.

The post The Trouble with the TPP, Day 12: Restrictions on Data Localization Requirements appeared first on Michael Geist.

Access Copyright Demands Higher Royalties Due to Education Investment in Technology

Michael Geist Law RSS Feed - Tue, 2016/01/19 - 10:20

When the Supreme Court of Canada issued its SODRAC v. CBC decision last fall, critics warned that the decision may be anti-technology. The majority of the court ruling included a paragraph in which it suggested that users that invest in new technologies may be required to share some of the benefits with copyright holders:

Where the user of one technology derives greater value from the use of reproductions of copyright protected work than another user using reproductions of the copyright protected work in a different technology, technological neutrality will imply that the copyright holder should be entitled to a larger royalty from the user who obtains such greater value. Simply put, it would not be technologically neutral to treat these two technologies as if they were deriving the same value from the reproductions.

The danger with the decision should be immediately obvious as it creates disincentives to invest in new technologies. I argued in a post on the decision:

linking compensation to user investment does not seem relevant for an analysis of value of copyright works. Indeed, if technological neutrality is a foundation of Canadian copyright law (as everyone agrees), why would the amount of the investment in different technologies designed to achieve the same purposes lead to different amounts of copyright royalties? The user investment and the technology used is a red herring and should be viewed as irrelevant.

It didn’t take long for Access Copyright to use the Supreme Court decision to argue that it is entitled to increased royalties due to educational investment in course management systems and other new technologies for distributing works. The copyright collective told the Copyright Board last week that it plans to argue:

A post-secondary institution that, by reason of its investment in technology that affords it the ability to copy and distribute the content of a copyright-protected work to instructors and students in a more efficient and less costly manner obtains a benefit, the value of which must be appropriately shared with Access Copyright.

Technology neutrality should mean that it is irrelevant which technology is used to disseminate works. Indeed, good policy would create incentives to use more efficient and effective technological solutions. Yet the SODRAC case does the opposite. Depending on how the Copyright Board addresses the issue, technology neutrality could be back before the Supreme Court before too long.

The post Access Copyright Demands Higher Royalties Due to Education Investment in Technology appeared first on Michael Geist.

The Trouble with the TPP, Day 11: Weak Privacy Standards

Michael Geist Law RSS Feed - Mon, 2016/01/18 - 10:54

The Trouble with the TPP continues this week with a series of posts on the TPP and privacy (prior posts include Day 1: US Blocks Balancing Provisions, Day 2: Locking in Digital Locks, Day 3: Copyright Term Extension, Day 4: Copyright Notice and Takedown Rules, Day 5: Rights Holders “Shall” vs. Users “May”, Day 6: Price of Entry, Day 7: Patent Term Extensions, Day 8: Locking in Biologics Protection, Day 9: Limits on Medical Devices and Pharma Data Collection, Day 10: Criminalization of Trade Secret Law). The inclusion of privacy within the TPP has been touted by governments as one of the benefits of the agreement, but the privacy provisions are so weak as to move global privacy backwards, weakening emerging international standards and locking countries into rules that restrict their ability to establish additional privacy safeguards.

While some have questioned the concerns associated with privacy and the TPP by arguing that it is it a trade agreement, not a privacy treaty, the reality is that the commercial importance of big data has never been greater. Indeed, it is odd to see some emphasize the importance of increased, harmonized intellectual property protections but simultaneously express satisfaction with bare minimum privacy protections that provide companies with a patchwork of rules and consumers without standardized protections. Personal information is a critical part of e-commerce and the need for public confidence in privacy protections alongside corporate certainty about their rights and obligations with the personal information they collect should be beyond debate.

For most TPP countries, the starting point for privacy protection is a national privacy law modeled on the OECD privacy principles. In fact, the majority of the TPP, including Canada, Mexico, Peru, Australia, New Zealand, Malaysia, Japan, and Singapore, have national privacy laws (Chile is developing a privacy law). Moreover, many of these countries have privacy or data protection commissioners with some form of enforcement powers as well as additional rules on issues such as mandatory disclosure of security breaches (overview of Latin America rules, Asia rules). The key exception is the United States, which does not have an omnibus privacy law nor a privacy commissioner, relying instead on FTC enforcement of privacy policies.

Rather than setting the TPP privacy bar at having a national privacy law based on the OECD principles, the agreement weakens the shift toward a minimum standard of privacy protection.  Article 14.8 looks promising with respect to privacy protection:

each Party shall adopt or maintain a legal framework that provides for the protection of the personal information of the users of electronic commerce. In the development of its legal framework for the protection of personal information, each Party should take into account principles and guidelines of relevant international bodies

Unfortunately, the provision is subject to a footnote that effectively eviscerates the requirement for a privacy legal framework:

For greater certainty, a Party may comply with the obligation in this paragraph by adopting or maintaining measures such as a comprehensive privacy, personal information or personal data protection laws, sector-specific laws covering privacy, or laws that provide for the enforcement of voluntary undertakings by enterprises relating to privacy.

The footnote effectively means that the TPP’s privacy requirements can be met without the need for any privacy law at all. Enforcing voluntary undertakings isn’t a privacy law, it’s an anti-fraud approach that requires companies to be truthful about their privacy promises. If the law does not feature specific requirements for the consent, use, and disclosure of personal information, it isn’t a privacy law. The TPP weakens global privacy protections by failing to establish a minimum privacy law standard and then makes matters worse by limiting the ability for member countries to establish some additional safeguards. More on those limitations throughout the coming week.

The post The Trouble with the TPP, Day 11: Weak Privacy Standards appeared first on Michael Geist.

Syndicate content