TORONTO – CRTC chairman Jean-Pierre Blais used a speech in Toronto to serve notice to rogue telemarketers, spammers, phishers, spoofers and identitiy thieves that the Commission stands ready, willing and able to pursue and punish those who would use technology to attack or even aggravate Canadians.
In a speech some expected would be about the TV policy review or domestic wireless roaming rates or third party broadband access, Blais instead addressed how the Regulator will help Canadians live more freely, securely and peacefully in a digital world. “Technology is now an integral and ubiquitous part of our daily lives. This reality brings with it new responsibilities for the federal regulator. Just as the world of communications is changing, so must we,” he told the Economic Club of Toronto at a breakfast speech Thursday morning.
“People tend to think of the CRTC in terms of broadcasting and telecommunications—ensuring Canadians have access to a world-class communication system… But there is another, equally important part of our work that extends beyond addressing the needs of content creators and consumers,” Blais continued. “That’s our responsibility to protect the public interest for all citizens—to harness technology’s potential to do good and to minimize its power to do harm.
“It’s our job to make sure citizens can enjoy peace and quiet in their homes and a more secure online world. This means making sure the telephone calls they receive are from legitimate telemarketers who follow the rules. And that they can open their email without having their identity or intellectual property stolen. We also ensure citizens can connect to a 9-1-1 call centre in an emergency and receive assistance or timely warnings, such as when severe weather is expected.”
Blais went on to outline how some of the laws in Canada have changed and expanded the CRTC’s scope of responsibility, such as the new anti-spam legislation coming into force July 1st, the National Do Not Call list made permanent yesterday and the recently passed Fair Elections Act, which tasks the Commission with establishing and maintaining a voter contact registry.
“Gone are the days when our jobs centred on issuing broadcasting licences, setting policy frameworks and reviewing ownership changes.” – Jean-Pierre Blais, CRTC
“Gone are the days when our jobs centred on issuing broadcasting licences, setting policy frameworks and reviewing ownership changes,” he noted.
“The CRTC has a range of tools as its disposal to ensure compliance with the Unsolicited Telecommunications Rules, the voter contact registry and Canada’s anti-spam legislation. These include investigative powers, preservation demands and warrants, information sharing with partners to assist investigations and administrative monetary penalties.
“Anyone questioning why the Commission would need such powers needs only consider that there are now apps to disclose the private telephone numbers of women’s shelters to known abusers of their residents.”
Without action from government, enforced by agencies like the CRTC, Blais explained, the safety, security and health of citizens can be threatened, given the digital dangers which now exist, often backed by organized crime. Since those tentacles can reach internationally, the CRTC has also been co-ordinating its efforts with other agencies such as the U.K.’s Ofcom, the American Federal Trade Commission, the Authority for Consumers and Markets in the Netherlands, and the Australian Communications and Media Authority.
Together, these agencies are using technology to track the digital bandits. “We are creating voice telephony honeypots to lure rogue telemarketers so we can catch them in their deceitful webs,” he said. “These so-called honeypots involve a series of numbers, along with call routings, that are being given to regulators in various countries by telecommunications companies. We would use them to monitor all incoming calls in our respective jurisdictions and better target our enforcement efforts. We hope to have more news on this front later this summer.
“We are working in partnership with the private sector on a system that would let Canadians press a number on their phones after receiving a spoofed call to forward the information to the CRTC for follow-up. Something along the lines of the star-09 or star-69 services you may be familiar with. We are determined to beat the bad guys at their own game by developing a technology solution to a technology problem.”
When it comes to spam and malicious spyware and other hacker threats, the estimated annual cost to the Canadian economy in either lost money or lost confidence in the system is said to be $3.2 billion. Cybercrime costs the global economy more than $400 billion, according to the Washington-based Center for Strategic & International Studies, explained Blais.
Perhaps those fears lead to diminished appetite for e-commerce among Canadians. “Canada is ranked as second in Internet penetration among its G7 counterparts. But Canadians spend less online than citizens in other countries. The value of e-commerce in Canada was $22.3 billion in 2013,” the chairman explained. “That may sound impressive, but a 2012 study shows that e-commerce accounted for only 3.4% of total spending in this country. Compare that to 7.1% in the U.S and 23% in the United Kingdom that same year.”
So, watch for action and direct consequences to those caught misbehaving online. “The CRTC has a team of highly-qualified people ready to start enforcing Canada’s anti-spam legislation. We have former RCMP officers, major criminal investigators and sophisticated computer forensics experts who will be leading these efforts. Enforcement is now in the CRTC’s DNA,” he added.
“Our electronic commerce enforcement specialists will be able to search and index tens of millions of messages and reverse engineer malware to trace the source of these scams and follow their online links.” – Blais
“Beyond additional personnel, we have state-of-the-art facilities in our new cyber-forensics lab—an in-house centre designed and built by the country’s foremost technology leaders. The lab will enable us to search, seize and copy digital evidence that proves violations of the new law to better protect the public. Our electronic commerce enforcement specialists will be able to search and index tens of millions of messages and reverse engineer malware to trace the source of these scams and follow their online links,” he continued.
“We have some serious financial clout too. The CRTC will be able to issue penalties of up to $1 million for an individual and up to $10 million for a company per violation.”
He cautioned, however, that the CRTC will not be targeting every person or company which sends unwanted e-mails, but will be going instead after the serious lawbreakers with malicious intent. “We are not going to go after every indie rock band that’s trying to sell a new release to its fans. We have much bigger fish to fry,” he explained. “Our principal targets are abusive spammers and interlopers involved in botnets and, come January, malware and malicious URLs.”
The Commission is also part of the new Fair Elections Act, noted Blais. The CRTC was given the authority to establish and maintain registration information for voter contact services (a reaction to the robo-call scandal). “We will be ready to implement the voter contact registry in time for the 2015 federal election. We will be conducting outreach activities to ensure candidates and voter contact services are aware of their new responsibilities and to provide information to the public,” said Blais.
Finally, the country’s 9-1-1 emergency response system is in dire need of an upgrade, which is far from a simple thing since it involves all levels of government, call centres and various emergency responders. “Some have suggested that greater co-ordination between the different partners could be achieved through a national forum. We would be prepared to participate in such a forum and share our expertise in the areas under our jurisdiction,” he said.
“One of the most difficult parts of my job is receiving copies of coroner’s reports that describe someone losing their life because emergency responders were unable to locate the person quickly enough. These cases illustrate how Canada’s communication system – our communication system – can, and must, do better.”
