Proceedings of the Standing Senate Committee on
Transport and Communications
Issue 2 - Evidence, May 5, 2009
OTTAWA, Tuesday May 5, 2009
The Standing Senate Committee on Transport and Communications met this day, at 9:30 a.m., to study Bill S-220, An Act respecting commercial electronic messages.
Senator Lise Bacon (Chair) presiding.
[Translation]
The Chair: On our agenda, we have a study of Bill S-220, an Act respecting commercial electronic messages.
[English]
Our witnesses before the committee this morning from Industry Canada are Helen McDonald, Assistant Deputy Minister, Spectrum, Information Technologies and Telecommunications; Richard Simpson, Director General, Electronic Commerce Branch, Spectrum, Information Technologies and Telecommunications; and André Leduc Senior Security Policy Analyst, Electronic Commerce Branch, Spectrum, Information Technologies and Telecommunications Sector.
Welcome to our committee. We are looking forward to hearing from you this morning to learn more about Bill C-27 in comparison to Bill S-220.
The floor is yours, Ms. McDonald.
Helen McDonald, Assistant Deputy Minister, Spectrum, Information Technologies and Telecommunications, Industry Canada: Honourable Senators, I am pleased to be here today to discuss Bill C-27 and how it compares to Bill S-220. Spam, unsolicited electronic messages, now represents 87 per cent of email traffic around the world, imposing huge costs on businesses and consumers.
[Translation]
Spam is more than a mere nuisance. These messages support a wide array of parasites on the Internet which disturb electronic commerce and undermine the confidence of consumers and companies in the digital economy. They represent heavy costs for network operators and users, threaten the reliability and security of networks and put privacy at risk.
[English]
Several of Canada's key global partners such as the U.S., the U.K., Japan, Australia and members of European Union have passed strong domestic laws to combat spam and related threats. These laws have placed pressure on Canada to establish at least an equivalent level of legal protection. The government-sponsored Bill C-27 was tabled in the House of Commons on April 24. The proposed electronic commerce protection act, ECPA will reduce damaging and deceptive email and website practices, and will establish new fines for those who break the law.
The ECPA is new stand-alone legislation that makes related amendments to the Competition Act, the Personal Information Protection and Electronic Documents Act, the Canadian Radio-television and Telecommunications Commission Act and the Telecommunications Act. Funding has been identified and will enable dedicated enforcement and supporting mechanisms. ECPA is based on general federal trade and commerce power. It is designed to take a technologically neutral approach for the deregulation of threats to online commerce. ECPA provides for third-party liability, a private right of action, administrative monetary penalties, international cooperation, a national coordinating body and spam reporting centre.
ECPA is based on Senator Goldstein's Bill S-202, Bill S-235 and now Bill-220. It is also based on recommendations of the Task Force on Spam and input from international counterparts. Combining the strengths of each, Bill C-27 is comprehensive yet broad in its approach; swift in its application; strong yet fair in terms of penalties; and multi-faceted in terms of an enforcement approach. It will thus ensure a safer and more secure online environment for the conduct of e-commerce.
[Translation]
Spam and online risks are a real concern for all Internet users. The most harmful and deceptive of these risks lead to identity theft and fraud.
[English]
To address threats to electronic commerce, Bill S-220 and ECPA both prohibit unsolicited commercial electronic messages, false and misleading representations online, including counterfeit websites, and the use of computer systems to collect addresses without consent. To address new threats, ECPA will also prohibit the following: altering of transmission data or the unauthorized access to network protocols when persons hack into the network to send visitors to websites they did not intend on going to; installation of computer programs without authorization, for example, to protect against the installation of unwanted malicious computer programs, which include viruses, worms and Trojan horses; and unauthorized access to computer systems to collect personal information without consent.
[Translation]
The Canadian Radio-television and Telecommunications Commission, the Competition Bureau and the Office of the Privacy Commissioner will administer the Electronic Commerce Protection Act. These three agencies already have a mandate, the expertise and administrative powers, which will be complemented in order to insure successful implementation of this legislation.
[English]
The CRTC will be given new powers to pursue violators who send spam and access computers and networks without authorization. The Competition Bureau will use existing and new powers under Bill C-10 to pursue violators of provisions relating to deceptive representations in online commerce. The Office of the Privacy Commissioner will use existing powers under the Personal Information Protection and Electronic Documents Act, PIPEDA, to enforce new violations regarding electronic compiling or supplying of lists of personal electronic addresses.
[Translation]
This table shows how the targeted conducts will be addressed by the Electronic Commerce Protection Act.
[English]
Spam, malware and other network-based conduct will be addressed by the CRTC. Counterfeit websites and making false and misleading representations online such as selling a magic hair tonic or penile enlargement pills will be addressed by the Competition Bureau. Address harvesting, dictionary attacks and unauthorized compiling of personal information without consent will be covered by the Privacy Commissioner of Canada.
Administrative monetary penalties, AMPs, will be imposed by the CRTC. Amendments to the Competition Act under Bill C-10 will also allow the imposition of AMPs and other penalties by the Competition Bureau.
[Translation]
Under the Electronic Commerce Protection Act, the CRTC and Competition Bureau will be able to impose to offenders administrative monetary sanctions of up to $1 million for individuals and $10 million for other offenders.
[English]
These penalties are designed to discourage non-compliance with ECPA. The factors to be considered when assessing penalties include the nature and scope of the violation, the person's history with respect to any previous violation — whether they are a repeat offender — financial benefit from the commission of the violation, their financial ability to pay and any other relevant factor including those to be defined in regulations.
These factors and the due diligence defence provisions of Bill C-27 are examples of instruments designed to encourage compliance. Honest and legitimate businesses that make a mistake and violate ECPA can enter into a compliance agreement with the enforcement agencies.
Bill S-220 proposes tying a private right of action to a criminal statute and to indictable offences. We believe this type of private right of action falls outside the rules of law as private rights of action need to be tied to administrative penalties. ECPA will provide for a viable private right of action under an administrative regime and will allow businesses, network providers and consumers to take civil action against anyone who violates the act.
The private right of action under ECPA is well integrated in a regulatory regime based on general trade and commerce power. Experience from other countries, such as the U.S., demonstrates that this right can be an effective tool in combating threats to online commerce, and complements regulatory enforcement measures.
[Translation]
Bill S-220 provides a waiver of liability for Internet service providers. They will be able to withdraw their services to spammers who use their facilities. This waiver was part of the recommendations of the Task Force on Spam.
[English]
Since the recommendations of the task force in 2005, most Internet service providers have added a waiver that provides for this in their user agreement contracts. As a result, the ECPA does not propose a similar waiver of liability. A national coordinating body within Industry Canada will promote the inclusion of this type of waiver for all Internet service provider user agreements. The CRTC will be able to seek court-issued injunctions under ECPA effectively to order cease-and-desist orders. The Competition Bureau and the Privacy Commissioner already have injunction powers that they can use.
ECPA will provide a sound basis for international cooperation to pursue spammers based in other countries. The proposed act will set up an administrative regime, as most other countries have. International counterparts will support ECPA as a regulatory framework aligned to international norms and investigatory regimes. Under EPCA, the CRTC, the Competition Bureau and the Office of the Privacy Commissioner will share information to coordinate investigations among themselves and their international counterparts. With an expanded Canadian link under ECPA, any spam coming to, routed through, or sent from Canada will fall under ECPA. If the violators are overseas, we can share evidence with corresponding agencies abroad to help them to prosecute. Similarly, we can receive information from our partners so that we can pursue Canadian-based spammers who target only overseas markets.
As part of the EPCA regime, Industry Canada will host a national coordinating body that will organize and formulate policy related to spam and international threats to the electronic marketplace.
[Translation]
The national coordinating agency will analyze statistics, patterns and evolution of spam and related threats on the Internet in Canada and it will be responsible for the supervision of policies. In order to inform the public and raise their awareness, the agency will also coordinate information programs. It will support the agencies responsible for the implementation of this legislation.
[English]
The national coordinating body under the proposed EPCA will ensure that a vigorous public education campaign is undertaken. The Australians have found this activity to be critical to the effective implementation of their law. Through the London Action Plan, the Organisation for Economic Co-operation and Development and the Messaging Anti-Abuse Working Group, which are international fora dedicated to the fight against spam, the national coordinating body will promote international spam policy cooperation and enforcement partnerships, and will address new and evolving threats to electronic commerce.
As well, the ECPA regime would allow for the establishment of a spam reporting centre, where Canadian businesses, ISPs and consumers can report incidents of spam and network threats. The centre will scan proactively the Internet to compile and gather intelligence on other threats to online commerce as a support to enforcement. This activity will allow for quick identification of fraudulent emails, such as phishing and scam emails sent to Canadian users, to be analyzed and referred to the relevant authorities. The centre can identify compromised computers affected with a virus and being used remotely by spammers without the computer owner's knowledge or consent. The government will ensure that the intelligence gathered under the spam reporting centre can be used by all law enforcement and network protection agencies, including Public Safety Canada.
As the committee can see from the comparison table in the next few slides, Bill S-220 and ECPA are similar in many ways. However, there are marked differences between the two legislative proposals.
[Translation]
The consent principles in the Electronic Commerce Protection Act will allow legitimate companies to send emails for valid reasons with implied consent.
[English]
Like Bill S-220, consumers can opt out or unsubscribe from email from pre-existing business relationships. Bill S- 220 uses both indictable offences and fines whereas ECPA uses only monetary penalties. Both bills suggest a follow- the-money scheme for enforcement to avoid holding liable innocent people who have been infected with malicious code. Bill S-220 has no clear enforcement structure, whereas Bill C-27 provides for clear enforcement responsibilities.
If spam were criminalized under Bill S-220, the enforcement likely will be the responsibility of federal, provincial and municipal law enforcement communities in Canada. Prosecution will be the responsibility of the respective federal and provincial attorneys general.
[Translation]
The Royal Canadian Mounted Police thinks the implementation of Bill S-220 will exceed by far the structural capacity of any police organization in Canada, and will thus involve new financing requirements for the federal government.
[English]
EPCA will provide a comprehensive legislative response to spam and related threats. It will establish a clear, regulatory enforcement regime consistent with international best practices; as well as a multi-faceted approach to enforcement that will protect consumers and empower the private sector to take action against spammers. By using this regulatory approach, ECPA will allow for swift imposition of penalties against violators. It will provide for aggressive international cooperation in the pursuit of spammers beyond Canadian borders. Rather than reprimand with jail time, EPCA will allow stiff monetary penalties for egregious violators while encouraging compliance by allowing legitimate businesses who mistakenly violate the provisions of EPCA to enter into compliance agreements.
The government is prepared to support Bill C-27 via the national coordinating body and spam-reporting centre. If passed, ECPA will be the most comprehensive legislation of its kind globally. Senator Goldstein and Senator Oliver should be commended for their efforts to address the spam problem.
The Chair: Thank you, Ms. McDonald. You discussed the differences between Bill S-220 and Bill C-27. What are the main disparities?
Ms. McDonald: One difference is the detail provided around enforcement because Bill C-27 takes an administrative approach. As well, since the spam task force in 2005, there has been renewed thinking on an enhanced reach to capture some of the new threats, such as botnets whereby computers are turned into slaves of an all-controlling computer and used to send spam. Bill C-27 has a somewhat broader scope and includes a detailed enforcement regime that we believe will be effective.
The Chair: Bill S-220 deals with the content of email. Should the responsibility belong to industry or the government, through Canada advertising standards, for example, to develop guidelines or regulations as to the inclusions for commercial email?
Ms. McDonald: We try to suggest a bit of both by allowing for a private right of action. Bill C-27 is consistent with what the Canadian Marketing Association promotes as its code of best practice, which is an opt-in approach. We are consistent with that approach in encouraging businesses to establish a relationship with a customer by not sending out spam or unsolicited email because there are other ways of establishing this relationship.
The Chair: With Bill S-220, Internet service providers are responsible for disconnecting users. Are you comfortable with such a measure?
Ms. McDonald: Yes; since the task force, there have been many changes in how ISPs set up contracts with subscribers, and they will have the ability to disconnect users. They need to be able to protect their networks and, therefore, build it into the contract. We will continue to promote that approach.
The Chair: You do not want a government agency to have the power to disconnect people.
Ms. McDonald: No; we do not believe that a waiver is necessary for the ISPs to take that kind of action. Cease-and- desist orders are built into ECPA that will allow the CRTC to make such an order.
Senator Johnson: It is excellent that this bill has been brought forward. You said that the proposed legislation will be the best in the world.
Ms. McDonald: Yes; we have had the benefit of looking at how well it has worked in other countries, through discussions with colleagues there.
Senator Johnson: The bill will be most similar to legislation in which countries? Are most countries adopting similar legislation?
Richard Simpson, Director General, Electronic Commerce Branch, Spectrum, Information Technologies and Telecommunications, Industry Canada: The legislation is similar to the Australian regime, which has been in place for three or four years. Australia undertook an extensive audit of their legislation and found it to be effective. By and large, it resembles our approach in Bill C-27.
Many other countries have anti-spam laws that vary in effectiveness. The United States law is another approach. It has some merit in instituting a private right of action, which has been the most effective part of that law, so we have borrowed the private right of action from the U.S. law.
Senator Johnson: Private right of action; I see.
Mr. Simpson: The Australian law has the general regulatory framework that is similar to ours, so we have borrowed the best from several jurisdictions.
Senator Johnson: Do you see a universal approach happening in this area of communications or with spam? It is such an insidious problem, or it has been. Do you think we will be successful with this approach?
Mr. Simpson: Do you mean something like an international approach?
Senator Johnson: Yes.
Mr. Simpson: Yes; in fact, a lot of work has been going on internationally, led by the Organisation for Economic Co-operation and Development, which borrowed a lot of the work of the Canadian Task Force on Spam to put together recommendations for member countries to work on domestic laws and also international arrangements that will help in addressing the problem across jurisdictions.
Spam is a global problem. Most spam coming to Canadians comes from outside Canada, simply because of the nature of the Internet and the borderless character of the messaging on the Internet. International arrangements have been put in place such as the London Action Plan, which is a group of about 27 countries, including Canada, that have agreed to work together on responses to the spam problem. Various private sector organizations, such as the Messaging Anti-Abuse Working Group, are set up to allow ISPs, network operators and software suppliers to work on solutions to the spam problem in cooperation with government.
It is a global problem that has generated an international response, and Bill C-27 will allow us to work effectively with other jurisdictions.
Senator Johnson: One last thing: You say enforcement is one of the critical differences between Bill C-27 and Bill S- 220. Is that difference because it would be less costly, as Senator Goldstein has argued, and more efficient?
Ms. McDonald: We are using an administrative law rather than criminal, and we believe this approach will provide a rapidity of action that might not be possible under a criminal pursuit. Also, as Mr. Simpson said, dealing internationally, most other countries have set up administrative law regimes and, therefore, who will the Canadian police deal with? How will they set up those arrangements? It is easier for a Competition Bureau to set up an arrangement with its complementary agency in another country, so we think that approach will also be more effective.
The Chair: If members do not want to ask questions, I will give the floor to Senator Goldstein. The floor is yours Senator Goldstein.
Senator Goldstein: I will ask only a couple of questions. I do not think it is appropriate to have a debate about the relative merits of the bills.
Thank you very much for coming and for an excellent presentation. It is obviously helpful to everyone.
You made a statement and I am not sure I understood it correctly. You indicated the private right of action needs to be tied to an administrative regime. I cannot understand why that is the case.
Ms. McDonald: I am not a lawyer, but my understanding is, if we have declared something to be a crime, then we do not often couple that declaration with a private right of action. We are trying to couple the actions by the regulatory agencies with a private right of action to allow, as the U.S. has found, both of these approaches to take place.
Senator Goldstein: I do not want to be technical — this is not the appropriate place — but private right of action is a civil right of action; it is meant to compensate someone who has suffered damages as a result of a breach of the law. Administrative action is an enforcement action. It is something quite different, and there are private rights of action that exist throughout Canadian and provincial legislation that are not tied to administrative regimes. I was wondering if there was something special in your thinking that required you to say that but apparently not.
My second question deals with the fact that more than 95 per cent of spam comes from abroad. Bill S-220 deals with that situation in a number of ways, including making the commercial beneficiary of the spam jointly and severally liable with the sender of the spam for the penalties that are envisaged in the act. It also creates a presumption that if a piece of spam is received in Canada, it is deemed to have been sent in Canada, as a result of which the sender becomes liable to the jurisdiction of our courts. Your bill does not do that. Can you help me understand how your bill will deal with foreign senders of spam, aside from international cooperation?
Ms. McDonald: Thank you, sir. The beneficiary will also be liable under Bill C-27. It is not only the sender of; it is the person or organization benefitting from the email having been sent.
Senator Goldstein: ``Authorized'' is what you said, I think.
Ms. McDonald: Yes.
Senator Goldstein: It is different from ``benefit.''
Ms. McDonald: Help me if I am being too narrow in my words here.
André Leduc, Senior Security Policy Analyst, Electronic Commerce Branch, Spectrum, Information Technologies and Telecommunications Sector, Industry Canada: We have a similar extended liability clause under Bill C-27. It is a similar follow-the-money scheme to Bill S-220. It allows this administrative regime to address spam that is sent to Canada, routed through Canada or sent from Canada to fall under the application of the act. If spammers send spam from other nations into Canada, the act then picks it up.
Senator Goldstein: I guess my question was not clear. The concern Canadians need to address is how one stops spam from coming in the first place. People sending spam are, generally speaking, all over the globe and not reachable from a practical perspective. The people who are reachable from a practical perspective are the people who are benefiting from the spam. The fellow who wants to sell me Viagra will not become too rich on that scheme because I do not need it, fortunately, but these people, the beneficiaries, are the ones we need to stop. How does your bill do that?
Mr. Leduc: It does it in two ways: in terms of how the email is sent, but the follow-the-money scheme also notes any person who permits, authorizes or causes those messages to be sent will fall under the application of the act. That provision is our section 9. It is based on a follow-the-money principle, and that principle is so innocent people who had their computers compromised by what is called a botnet, and their computers are controlled by someone else are not liable for the email. However, and this provision is based again on international best practices — the follow-the-money regime says anyone benefiting financially from the sending of this email is addressed under our bill.
Senator Goldstein: I am not sure the bill says that but we will look closely.
My third question deals with enforcement. One of your last assertions, Ms. McDonald, was that the RCMP said apparently that it does not have the wherewithal or the current resources for enforcement. My communications with the Royal Canadian Mounted Police indicated that they do have that availability. Have you spoken to someone there?
Ms. McDonald: Yes.
Senator Goldstein: And they have told you they cannot do it?
Ms. McDonald: Yes.
Senator Goldstein: Can you tell me the name of the person? You do not have to do it now. You can drop me a note.
Finally, how will you deal with your implied consent as opposed to overt consent? What does implied or tacit consent mean from your perspective?
Ms. McDonald: We are trying to be consistent with the Privacy Act, the PIPEDA legislation, which talks about implied consent.
If I have been to a local craft fair, I have seen a product I like, picked up a card and maybe started a relationship, or if I have used someone in the past to do some work for me, they can send me email, and that would be an implied consent because I have had a business relationship with them. They do not have to ask again whether they can send me email if we have just had a business relationship.
Senator Goldstein: Business relationship is covered, both in your version and in Bill S-220, so going to a craft fair and taking a card or giving a card is not implied consent; it is expressed consent.
I am concerned about the use of the word ``implied'' or ``tacit,'' which is the term you used. I am concerned about where the line is drawn. I used to practice law in another life, and I am about to go back to the practice of law in another life. Every time a case has involved implied consent or tacit consent, it has been a disaster. The law has been unable to define ``tacit consent,'' which is the term you used, or ``implied consent,'' which is the term you used orally.
Are there any criteria that you have in mind or are there any regulations you might consider putting into place to make ``implied consent'' clear, rather than making it a source of ongoing litigation?
Ms. McDonald: Perhaps my example was not good. At the craft fair, if I had picked up a card or left my name, it is not necessarily a business relationship at that point. I may not have purchased any products or services. We are trying to allow some kind of space, and I think ``implicit consent'' would be the term used, rather than ``tacit,'' which I believe was the translation.
Mr. Simpson: To pick up the point that the senator raised about the need to be specific about ``implied'' consent, which I think is the term used in Bill C-27, this principle is often used in privacy protection and it has a long history of interpretation by the courts, as well as by privacy commissioners at various levels.
To pick up your point about whether there is a plan to be more specific about what we mean, in clause 63(1)(d) of Bill C-27, there is a provision for the Governor-in-Council to make regulations ``specifying the circumstances . . . in which consent may be implied.''
Certain elements are definitely in that category, which is the existing business relationship, but we realize that there may be a need to be more specific about where some of those circumstances are valid. Also, as Helen McDonald mentioned, there is the reference back to the Personal Information Protection and Electronic Documents Act and schedule 1 of that act, which has a fairly lengthy reference as to how consent is used in the area of personal information. That reference is drawn from the Canadian Standards Association model code that was developed by industry and privacy advocates over a long period of time and invested in the legislation.
We have some basis on which to be more specific about implied consent, and we will build from there.
Senator Goldstein: How long do you think it will take you to draft the regulations for the purposes of putting the bill into force? I ask the question because we passed a bill in the Senate on bankruptcy two and a half years ago and we still do not have the regulations in force, and that is industry as well. I am wondering how long it will take.
Mr. Simpson: The process will take some time, because we want to work with the Office of the Privacy Commissioner to ensure that whatever we try to capture in proposed regulations is consistent with long-standing practice that the Privacy Commissioner and her predecessors have applied, as well as provincial privacy commissioners, for that matter. I cannot state a date, but it will take some time.
Senator Goldstein: Thank you very much.
Chair, for clarity purposes, I will prepare and submit a comparative table so that the committee can have the advantage of looking at comparisons made both by industry and by the sponsor of the bill.
Senator Mercer: Thank you for coming here. We appreciate your time. I have two quick questions. My colleagues will be disappointed if I do not ask a CRTC question.
I am concerned that we continue to make concessions to the CRTC, and the CRTC continues to expand its mandate beyond what Parliament might have meant or what a department might have meant in drafting the bill.
Will Industry Canada monitor the actions of the CRTC, if this bill were to pass, to ensure the mandate is not exceeded? A favourite action of the CRTC is to get their toe in the door and then drive themselves right through the door a number of years later.
Ms. McDonald: Part of what we proposed with the monitoring centre is to ensure that the various agencies working together deliver effectively and efficiently on the bill, so we will look at their use of the powers and how effective and efficient they have been.
Senator Mercer: Will the centre ensure that they do not exceed what Parliament designed, or what was intended by the minister?
Ms. McDonald: Yes.
Mr. Leduc: This act provides the CRTC with new powers, but they are limited to the application of the law; whereas with the Broadcasting Act and the Telecommunications Act, the commission interprets the law and develops new rulings and policy. In this area, they will not develop policy. That role will continue to be the responsibility of Industry Canada and the government.
Senator Mercer: I want to send the CRTC a copy of that statement so they understand that they are not policy- makers.
You have mentioned that the CRTC will use administrative monetary penalties to ensure compliance with the bill. Who will define those monetary penalties? What are the limits? Are those penalties defined in the bill?
Ms. McDonald: Yes; the upper end is bound in the law, up to $1 million for an individual and up to $10 million for an organization.
Senator Mercer: That provision is great.
My last question is about exemptions from the act. I will not bore you with my story that I told at the last meeting about President Obama's campaign, but political parties act in certain ways and charities interact with Canadians. Will political parties and charities be exempt from the bill, and will that be explicit so that the charities and political parties know what the rules are?
Ms. McDonald: Yes; political parties, candidates for election and registered charities are exempt in the law.
Senator Dawson: There seems to be a certain misunderstanding between the sponsor of the bill and Mr. Leduc concerning the RCMP and its opinion of what can or cannot be done. We need that information either in writing or by having someone come here and testify about applying the senator's bill versus the government's bill.
The reason we have a bill is because there was pressure from this sponsor and from a previous sponsor of this bill. We hope that as a committee we will maintain this pressure, because the regulations will take some time. I was on the committee many years ago when we passed the bankruptcy bill. When the pressure is relieved, the regulations do not seem to come out of the system. It is more a comment than a question. However, I want someone to address the issue of the RCMP's application of both laws.
Senator Goldstein: I am not pleading for one bill or the other. I think this committee is well able to choose what is best for Canadians and the committee will make that choice. You want that and I want that. We are on exactly the same wavelength.
Do you have any concerns about the fact that this bill either establishes or adds jurisdiction to four different sets of civil servants? These sets include a brand new commission; the CRTC, in whose mandate some of us have difficulties already; the Competition Bureau, which I understand to be swamped, especially with the new changes in Bill C-10; and the Privacy Commissioner, who testified a year and a half ago when we dealt with money-laundering amendments — Senator Dawson was there — that she had absolutely no facilities to deal with any additional burden Parliament would place on her. Now you tell us that the RCMP cannot do it either.
In the face of that problem, it seems that no one, for the moment, may have the ability or the personnel to deal with this fundamental issue for Canadians. Can we have your comments on that point?
Ms. McDonald: I presume that when the agencies were spoken to they would have talked about existing resources and whether they felt challenged in adding something new to their work. We believe, and the Spam Task Force also said, that we should build on the existing expertise of organizations. Therefore, we have those three organizations for enforcement plus Industry Canada. The purpose of the monitoring centre is to ensure that all three parts hang together well. We believe the competencies are there, but it is a question of appropriate resources to ensure the organizations have the ability to exercise these new responsibilities.
Senator Goldstein: Will that take more money?
Ms. McDonald: Yes.
Senator Goldstein: The RCMP will be in the same position. If they do not have the resources now, one will give them more money to provide enforcement in the current environment. Regardless of who provides the enforcement, more money is needed. Is that what you are telling us?
Ms. McDonald: Yes.
The Chair: Thank you for your presence here this morning and the documents you have given us. They will help us to define some of the possibilities that we have before us.
Ms. McDonald: Thank you for the opportunity and to Senator Goldstein.
The Chair: We will go to item 2 on the agenda, in-camera consideration of a draft agenda for future business.
(The committee continued in camera.)