Canada: Doing Business In Canada 2019 - Information And Communications Technology

Last Updated: July 8 2019
Article by Fasken Martineau

Companies wishing to conduct business in the Canadian information and communications technology sector will face a myriad of considerations. Although these are similar to those found in the United States, there are certain key distinctions north of the border that parties should be aware of.

Internet and E-commerce

In order to manage the dynamic commercial nature of the Internet, federal and provincial governments have responded by:

  • Implementing e-commerce legislation to facilitate the flow of online transactions and ensure that adequate safeguards are in place to protect parties from fraudulent activity
  • Introducing legislation regulating the sending of emails, text messages, and other forms of electronic messaging and the use of certain applications for marketing purposes
  • Introducing legislation regulating the installation of computer programs and the "pushing" of software updates on a person's computer
  • Enacting electronic evidence legislation to ensure that electronic records can be tendered as evidence in legal proceedings
  • Updating consumer protection legislation in order to reflect the new realities of e-commerce
  • Regulating the use of web addresses ending in ".ca" (Canada's top-level domain name)

E-commerce Legislation

The central component of e-commerce legislation across Canada is the issue of functional equivalency. Essentially, this means that e-commerce legislation is intended to achieve two objectives: first, to ensure that contracts formed online should be treated in largely the same manner as contracts formed in the traditional tangible format, provided certain criteria are met (some contracts, such as wills or contracts involving the sale of real estate, cannot be formed online); and second, to ensure that electronic documents will meet any statutory requirements for a document to be provided in writing.

Anti-Spam Legislation

On July 1, 2014, key portions of Canada's anti-spam law (its formal title is "An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act," but it is informally and better known as CASL) came into force.

CASL addresses the problem of unsolicited electronic communications (i.e., spam) by focusing on commercial electronic messages (CEMs). Additionally (and far less often discussed than the law's anti-spam rules), CASL introduces rules to address the problem of unsolicited installed software programs (UIPs) such as cookies, etc. CASL creates a set of rules to follow to obtain appropriate consent to send out CEMs and install software programs. It also sets out specific procedural and content requirements for consent as well as provisions and exceptions to certain requirements. CASL does not distinguish between messages sent for legitimate versus malicious purposes, nor between messages sent to an individual and those sent in bulk. All CEMs require the appropriate consent of the recipient. Moreover, CASL sets out a framework that is significantly broader in coverage than its US or European counterparts.

CASL came into force over a period of three years, with an intended staged rollout as follows: (a) the anti-spam provisions came into force on July 1, 2014, and (b) the provisions regarding UIPs came into force on January 15, 2015. However, the provisions providing for a private right of action that were to come into force on July 1, 2017, have been suspended indefinitely (but are still under consideration by the Canadian government).

The CASL legislation has a significant impact on the business of all individuals using electronic messages to promote their activities or enter into contact with past or prospective clients.

The following are examples of some of the complexities that businesses need to address in seeking to comply with CASL:

  • Application outside of Canada: In order for the CASL anti-spam requirements to apply, a computer system located in Canada needs to have been used to send or access the electronic message – thus, foreign senders of CEMs are caught by this legislation; and for the UIP provisions to apply, either the computer system or the person (or person directing a person) must have been in Canada at the relevant time.
  • Low threshold for application: A CEM that is subject to the CASL anti-spam rules is defined as any electronic message that "it would be reasonable to conclude has as its purpose, or one of its purposes, to encourage participation in a commercial activity" – a broad definition that includes more than what would be traditionally defined as electronic spam. Accordingly, to the extent that a CEM has the encouragement of participation in a "commercial activity" as at least one of its purposes – even if not as its sole purpose – the CASL anti-spam rules will apply.
  • More than just e-mail: While CASL is colloquially referred to as an "anti-spam law," it applies to any transmission of an electronic message (including text, sound, voice, or image messages) to (a) an e-mail address, (b) an instant messaging account, (c) a telephone account, or (d), somewhat ambiguously, "any similar account".
  • Importance of relationship with recipient: Depending upon the sender's relationship with the recipient, the CEM may be (a) exempt from both the consent and message content requirements, (b) exempt from the consent requirements, or (c) subject to deemed, rather than express, consent. For example, there are exceptions for prescribed pre-existing business and pre-existing non-business relationships as well as for employees of an organization sending CEMs to one another internally and to employees of other organizations if they have a relationship and the message concerns the activities of the recipient organization. Understanding when such exceptions might apply, however, is challenging.
  • Deemed express consent for certain UIPs: In addition to anti-spam rules, CASL sets out rules concerning the express consent that must be obtained when software is installed on a person's computer system. This requires that certain disclosures be made to the recipient and that an appropriate acceptance mechanism be put in place. However, deemed consent is said to have occurred in the installation of certain prescribed UIPs – such as where the program is a cookie, an operating system, or a network update or upgrade – where the person's conduct is such that it is reasonable to believe that they consent to the program's installation. Unfortunately, it is not clear what "conduct" will be sufficient to meet the threshold of evidencing a "reasonable belief" that the person consents to the installation of such a program.
  • Express consent must be opt-in and unbundled: The base consent principle of CASL is that express consent is required from a recipient in order to send CEMs and install UIPs. For example, CASL requires that express consent must be opt-in (i.e., the recipient must give an explicit indication of consent) and that each request for consent must be separate and cannot be bundled together with other requests for consent for different purposes, such as consent requests for general terms and conditions. Businesses need to ensure that their requests for consent are designed in such a way that they comply with CASL.

The consequences of violating CASL rules are significant. There are various provisions that set out the enforcement framework for CASL. They include (a) the application of an administrative monetary penalty, where the maximum penalty is $1,000,000 in the case of an individual and $10,000,000 in the case of any other person, (b) the entry into an undertaking by the offending party, (c) the issuance of a notice of violation against the offending party, (d) injunctive relief, and (e) a private right of action (currently not yet in force) that, if successful, could result in a court order requiring the offending person(s) to pay the applicant (i) compensation in an amount equal to the actual loss or damage suffered or expenses incurred and (ii) in the case of a breach of (A) the anti-spam provisions a maximum of $200 for each breach, not to exceed $1,000,000 for each day on which a breach occurred, and of (B) the UIP provisions $1,000,000 for each day on which a breach occurred.

In addition, any officer, director, or agent of a corporation that commits a violation can be liable for the violation if they directed, authorized, assented to, acquiesced in, or participated in the commission of the violation, whether or not the corporation is proceeded against.

In the four years since CASL came into effect, there have been seven undertakings entered into by businesses for non-compliance, with monetary payments as part of such undertakings ranging from $10,000 to $200,000; one notice of violation with an accompanying administrative monetary penalty of $1,100,000; and three compliance and enforcement decisions imposing administrative monetary penalties ranging from $15,000 to $200,000.

Given the potential for personal liability for CASL breaches, it is important that businesses ensure that they develop and implement CASL compliance programs – including the development of anti-spam and UIP policies and any necessary amendments to their existing privacy policies.

A Canadian Radio-television and Telecommunications Commission bulletin on November 5, 2018 (CRTC 2018-415), provided general compliance guidelines and best practices for stakeholders with respect to the prohibition, under Section 9, to aid, induce, procure, or cause to be procured the doing of any act contrary to any part of sections 6 to 8. While untested, it appears that Section 9 may apply to individuals and organizations who are (a) intermediaries that provide enabling services that allow someone else to violate sections 6 to 8 or (b) receiving a direct or indirect financial benefit from such violations. Advertising brokers, electronic marketers, software and application developers, software and application distributors, telecommunications and Internet service providers, and payment processing system operators may be at risk, depending on certain factors, which include the following:

  • The level of control over the activity that violates sections 6 to 8 of CASL and the ability to prevent or stop that activity
  • The degree of connection between the actions that violate Section 9 and those that contravene sections 6 to 8 of CASL
  • Evidence of reasonable steps taken to prevent or stop violations from occurring

E-evidence Legislation

Canadian electronic evidence legislation aims to set out the conditions under which electronic evidence will be accepted as the "best evidence" available in a legal proceeding. The federal law and most of the provincial evidence laws have now been amended to address this issue.

To summarize, an organization wanting to ensure that its electronic records will be accepted in court must ensure that there is reliable assurance as to the integrity of the information contained in an e-document since the time the document was first created in its final form (that the information has remained complete and not been altered) and must establish the integrity of the system used to produce the e-document, specifically when the e-document was initially recorded.

Such an organization must also establish that the system was operating properly at all material times or that if it was not operating properly, the failure did not affect the integrity of the e-document and there are no other reasonable grounds to doubt the integrity of the system or the e-document (R v Hirsch, 2017 SKCA 14). The way in which the electronic record has been stored and the manner in which it is copied, transmitted, or reproduced may also affect the admissibility of the electronic record.

The Québec legislative initiative in this area is the Act to Establish a Legal Framework for Information Technology, which came into force on November 1, 2001. Until recently, it has received little attention from courts and legal practitioners due to its complexity.

Consumer Protection Legislation

Unlike the US system of federal consumer protection, the Canadian consumer protection regime varies in each province and territory, with different rules and regulations to consider for each of these jurisdictions. For that reason, where an electronic contract is intended to be executed by a "consumer" (as defined in each jurisdiction's regulations), the contract must meet both general consumer protection requirements (e.g., prohibiting unfair practices) and e-commerce-specific formality requirements (e.g., that certain disclosures be made at certain times during the electronic contracting process). Both sets of requirements can differ significantly among the provinces and territories.

The consumer protection regime in Canada can be complex for other reasons as well. Online contracts often fall into multiple categories of regulations with overlapping requirements. For example, in Ontario, an online contract could constitute an "Internet agreement," a "future performance agreement," and/or a "remote agreement." In British Columbia, an online contract could be a "distance sales contract" and/or a "future performance contract." In Québec, following the amendments made to the Consumer Protection Act in 2006 (sections 54.1 to 54.16), an online contract can be qualified as a "distance contract" and must also fulfill the requirements of the civil code of Québec. Further provisions in some provinces and territories aim to reconcile the different requirements.

Also, some of these requirements are not necessarily intuitive. They include requirements that
(a) certain disclosures be made to, and also included in, an online contract with the consumer,
(b) the contract be in writing, and, particularly odd in the context of an online contract,
(c) a copy of the contract be provided to the consumer. The Ontario Consumer Protection Act, for example, requires each supplier to deliver a copy of the Internet agreement in writing to the consumer within 15 days after the consumer enters into the agreement.

Failure to properly follow these requirements can be costly, forcing a merchant to accept returned goods, provide refunds, or pay fines for a violation. For example, Saskatchewan's Consumer Protection and Business Practices Act imposes a $100,000 fine for contravening any of its Internet sales contract provisions; this is followed by up to $500,000 in fines for subsequent violations. Directors of corporations found to have violated Saskatchewan's rules can also be held liable, whether or not the corporation has been prosecuted or convicted.

In addition, a company may find itself "named and shamed" by the applicable regulatory authority. For example, Ontario's Ministry of Government and Consumer Services maintains a searchable "Consumer Beware List" that lists the company and the nature of the offence and can be readily accessed and consulted by consumers to determine the nature of the complaint.

Domain Names

Parties wishing to obtain a ".ca" domain name will need to satisfy the Canadian Internet Registration Authority's Canadian Presence Requirements. Canada's top-level domain name is generally available to citizens, permanent residents, companies incorporated in a Canadian jurisdiction, and partnerships registered in Canada, among others. In addition, the owner of a trademark registered in Canada has the right to a ".ca" domain name that includes the trademark.

Software Licensing and Commercialization

Companies seeking to license and commercialize information technologies in Canada should familiarize themselves with the Canadian intellectual property regime ( see Chapter 13). Changes to both the Copyright Act and the Trademark Act are expected to come into force due to the United States–Mexico–Canada Agreement (replacing the current North American Free Trade Agreement).

Regarding shrink-wrap licences, purchasers need to be aware of the terms at the time of sale in order for such licences to be enforceable in Canadian courts. In addition, sale-of-goods legislation is generally inapplicable to prepackaged software sold to a customer under a licence as there is no transfer of property.

ISPs and Telecommunications

Foreign ownership restrictions (described in Chapter 3) only apply to telecommunications common carriers who are owners of telecommunications transmission facilities. Parties seeking an alternative may wish to consider becoming simple telecommunications service providers by leasing their facilities and equipment from an authorized common carrier.

With this in mind, a company could become an Internet service provider (ISP) in Canada without being subject to the foreign ownership restrictions. ISPs will not be held liable for copyright infringement perpetrated by their subscribers, provided the ISPs are acting in a passive manner as a conduit for the exchange of information. Furthermore, ISPs will not incur liability for caching (the act of temporarily storing a copy of a website or content) as this is a protected process under the Copyright Act.

Research and Development

Canada encourages research and development (R&D) activity through the Scientific Research and Experimental Development (SR&ED) program – an initiative of the federal tax authorities. It is the largest source of R&D support for taxpayers provided by the federal government. Under the SR&ED program, claimants can apply for investment tax credits for items like wages, materials, machinery, equipment, and contracts and even for a portion of company overhead.

To be eligible, a corporate claimant must be a Canadian-controlled private corporation (CCPC). A CCPC is a private corporation in which at least 50% of the registered shareholders with voting rights are held by Canadian residents. To put it another way, 50% of the corporation's shareholders can be non-residents, and there is no citizenship requirement.

CCPCs can earn a refundable investment tax credit of 35% on the first $3 million of qualified expenditures. To qualify under the program, these expenditures have to have been made for SR&ED carried out in Canada. Beyond the initial amount, CCPCs can earn a non-refundable investment tax credit of 15%.

Other Canadian corporations that do not qualify as CCPCs are eligible for a 15% tax credit on all of the qualified expenditures. These credits are non-refundable but can be used to reduce the tax burden payable to the tax authorities.

For more details on CCPCs, see Chapter 7.

>>Download this chapter 

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
 
In association with
Related Topics
 
Related Articles
 
Related Video
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.

Disclaimer

The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.

General

Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions