The second phase of the CASL regime is almost upon us. On January 1, 2015, certain rules regarding the installation of computer programs and the associated consent required by CASL come into effect.
In anticipation of the dawning of these new requirements, the CRTC has released some guidance on when and how organizations must obtain consent for the installation of computer programs.
There are a few valuable tips in the guidance, including the clarification of what the CRTC views as qualifying as installation of a computer program. The CRTC has said CASL does not apply to owners or authorized users installing software on their own computer systems (e.g., personal devices such as computers, mobile devices or tablets). They give two examples: downloading an app (when you know what the app does), or copying songs from a CD. CRTC clearly says: self installed software is not covered under CASL.
What CRTC says does qualify as installation of a computer program under CASL is the malware installed with other software.
In addition to personal installation on one's own device, the CRTC says CASL does not apply to a business' installation of software on business devices used by its employees.
These clarifications will be welcome to many businesses as they recognize the operational realities in computer use and installation of today.
The guidance also clarifies circumstances where an organization can rely on existing consent and how to obtain new consent.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
