Canada and the European Union have both passed laws that are being implemented and impact technology. Three laws in particular have caused some technology companies to change how they are doing things.
Canada’s Anti-Spam Legislation
If Canadian bacon is really just ham, what is Canadian spam? Non-existent, at least after this new law.
New legislation comes into force today that makes spam an opt-in choice. It also has to be express consent, so no pre-checked boxes on forms can lure people onto mailing lists by default. Companies also have to identify themselves in mailings and provide a reliable means to unsubscribe. For better or worse, the legislation has a three year transition period to allow companies to change their practices. On July 1st, 2017 the legislation will gain some teeth to allow them to enforce the rules including significant fines for the individual, executives, and organization. For more information, check out the CASL FAQs.
As a result of this law, you may have been getting emails from companies that you do business with looking for you to opt-in as they rebuild their subscriber lists. Microsoft even sent out an email saying that they are discontinuing certain security notifications “due to changing governmental policies”. To continue to receive that information, you can routinely visit Microsoft’s Security TechCenter or subscribe to an RSS feed. Apparently Microsoft has changed their stance and will be restarting their security notifications on July 3rd.
EU’s Right to be Forgotten
The EU seems to usually be on the forefront when it comes to legislation and technology, particularly environment impacts and privacy. A court ruling (fact sheet, PDF) in May allowed a 2012 data protection reform legislation to be enforced. It states everyone has the right to the protection of personal data. Personal data can only be gathered under strict conditions and for legitimate purposes. Those individuals and organizations also have a right to manage that personal information.
One of the most discussed parts of the legislation has been the Right to be forgotten. As a result, search engines like Google have to allow individuals to remove entries from search results that they do not wish to be indexed for the privacy of their personal information. Google has implemented this through a webform which receives manual review but is being acted upon. Various news sources say that Google received 12,000 requests to be forgotten on the first day.
A recent ruling by the Court of Justice of the European Union found that certain users can ask search engines to remove results for queries that include their name where those results are inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.
EU’s Know Your Customers
The ‘Know Your Customers’ directives seem to come under EU Anti-Money Laundering legislation regarding financial crime and impacts money-handling services. It is intended to deter using various services for money laundering, funding terrorism, or other foul play. A bank would be able to analyze a transaction and say it is inconsistent with what they know about a customer and limit the transaction. Sites like Flattr are asking customers to update their accounts before July 15th or else their accounts will be deactivated permanently at some point down the road.