back to article Go Canada: Now ILLEGAL to auto-update software without 'consent'

Installing computer programs without consent became a civil offence punishable by fines in Canada this week. Under the new regulations that form part of Canada's anti-spam legislation, it is now illegal for a website to automatically install software on a visitor's computer or for an app on your phone to be updated without …

  1. Yet Another Anonymous coward Silver badge

    Excellent news

    Why the only thing that could spoil this would be if websites or software were ever produced and controlled by people outside of the country.

    But I'm sure the government is working on ways to prevent that

    1. Anonymous Coward
      Anonymous Coward

      Re: Excellent news

      Need some downvotes on a Friday:

      Canada: America's hat or Canada: they started a country and nobody came.

      1. Trevor_Pott Gold badge

        Re: Excellent news

        We're bigger and we're on top. Were this prison, you'd be our bitch.

        1. Destroy All Monsters Silver badge
          Devil

          Re: Excellent news

          > Were this prison, you'd be our bitch.

          Riiiiight.

          Meanwhile, with Harper in charge, you know EXACTLY who is the one biting cushions.

          1. larokus

            Re: Excellent news

            @ DAM

            I'm not sure I agree with that 100% considering he's about the "firmest" Prime Minister we in Canada have had in the last few decades. Has the gall to stand up what he believes is right, and hasn't wrapped up the billions of dollars in taxpayers money in scandal after scandal in the way the Canadian Liberals have. If you want to discuss proxy states and NA alliances we can save it for another forum.

            1. Shaun Hunter

              Re: Excellent news

              @larokus "hasn't wrapped up the billions of dollars in taxpayers money in scandal after scandal in the way the Canadian Liberals have. "

              You either don't live here or don't watch the news or work for the CPC. The Harper's whole reign has been scandal after scandal with 10s of billions of dollars missing.

        2. Fungus Bob

          Re: We're bigger

          Population of Canada -- 35 million

          Population of USA -- 320 million

          1. asdf

            Re: We're bigger

            I think he was talking about all that tundra they have. Still modern climate change is one the greatest things to happen to Canada. If we hit the most dire of projections up to 1/3 of Canada might actually be inhabitable.

            1. Fungus Bob
              Unhappy

              Re: We're bigger

              "I think he was talking about all that tundra they have."

              We eat all that corn syrup, too. So we _are_ actually bigger.

        3. Anonymous Coward
          Anonymous Coward

          Re: Excellent news

          Wow. I guess if you like that sort of thing.

      2. Stevie

        Re: Excellent news

        Or: Canada. Invaded by the Americans three times and still here, as big as we were.

        1. Trevor_Pott Gold badge

          Re: Excellent news

          "Invaded by the Americans three times and still here"

          Like that's hard to do. The yanks can win a war to save their fucking souls. I mean, hell, that lot can't even club a bunch of poor sand people on the head and steal their oil without getting their asses handed to them.

          Nah, the US is best used as an adjunct to a real nation. They can sit on the sidelines and fire missiles into some dictator's tank collection, or bomb (mostly) industrial facilities while real soldiers do the hard work on the ground of removing the douche canoes from office. However good the USian soldiers are - and US soldiers are damned fine soliders! - their military and political leader are utterly worthless, and it cripples their ability to achieve objectives.

          The best army in the world is worth nothing if you waste them on fool's errand after fool's errand.

          1. Anonymous Coward
            Anonymous Coward

            Re: Excellent news

            Wow a very butt hurt rant finished up brilliantly with the truth. Only US political leadership can finish a war by killing 2.5 million and only losing 60,000 or killing hundreds of thousands and only losing 4000 and still lose (Vietnam and Iraq).

          2. Alan W. Rateliff, II
            Unhappy

            Re: Excellent news

            A Yank might at first take offense to these statements. Sadly, this is exactly to what we have been reduced by our political ruling class, given power by a citizenry which has largely willfully submitted itself to the omnipotence of the legislator, to be ruled by its inferiors.

            We have lost our balls, or rather traded them away for a bunch of warm and fuzzy notions, replacing, as Thomas Sowell said, what worked with what sounded good.

    2. WatAWorld

      Re: Excellent news

      Actually it affects every company with a physical presence in Canada, even if that presence is just a sales office.

  2. chivo243 Silver badge
    Meh

    No, you can't

    Yes, I can. No, you can't! Yes, I can! Since when does a law stop miscreants from abusing technology? Nice law in theory, keep practicing, you'll get it, eh?

    1. Khaptain Silver badge

      Re: No, you can't

      It's not just the miscreants doing this. Have you tried to donwload anything from CNET or some of the other larger providers. It's a visual jungle trying to determine which "Download Now" button to click in order to to get the software that you want instead of some POS software installer/publicity laden/registry fixing nightmare.

      1. Yet Another Anonymous coward Silver badge

        Re: No, you can't

        By clicking the Download now button you consented.

        1. WatAWorld

          a download button is no longer conscent

          http://www.cwilson.com/resource/newsletters/article/1143-preparing-for-canada-s-anti-spam-law-part-two-the-installation-of-computer-programs.html

          "To obtain express consent, certain information must be set out clearly and simply by the person seeking consent and installing the computer program. This information includes the purpose for which the consent is being sought, information identifying the person seeking consent6, their mailing address and either a telephone number, an email address or a webpage7, and a statement that the person whose consent is sought can withdraw their consent8. Although the consent may be given orally or in writing, it must be sought separately for each act described under CASL9 – that is, consent to receive a commercial electronic message is not also consent to the installation of a computer program.

          "However, for the installation of computer programs, there are two additional consent requirements that don't apply to commercial electronic messages. The first of these is that the person seeking consent must also clearly and simply describe, in general terms, the function and purpose of the computer program that is to be installed if the consent is given.10 The second of these relates to specific functions of the computer program, and is discussed below."

          1. This post has been deleted by its author

      2. sushi!!

        Re: No, you can't

        Google just violated this law this morning.

        I maintain multiple GOOG accounts.

        In Chrome the account contains all my ADMIN links to access various sites I build / manage.

        In FF the account is plain vanilla. I can view the site in FF and log in as ordinary user but when I use the credentials on the chrome account I log in as ADMIN.

        This morning TheGOOG downloaded something new to Chrome. Chrome now displays and account name up near the min/max/close buttons. This new button showed an account name. This account name was the account associated with FF.

        I attempted to change Chrome back to the prior defaults. TheGOOG played the GOD card and deleted all of my account history, accumulated links, and all of my various access credentials. I have not yet had the time to go back and assess the damage but the loss represents 5 years of work at a minimum.

        TheGOOG destroyed files on my machine within the precincts of my home with no notice to me. This was due to TheGoog implementing changes that work well for it but for the end user not so much.

        Basis rule of dev is to avoid destructive changes from which there is no possibility of recovery. TheGOOG violated that basic principle. Which is strange as in all other TheGOOG products (such as maps) they roll forward or act to preserve user data. In this case they just blew it all away so they could interlink user accounts meant to be kept separate. The download was not requested or accepted by me. TheGOOG pushed the download to the browser with no explanation of what it was doing, why it was doing it, or the potential impact on the user.

        TheGOOG is more evil than even MSFT was in its heyday.

        1. Tom 13

          Re: Google just violated this law this morning

          Is some irritated because they failed basic user 101?

          Rule number 1: Always have a back-up of your critical data.

          Yeah, I break rule #1 sometimes too. But I don't blame the software vendor when I lose the data. I blame me and take my lumps.

          1. Anonymous Coward
            Anonymous Coward

            Re: Google just violated this law this morning

            I do have a backup. Just spent a few hours picking through the C:\Users\<USER>\AppData\Local\Google\Chrome\User Data\Default files to see what is there.

            I can push a button and replace all of Chrome and wind it back to any date in the last 30 days. Not sure how TheGOOG is going to play on that action as it is not clear what portion of the application is local and what is held in the cloud.

            I fully expect my attempt to reassert control over my hardware and my digital history will place me in conflict with the cloudy objectives of TheGOOG..

            1. Not That Andrew
              FAIL

              Re: Google just violated this law this morning

              >I do have a backup.

              So you lost 30 days of data then, Why didn't you say so instead of making yourself look like a total plank,

            2. Dan 55 Silver badge
              Coffee/keyboard

              Re: Google just violated this law this morning

              So, to resume, access to your work is hanging by a thread in your Chrome browser's sync data which is intended to replicate data across two or more browsers and not intended as a backup?

        2. Destroy All Monsters Silver badge

          Re: No, you can't

          This morning TheGOOG downloaded something new to Chrome

          tl;dr

          Why are you even consorting with Google. Are into succubi or something?

          tired_bugs_bunny.gif

        3. Anonymous Coward
          Anonymous Coward

          Re: the loss represents 5 years of work at a minimum.

          "the loss represents 5 years of work at a minimum."

          It's at times like this that people realise the difference between RAID (two identical copies of the same duff data) and backups (one or more copies of 'known good' data saved on a previous occasion)

      3. Teiwaz

        Re: No, you can't

        Then there's all those fake windows dialogs on many webpages claiming the system detected that there is a virus/registry error and you need to click a button to fix it.

        As a linux user I laugh at such naive attempts, but less knowledgable users are vable to such underhand behaviour.

      4. papa52

        Re: No, you can't

        Yeah, doncha just love trying to figure that out so you don't download the latest version of some obscure trialware? They have a small text link that allows you to download from the Software creator but you really do have to search for it.

    2. WatAWorld

      Re: No, you can't

      We shouldn't have a law because some criminals will break the law anyways?

      By your reasoning murder, rape and child molestation would be legal, because some people commit those acts despite their being laws against them.

      1. Yet Another Anonymous coward Silver badge

        Re: No, you can't

        >By your reasoning murder, rape and child molestation would be legal, because some people commit those acts despite their being laws against them.

        No it's like making a new law specifically banning sending a kidnap ransom demand by email and requiring a box to be ticked on every email stating that this isn't a ransom demand.

  3. James O'Shea

    hmmm...

    OK... now _enforce_ this. Especially enforce it on websites, etc., which are NOT in Canadian jurisdiction, which would be almost all of them.

    The problem with this kind of legislation is that the guys who are using drive-by installs to dump malware on people's machines are _already_ criminals, and simply will not care about adding yet another charge to the sheet, given that they are very unlikely to be caught.

    1. Zippy's Sausage Factory
      Meh

      Re: hmmm...

      Enforcing is one thing, catching is another. This does, however, give them a law to throw at foreign agencies for extradition requests etc.

      And don't the RCMP claim worldwide jurisdiction anyway? Or am I misremembering something I glance-read about six months ago?

    2. nuked

      Re: hmmm...

      I suspect that making it illegal will allow for more persuasive conversations with other software vendors who's legitimate activities have in the past accommodated what-was-until-now a legal practice. Now that it is illegal, I should imagine that this will become increasingly harder to do.

      1. Tom 13

        Re: I should imagine that this will become increasingly harder to do.

        'Imagine' would be exactly the right word as it certainly will not happen anywhere in the real world. Any thinking person would recognize this.

    3. BitDr
      Facepalm

      Re: hmmm...

      Yeah.. everyone EXCEPT the slime-ball criminals is affected by their misguided efforts. The goodie-goodie-nambie-pamby-left-leaning-social-engineering-think-of-the-children idiots don't understand is that criminals by definition do not obey the law. They also have a problem with scope... as in the Internet is global and good-luck applying your nation's laws to someone in a country on the other side of the planet, perhaps in the opposite hemisphere.

      1. WatAWorld

        Re: hmmm...

        Okay, so you'd do without laws on murder, rape and child molestation.

        But in this case the need for the law goes beyond for that for those clear cut crimes.

        In this case many people think these white collar crimes are legal and are committing them based on that belief, despite the fact that these crimes have always been unethical and immoral.

    4. WatAWorld

      Re: hmmm...

      What matters is whether the company has assets here that can be seized or a sales office that can be shut down.

  4. Marvin O'Gravel Balloon Face

    How does a website install software without the user's consent? Almost always it's down to the user clicking OK on some downloaded freeware. Not sure how these rules will change that.

    1. Anonymous Coward
      Anonymous Coward

      Javascript?

    2. WatAWorld

      It requires informed consent, not just consent. See my earlier post with a lengthy quote on this.

  5. Anonymous Coward
    Thumb Up

    Not bad

    I can see why other commenters think this legislation may be futile, but it is pleasing that they're at least acknowledging the need for regulation. Also nice to see that they use an example of dodgy behaviour clearly based on the Sony rootkit affair.

    Some of it seems a bit iffy, though. eg, if I read it right, ISPs won't need to seek permission to install software to "protect the security of all or part of (their) network from a current and identifiable threat".

    1. Bronek Kozicki
      Pint

      Re: Not bad

      Yay! Does that mean that Canadian ISPs are now explicitly permitted to install antivirus/antispam/other security measures on computers of their customers without consent when they happen to damage their network (I mean zombie PCs, of course) ?!

      I will drink to that!

    2. AJames

      Re: Not bad

      The problem is that it's worse than just futile. The last time they tried this sort of thing (i.e., their anti-spam legislation that required companies to obtain explicit consent to communicate with customers), all Canadian companies had to waste a vast amount of effort and money sending out emails seeking permission to continue communicating with their customers. People were overwhelmed with the volume of messages (hmmm, sounds a lot like the problem they were trying to solve in the first place), and probably missed responding to some that they should have. Of course real spam volumes were unaffected because almost all of it comes from spammers outside the country who don't care about Canadian legislation. It was pointless political posturing that ended up being worse than the problem it purported to solve, as usual. I suspect this latest legislation will be the same.

      1. Tom 35

        Re: Not bad

        It's true that it didn't do anything about the penis pills and other magic woo sellers, but my spam fillers get 99% of that stuff.

        What it did kill off was "legitimate" companies that thought it was OK to use an email address you supplied for one purpose to spam the crap out of you (except they call it an email blast so it was totally not spam).

        So now I get a please let us spam you email, and I do nothing.

        1. Preston Munchensonton
          Megaphone

          Re: Not bad

          "What it did kill off was "legitimate" companies that thought it was OK to use an email address you supplied for one purpose to spam the crap out of you (except they call it an email blast so it was totally not spam)."

          Guess your spam filters missed that 1%, huh? None of that makes much sense. Update your filters and stop whining. Alternatively, stop using email.

    3. BitDr

      Re: Not bad

      Uh huh... so an ISP can try to force you to install software. What if you are running Linux? Will they justify kicking you off their network because they can't install their security tools?

      Madness.

      1. WatAWorld

        Re: Not bad

        "Uh huh... so an ISP can try to force you to install software. What if you are running Linux? Will they justify kicking you off their network because they can't install their security tools?"

        You are dreaming up stuff to worry about. You're the only one suggesting people not be allowed to run Linux.

        The law says ISPs can assume consent to install security software that is solely to protect the security of the network. Getting the software to work is the ISPs problem. And if their software breaks your computer then they've broken the law.

        "a program that is installed by a telecommunications service provider solely to protect the security of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network;

        a program that is installed to update or upgrade the network by the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network; and"

      2. jonathanb Silver badge

        Re: Not bad

        Lots of people do run Linux these days, on smart TVs and similar, not so much on desktop computers.

  6. Vladimir Plouzhnikov

    Sometimes

    Governments can do a good thing.

    Purely by accident, no doubt, but still...

  7. Anonymous Coward
    Anonymous Coward

    Well done Canada.

    Now if only my government would do the same.

  8. John Lilburne

    I've had my computer screwed up twice in the last few years, screwed to the extent that a rebuild was required. Both times it was due to an automatic Apple iTunes update fuxoring the iPod drivers. Both times it required three days buggering about on stupid support forums, where everyone has an answer but no one knows the solution, before making teh decision fuggit where is that re-install disk.

    1. Preston Munchensonton
      Coat

      "Both times it was due to an automatic Apple iTunes update fuxoring the iPod drivers."

      Guess this means that you weren't holding it right...

  9. kbb

    Mobile apps

    I believe on Android the "automatically update apps" option is on by default. Is this something that Google have to worry about or individual app creators? If the latter I can't see how they can stop it other than not releasing any updates or adding in a new permission for each release to make the update a manual process.

    1. Anonymous Coward
      Anonymous Coward

      Re: Mobile apps

      Can they not simply add a patch to the OS to ensure any detected attempted update gets halted and the owner prompted ? Maybe a tick box in the settings (default off) to say do what you like, don't bother me.

      While they're at it they could ensure all permissions were switchable on & off per app anyway. Then those apps that insist on having a what seems to be an unnecessary permission, or it stops working, can be identified and removed.

    2. Kimo

      Re: Mobile apps

      As long as the user approves the update that disables auto updates they should be fine.

    3. Anonymous Coward
      Anonymous Coward

      Re: Mobile apps

      Unless something changed with 5.0, it isn't on by default according to my experience with 4.1-4.4.x. It's real easy to flip it to automagical updates without a thought involved since it's constantly trying to get you to do so. There's a couple of apps that I don't want updated which is why I've noticed. That and I keep killing tablet screens.

    4. James@1978

      Re: Mobile apps

      I think the auto update feature of Android can also be stopped from the app settings and I do think that sometimes it doesn't takes our consent which leads to data losses. But nowadays some special types of apps are also developed, in which you can get direct access to your phones settings, ie now the permissions will always have to be from your part. To know more please contact http://goo.gl/dIRZwL for a free consultation.

  10. Tom Chiverton 1

    "an app on your phone to be updated without first obtaining express consent from the owner"

    Even security updates ? What does 'consent' mean ?

    1. Gary 2

      Does it not mean a prompt to say xxx is trying to update. Allow/Cancel ?

      Even better if it can provide more information. That said I am under the impression apps are already needing explicit consent, or are there some stealth ones ?

    2. thames

      So far as I can tell, straightforward bug fixes are OK and don't need explicit consent, provided you have explicit consent from the original installation. What is being targeted is new software or changes to software which affects the collection of personal data, or which can affect the normal operation of the computer, phone, or tablet (e.g. browser home page hijackers), or which allows someone to get remote access to your computer (e.g. back doors).

      I think what they are after under the "updates" clause is where a company publishes an innocuous game, and then later uses the update feature to push out malware. There are companies in the mobile app field who buy up money losing games and then use them to push out data collection and tracking features to existing users. If you left this loop hole, then they could say that they had the "consent" of the user during the original installation. If you are just pushing out a security fix or bug fix which doesn't do something like intentionally add a remote access backdoor then you can use the consent from the original installation.

      The CBC reported that this legislation is actually just part of the existing anti-spam laws which are now coming into effect.

      1. Yet Another Anonymous coward Silver badge

        The trouble is we won't know until somebody is prosecuted, goes to court and a precedence is set.

        So unless you want that person to be you it's best to just steer clear of selling software if you are Canadian.

      2. Tom 13

        @thames

        The whole thing reads like yet another Lawyers Full Employment Act to me.

        You can make an identifiable act legal or illegal, shooting someone for example. You can't make an intention illegal, because that's trying to crawl inside somebody's brain. And what this law is aiming at is intentions, so it's bound to backfire in stupendous ways.

        1. Irony Deficient

          You can’t make an intention illegal

          Tom 13, I can’t speak to Canadian law, but in the States, 21 USC §846 makes a conspiracy to commit any federal controlled substance offense in 21 USC chapter 13, subchapter I, part D subject to exactly the same penalties as actually committing that offense. Unlike other conspiracy crimes, the US Supreme Court ruled in United States v. Shabani that a 21 USC §846 conspiracy does not require an overt act to be taken in furtherance of the offense; thus, the mere agreement of intent between two or more people to commit such an offense, without any action taken on that intent, would meet the definition of a 21 USC §846 conspiracy.

  11. Richard 81

    Now please make it illegal for a website to ask to install its mobile app every time you visit.

    1. Tom 13

      Re: it illegal for a website to ask to install its mobile app

      No way. If you do that, you've just given them permission to put a permanent cookie in my browser.

  12. Greg J Preece

    The Canadian attitude can also be seen in their response to the Charlie Hebdo attacks. France? They arrested 54 people on hate speech charges in one week. UK? They used the attacks as a springboard to try and ban encryption. Canada? They want to kill off their blasphemy laws.

    I love this feckin' country sometimes.

    1. Haro

      La Geist

      We in Canada have the King of the Internets to protect us from great stupidity. The politicians are terrified of him.

      1. Destroy All Monsters Silver badge

        Re: La Geist

        So can take a glorious trip to Europe? Preferably carrying an AK to unseat our heads of state?

  13. Anonymous Coward
    Anonymous Coward

    damaging and deceptive forms of spam and online threats

    it's great to see authorities trying to combat illegal activities. I'm sure all those, particularly the nastier ones, will come to stop their evil-doing right now. And for those who don't, well, the brave enforcement agencies will take the Chinese and Russian evil-doers head-on!

  14. CJ_in_AZ

    Too bad it snows in Canada. This would make it tempting to move from Arizona to Alberta, were it not for the weather.

    1. Greg J Preece

      Then move to BC and live in tri-cities. Barely any snow.

  15. Anon5000

    Bono iPhone

    Nothing in this that stops U2 albums being installed on your iDevice whilst you sleep though,

  16. NotWorkAdmin

    So...does this mean

    That "Install the Yahoo! Toolbar" checkbox will be unticked by default for Adobe's updates?

    1. raving angry loony

      Re: So...does this mean

      Don't be silly. By leaving it ticked, they can claim that they got consent. Besides, the websites are probably outside of Canada, and therefore beyond Canadian jurisdiction. Canada isn't the USA, and doesn't claim jurisdiction over the entire world. Yet.

      1. WatAWorld

        Re: So...does this mean

        Yahoo does business in Canada -- they have people here who sell advertising.

        You know how so many companies get stuck obeying US law because they do business in the USA, accept our laws or don't do business here.

        That's how it works other countries too.

        This won't affect companies with little or no presence in Canada.

    2. Michael Thibault

      Re: So...does this mean

      >That "Install the Yahoo! Toolbar" checkbox will be unticked by default for Adobe's updates

      some time after the preferences you've set for Flash--relative to its use of audio and video devices, to data storage, and to update preferences--'stick' for any length of time at all... Tick.. Tick...

  17. Dave Harvey

    Printer updates "for your benefit" (honest!)

    Will this ban printer manufacturers auto-updating their drivers/printers to disable 3rd party cartridges? If so, that would be a good use for this law, as the printer companies are (nominally at least) "reputable" firms who might be expected to comply.

    1. Keven E.

      Bug repair

      In the original license agreement section 34, paragraph 3, line 7, it states that you knowingly install this software with "bugs", which you agree we will fix for you (when we get around to it, of course). By "fix" we mean insert code that copies all of your contact information and database and drops off a copy by phoning home, the location of which we reserve the future right to change by "fixing a previously unknown bug".

  18. WatAWorld

    This affects foreign companies with an office in Canada.

    So it actually does affect companies that Google and Yahoo that have offices here to sell advertising. It affects what they can do to Canadian residents.

    (And of course it affects companies that EA, AMD, Corel, Microsoft, IBM that do major development work here.)

    For foreign-based companies with no Canadian presence: If the company committed serious damage to computers by what it was doing, any officer of that company visiting Canada could be arrested. However I don't think extradition would work because extradition *usually* (not always) is only for acts defined as crimes in both countries.

  19. WatAWorld

    We wouldn't have any laws at all, if we used the reasoning of some.

    Criminals, sure criminals will still commit crimes -- but if "some people will still break the law" was a reason to not have laws, we wouldn't have any laws at all.

    Laws are what gives "bottom-line oriented" greedy people their consciences. You know the sort, they consider anything they can get away as totally acceptable.

    The "high functioning" psychopaths and sociopaths whose disregard for ethics and morality brings them to the leadership of many companies, they care about laws and jail because laws and jail can reduce their personal enjoyment of life.

    And of course fines reduce profits which reduces their personal enjoyment of life too.

  20. WatAWorld

    More details on the law are here

    1. It looks like security and bug fixes are exempt, provided they don't add "features".

    2. It looks like permission boxes must be de-selected by default.

    http://www.cwilson.com/resource/newsletters/article/1143-preparing-for-canada-s-anti-spam-law-part-two-the-installation-of-computer-programs.html

    "... Express Consent Requirements

    While there are three main exceptions under which consent may be implied or is simply not required, the default position under CASL is that consent must be obtained before taking any action which would otherwise be prohibited. Because any person alleging to have obtained consent bears the evidentiary burden of proving such consent5, it is important for any company that installs computer programs to implement clear policies that provide for the proper documentation of customer consent for any computer programs that are installed. ..."

    and later it says

    "Exemptions

    There are three exemptions to the above rules, where consent is deemed to have been obtained or is simply not required. These exemptions apply to upgrades, cookies and telecommunication service providers. ..."

    And those exemptions are then defined.

    "... The regulations under CASL also provide that a person is considered to expressly consent if their conduct is such that it is reasonable to believe they consent and the program is one of the following:

    a program that is installed by a telecommunications service provider solely to protect the security of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network;

    a program that is installed to update or upgrade the network by the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network; and

    a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose.22"

    1. Keven E.

      Documenting change

      Doesn't the term *upgrade (sort of) imply adding features... specifically with software? To me it's something beyond a patch collection. One expects it to do the same functions faster or more efficiently, perhaps more security hardened, but expanding functionality is part of an *upgrade, which is a new purchase... which generally includes a new licensing agreement negotiated for each new purchase.

      Not that people don't go from Brandx.5 to Brandx.6 because they just want to feel/say they have the newest, and that they never do anything new with it, but.

      **********

      It sounds like each piece of software now needs to first make available for us a program which will provide us with documentation of the consent we give to install it, and separate documentation for every installation of any and all new/additional programs/features in the future. That oughta provide a coupla two-tree coders a gig for a while...

      *********

      And... what about the profitability of those telecommunications service providers, the lack of which certainly presents an identifiable threat to the availability (at all) of its network. Did Canada sign onto the TTIP?

    2. Anonymous Coward
      Anonymous Coward

      Re: More details on the law are here - Defined Exemptions

      a program that is installed by a telecommunications service provider solely to protect the security of its network from a current and identifiable threat to the availability, reliability, efficiency or optimal use of its network;

      The non-specific nature of this text with respect to the computers affected leads to the conclusion that it could be used to justify intrusion (whosoever it can be achieved) into a customer's computer in order to protect the TSP's network.

      a program that is installed to update or upgrade the network by the telecommunications service provider who owns or operates the network on the computer systems that constitute all or part of the network; and

      This seems to justify remote upgrades of TSP-supplied computers (eg ISP modems/routers) whether the customer wants it or not.

      a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose

      This seems to allow OS suppliers (eg Microsoft, Apple) to automatically fix bugs on anyone's computer without needing to inform the owner.

      --------------------------

      All in all, these sections seem consistent with the view that suppliers and operators of the network infrastructure can now legally poke into private computers without consent as long as they can claim that it is 'for the good of the network'. I'm sure security bods might applaud this, but it is a worrying step nevertheless.

  21. Roo
    Windows

    Who do I bribe ?

    To have this law applied retrospectively after being forced into installing Windows Genuine Advantage in the UK ? :)

  22. Oldfogey

    Why bribe anybody?

    Installing WGA was not compulsory - particularly if you did manual download of updates, as is only sensible. Just untick that item and tell Update never to show it to you again.

    If you have gone and download it by accident, or laziness in checking what MS is sending you, then just Google how to remove it. (Other Search Engines are available)

    I thought this was a tech site!

  23. Peter Fairbrother 1

    How far ..

    Does it apply to gubbmint spyware?

    allows automatic bug-fix updates? crap. Ever had to wait for an unwanted automatic update to install over a slow network connection before you can use your computer?

    I want to be consulted about everything which installs or modifies software on my computer, every time.

  24. papa52

    This new "Law" will really make no difference. We already jump through many hoops to avoid this stuff now. Check this box...and uncheck this one and do you agree not to install our wonderful Toolbar, etc., etc. My favorite type of Spam enabler is "Open Candy" . Another lovely one is Conduit. They are almost impossible to avoid getting in some cases while installing so called "Free" software and very difficult to get rid of once installed. It can't be called "Buyer beware", more of "User beware". I avoid free trials like a horrible disease now because of my bad experiences and the time required to clean up my computers. I can't even imagine the costs involved to have a professional clean out your computer. I thank God I have some idea how to do so or I could never afford to be connected to the Internet. Needless to say I used to be quite a Risk Taker but you do eventually learn. I was stubborn and so I probably took a bit longer than some but the time factor inconvenience eventually taught me.

  25. vordan

    When you have a huge hammer, everythings looks like a nail.

    BAAAM! Done, sir!

  26. Javapapa

    Easy fix

    Relabel buttons "Download, eh?"

  27. BongoJoe
    Terminator

    Windows Updates

    You know, those things which update your machine and reboot automatically despite when you specifically have turned the autoupdate off and it does it in the middle of a long overnight data bashing run thus mangling everything.

    I'll vote for this.

  28. OmgTheyLetMePostInTheUK
    FAIL

    WHAT do you mean you cannot read a Word 3.0 document?

    Whoever wrote this, and the idiots that then voted on this should all be sent to North Korea where things like this will have almost no affect, and when they do, GENERAL KIM can quickly fix the problem.

    For the rest of us, get the hell out of the way and let us live our lives without your crap interfering!!

    WAY TO GO CANADA! You have stepped into the dark ages!

  29. JaitcH
    WTF?

    Does this include malware from NSA, GCHQ and Uncle Tom Cobley?

    Damn Windows, even though set to NOT upgrade dies, as does Firefox - did you version 35 yesterday?\

    I never like upgrading until I have waited a week so I can see what others are saying about the 'new and improved'.

  30. AbeSapian

    Done It's Job

    If that means I don't have to put up with Ask, or Bing, or multiple Mcafees being installed on my system its done its job.

  31. MrTuK

    Win 10

    So how did the Win 10 auto update happen in Canada, has MS been fined or did no one get autoupdated to Win 10 or maybe they just use Win XP still ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like