"If you abide by the law, you have nothing to fear."
These might sound like the words of a police chief or FBI official, but they were actually spoken in 2014 by Jean-Pierre Blais, the buttoned-down head of Canada's equally buttoned-down telecommunications regulator, the Canadian Radio-television and Telecommunications Commission. At the time, Blais was announcing the CRTC's role in enforcing Canada's newly introduced anti-spam legislation, or CASL.
The message was clear: the CRTC is ready to get its hands dirty. And now it finally has.
In November of 2015, CRTC inspectors executed the first search warrant in the regulator's nearly 50-year history. They entered a building in Brampton, Ontario to retrieve documents as part of a telemarketing investigation. Less than a month later, the CRTC executed yet another warrant, this time under CASL, shutting down a botnet server in Toronto as part of an international operation involving multiple agencies.
So far, it looks as though the CRTC is living up to Blais' tough talk in 2014. And yet, knocking on doors and executing warrants seems a lot like something the cops would do, not a federal regulator in Canada.
"In a sense, the CRTC is the police and judge"
The CRTC's new attitude has its roots in the passing of Bill C-37 in 2005. This amended the Telecommunications Act to give the regulator new powers to enter and inspect businesses and places of interest, seek warrants to inspect people's homes, and levy fines against telemarketers. The bill also created the National Do Not Call List (DNCL).
The CRTC had the ability to obtain warrants and inspect premises before 2005, but these powers were chiefly intended to regulate only telecommunication companies in Canada, according to David Fraser, an internet privacy lawyer with Halifax law firm McInnes Cooper. With the introduction of the DNCL, shadier operations like telemarketing schemes—people who abuse telecommunications infrastructure—became a target too.
"We saw the CRTC being put in charge of the National Do Not Call List, which takes them into a slightly different environment," said Fraser. "Some infractions of the Do Not Call List aren't done by the telcos, but scammers and people who are expressly flouting the law and are taking steps to evade detection." These kinds of people might be more likely to destroy evidence or deny inspectors entry into their homes, Fraser added, making search warrants more necessary than in the past.
Despite these new powers over a new class of miscreants, the CRTC enforcement of the DNCL was widely hailed as an ineffective disaster. For example, it wasn't until 2015 that the regulator executed its first warrant with the powers it gained under C-37, which had by then been in force for a decade. With CASL, the CRTC was given the power to go after online spammers, and it couldn't afford to make the same mistake of being perceived as soft on violations.
"I think the availability new powers—the ability to impose direct monetary penalties—and fighting against a reputation of not being very effective all came together to motivate the much more aggressive approach to enforcement that we've been seeing," said David Elder, a communications lawyer with Stikeman Elliott and former legal counsel to the CRTC.
Watch more from Motherboard: The Lost Art of Canada's Doomed Pre-Internet Web
To some observers, the CRTC's new take on enforcement comes as a welcome change from the days when the regulator appeared to be struggling to fulfill its mandate to crack down on telemarketers. Michael Geist, columnist and Canada research chair in internet and e-commerce law at the University of Ottawa, was one of the CRTC's harshest critics during this period. No longer.
"I think the CRTC's increased enforcement—particularly the warrant late last year—is fully consistent with the expectations that it exercise its enforcement powers," Geist wrote me in an email. "Many have noted that the US may lack some of the broad privacy-type laws found in Canada and Europe, but its enforcement through the [Federal Trade Commission] has been more effective and aggressive than that found in Canada. The CRTC seems to be catching up with CASL playing a key role in opening the enforcement door."
The US approach to regulating telemarketers and spammers has historically been much more aggressive than Canada's. This year alone, the FTC settled fines with a group of companies that were making millions of robocalls per day between 2011 and 2012, and gave two developers $25,000 to make an app that detects robocalls. The Federal Communications Commission, or FCC, also maintains the ability to enter a home even without a warrant if they believe someone is engaging in criminal activity using broadcasting equipment.
But not everyone is so bullish on the CRTC's newfound enthusiasm for door-busting. After all, with new powers comes new responsibility not to abuse them. Elder told me he's not convinced that the CRTC will always play fair with the people it takes down as part of its telemarketing or anti-spam operations. One potential problem, Elder said, is that fines are doled out outside of the court system, and with very little transparency.
It's also not always clear to the public why the CRTC pursues the cases it does, or why its staff arrives at one penalty and not another, Elder said. Moreover, the appeals process for a settlement is long and carries the risk of ultimately ending up with a heftier fine. Appealing a fine is thus unlikely for most companies, and individuals. "There's a very real procedural issue," Elder said. "In a sense, the CRTC is the police and judge."
It's a role that the federal regulator appears to be growing into, and with gusto, putting them on par with their more aggressive counterparts in the US. And we can perhaps expect to see more of the high-profile busts that American regulators often chase.
"Traditionally in Canada, if you violate a law that has a criminal component, it's going to be the RCMP that's investigating," Fraser said. "Maybe what we're seeing now is a movement of that policing authority out from the RCMP and into the regulators."