Session Four: Regulatory Powers
What is a Worksheet?
Each advisory group session will be supported by a worksheet, like this one, made available to the group in advance of each session. The goal of these worksheets is to support the discussion and organize feedback and input received. These worksheets will be made public after each session.
Each worksheet will have a set of questions for which the group members will be asked to submit written responses to. A non-attributed summary of these submissions will be published weekly to help conduct the work in a transparent manner.
The proposed approach in each worksheet represents the Government’s preliminary ideas on a certain topic, based on feedback received during the July-September 2021 consultation. It is meant to be a tool to help discussion. The ideas and language shared are intended to represent a starting point for reaction and feedback. The advice received from these consultations will help the Government design an effective and proportionate legislative and regulatory framework for addressing harmful content online. Neither the group’s advice nor the preliminary views expressed in the worksheets constitute the final views of the Department of Canadian Heritage nor the Government of Canada.
What regulatory authorities and powers would be needed for a Digital Safety Commissioner to be effective?
- Determine if the compliance and enforcement tools proposed for the Digital Safety Commissioner would be effective and appropriate. The Commissioner would be authorized to conduct audits and inspections to monitor compliance. Participants’ views are sought on the breadth and use of compliance and enforcement tools.
- Explore the elements of an effective, proportionate Administrative Monetary Penalty (AMP) enforcement regime. The AMP system would be based on the model put forward during the July-September 2021 consultation. Participants’ views are sought on what the appropriate range of penalties and grounds for AMPs should be.
- Consider how progressive enforcement tools could be included to address persistent and/or gross non-compliance. . The fact that many platforms are located outside of Canada may limit the extent to which some regulated entities may comply with a regulatory framework. Participants’ views are sought on whether and how escalating or progressive enforcement tools could boost compliance and/or confront gross non-compliance.
- A new regulator, the Digital Safety Commissioner (the Commissioner), would be created to administer and enforce the new legislative and regulatory regime. The Commissioner would be the operator and driving force of the legislation and would be equipped with powers to compel regulated services to reduce the amount of harmful content available to Canadians on their platforms.
- The Commissioner would need to be equipped with authorities and powers to ensure it can effectively administer, oversee, and enforce the legislation. This includes audit and inspection authorities to ensure that regulated entities live up to reporting and transparency obligations, and that they fulfill the commitments outlined in their Digital Safety Plans. In designing these authorities, some representations and materials may be particularly sensitive – related, for example, to child sexual exploitation, or the non-consensual sharing of intimate images – and authority to hold in camera hearings and ex parte proceedings may also be needed.
- An effective toolkit also includes order-making and other enforcement powers. It will be important to achieve the right mix of enforcement powers to impose different levels of penalties that reflect the seriousness of the violation given the seriousness of the incident, the extent of non-compliance, repeat offences, or a combination of these concerns. The harshest measures would be a last resort.
Overview of Proposed Approach
- The Digital Safety Commissioner would be authorized to conduct inspections and audits to drive compliance. The Commissioner, and authorized supporting staff, would have powers to enter the premises of regulated entities and access documentation, data and equipment and interview employees. This authority could be used in two specific circumstances: a) when the Commissioner has a reasonable suspicion that the regulated entity is not complying with certain legislative or regulatory obligations; or b) if the regulatory entity has a recent history of non-compliance.
- The Commissioner would have authority to issue compliance orders and set harsh penalties for serious instances of non-compliance. The Commissioner would have the power to issue compliance orders against regulated entities. The Commissioner would also have the authority to issue administrative monetary penalties (AMPs) for certain instances of non-compliance; and may refer offences for gross and deliberate non-compliance with statutory obligations to prosecutors. New legislation would set a maximum amount for AMPs of up to 3 per cent of the regulated entity’s gross global revenue or up to $10 million, whichever is higher. It would also set a maximum amount for fines under an offence for gross and deliberate non-compliance with statutory obligations at 5% of global revenues.
- The Commissioner would also have a mandate to lead and participate in research and programming, convene and collaborate with stakeholders, and support regulated entities in reducing harmful content on their services. The Commissioner’s mandate would be modelled on Australia’s e-Safety Commissioner by positioning it to act as a partner, convener, and collaborative force in the domain of platform governance and combatting harmful content. The Commissioner would be resourced for research as well as citizen and stakeholder outreach to advance its goals in a non-regulatory way, including through consultation to inform its regulations and the regular publication of guidance to help regulated entities fulfill their obligations.
- Finally, exceptional recourse measures and enforcement tools are being explored as a last resort for persistent and severe non-compliance. This could include measures like those in the United Kingdom’s Online Safety Bill, such that the Digital Safety Commissioner could require regulated entities to designate a representative, who would be held liable for serious instances of non-compliance by their respective platforms. This power would further deter representatives from making decisions that would position the platforms they work for to be non-compliant, as they would face personal liability in situations of persistent and severe non-compliance. The use of this or any other exceptional recourse measure would only apply in situations where a regulated entity has repeatedly demonstrated non-compliance with orders and obligations, and other enforcement measures have been exhausted.
Supporting questions for discussion
- Determine if the compliance and enforcement tools proposed for the Digital Safety Commissioner would be effective and appropriate.
- Australia did not have problems with platform compliance when they put in place their eSafety Commissioner. Given the proposed enforcement tools for the Digital Safety Commissioner, do you foresee compliance being an issue in Canada?
- What should progressive enforcement look like for the regulator?
- Which tools (e.g., norm setting, guidance documents, compliance orders, inspections, AMPs, and offences) would be most effective to drive compliance?
- What do you think the threshold should be for using these compliance tools? For example, should there be reasonable belief of non-compliance before engaging in inspections or audits?
- What enforcement tools do you think would be most effective at obtaining the compliance of foreign entities?
- Explore the elements of an effective, proportionate Administrative Monetary Penalty (AMP) enforcement regime.
- The United Kingdom’s approach to AMPs is a maximum AMP of 18 million Euros or 10% of a service’s qualifying worldwide revenue. What do you believe is an appropriate maximum measurement of an AMP in the Canadian context? What factors should a regulator consider to determine an amount for an AMP?
- Consider how progressive enforcement tools could be included to address persistent and/or gross non-compliance.
- Are alternative enforcement mechanisms, such as requiring platforms to designate a representative who would be liable, appropriate and proportionate?
- Are there additional alternatives approaches to effective enforcement powers?
- Date modified: