The Canadian Radio-television and Telecommunications Commission (CRTC), one of the regulators responsible for enforcing Canada's anti-spam law (CASL), served its first warrant under CASL on December 3, 2015. The warrant was served to take down a botnet command-and-control server located in Toronto, Ontario. Along with other recent enforcement actions that resulted in large payments being made under CASL, this warrant further affirms how the CRTC is taking the enforcement of the legislation seriously.
Taking Down Dorkbot
The warrant is part of a coordinated international effort aimed at taking down botnets—in this instance, the malware family Win32/Dorkbot. A botnet is a global network of machines that have been infected with malware and which carry out the commands of the attacker who installed the malware on the machines.
CASL generally prohibits the installation of a computer program on any other person's computer system or, having so installed or caused to be installed a computer program, cause an electronic message to be sent from that computer system, without the express consent of the owner or authorized user of the computer system.
CASL allows the CRTC to obtain warrants that authorize the CRTC to enter into any place to verify compliance with CASL, determine whether a contravention of CASL has taken place, or assist an investigation or proceeding in respect of a contravention of the laws of a foreign state that address conduct that is substantially similar to conduct prohibited under CASL.
A warrant under CASL allows the CRTC to have access to a place to examine and protect anything relevant to their investigation. Specifically, a warrant allows the CRTC to:
- examine and remove anything found in the place, including any data stored in any computer system;
- communicate and make copies of anything found in the place;
- prohibit or limit access to all or part of the place.
This shows the CRTC will not hesitate to continue issuing warrants to combat the use of botnets and malware in Canada. Towards this end, the CRTC has been working closely with domestic and international partners, such as the Royal Canadian Mounted Police, Public Safety Canada, the Canadian Cyber Incident Response Centre, the Federal Bureau of Investigation, Europol and Interpol.