Public Safety Canada and Industry Canada have quietly launched a semi-public consultation on one element of lawful access. The new consultation, which concludes on September 25th, asks for comments on the provision of customer name and address information by telecommunications companies to law enforcement. The consultation has not been posted on the Internet and I was asked not to post it online.
That said, this is an important issue and I believe that the government should hear from all interested stakeholders, not a hand-picked, secret group. In the consultation, Public Safety claims that "law enforcement agencies have been experiencing difficulties in consistently obtaining basic CNA information from telecommunications service providers. In the absence of explicit legislation, a variety of practices exists among TSPs with respect to the release of basic customer information, e.g. name, address, telephone number, or their Internet equivalents." After identifying what it considers CNA data (including cell phone identifiers, email addresses, and IP addresses), the departments propose a series of safeguards including limits on who would have access to the information, limited uses of the information, and internal audits on the use of these powers.
It is extremely disappointing to see that the departments continue to believe that ISPs should be required to hand over potentially sensitive personal information without a court order or other judicial oversight. Moreover, the claim that law enforcement has faced "difficulties" in obtaining CNA data remains completely unsubstantiated (to the extent that some ISPs ask for a court order, this reflects an appropriate balance that Parliament established when it enacted PIPEDA).