Last week federal Justice Minister Robert Nicholson introduced new legislation that, if enacted, will establish mandatory disclosure requirements for Internet providers to report child pornography websites or subscribers they believe are using their service to violate child pornography laws.
Bill C-58 shares similarities with several provincial laws, including one enacted last year in Ontario. It contains tough penalties such as fines or imprisonment for failure to report as well as requirements to preserve evidentiary computer data for several weeks. Internet providers also are prohibited from disclosing the disclosure to the suspected individual or website.
The bill extends beyond just Internet service providers by including those who provide Internet access, hosting, or email services. In other words, services such as Google, Hotmail, and Facebook are all covered.
While few will criticize a bill targeting child pornography – everyone agrees that it is abhorrent and we need to ensure that we have laws to deal with the problem – the bill still gives pause, for two reasons.
The first stems from whether the bill actually accomplishes anything new. Although all of these provisions give the appearance of a significant step forward in the fight against child pornography, the reality is that Canada is already a world leader in the area. Criminal provisions involving child pornography were enhanced in 2005 and Canadian law enforcement made the issue a priority, as evidenced by hundreds of arrests in recent years.
Cybertip.ca, an online tip service that works together with Internet providers and law enforcement, fields thousands of tips each year. Moreover, it maintains Project Cleanfeed Canada, an initiative that has resulted in ISPs blocking access to thousands of child pornography images.
While there are reports that Canada is a source of child pornography websites, a recent major European-based study concluded that focusing on the web and blocking content makes little sense in trying to combat child pornography since most dissemination occurs beyond the potential for tips envisioned by the new disclosure bill.
The second concern arises from the bigger picture shift of the role of Internet providers. This bill marks the second piece of legislation this year that opens the door to far greater ISP policing and monitoring of their networks. ISPs are quietly being deputized as law enforcement assistants, with new requirements to install surveillance capabilities and provide information on their subscribers and their activities.
Earlier this year, the government introduced lawful access legislation (Bills C-46 and C-47) that places Internet providers at the very centre of online crime investigations. The bills establish technological surveillance requirements with the government promising funding to offset the new equipment costs. They also feature mandatory disclosure of customer data, including name, address, IP address, and email address upon law enforcement request without court oversight. The bills even create the possibility of law enforcement paying ISPs for their time and trouble in handing over subscriber data.
When the lawful access bills are combined with Bill C-58, the vision of the ISP as a common carrier that merely serves as an Internet intermediary disappears, replaced with new legal obligations that forces ISPs to do far more policing on their networks. Some will welcome this change – indeed argue that it should be expanded to other issues such as defamation or copyright – yet deputizing ISPs brings with it challenging questions about our comfort with having Bell Canada, Telus, Rogers, Shaw, and other leading ISPs cast as supporting players for law enforcement.
Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can reached at firstname.lastname@example.org or online at www.michaelgeist.ca.