Bill C-30 requires Internet providers to have the ability to engage in multiple simultaneous interceptions but a wide range of questions – minimum and maximum simultaneous interceptions, how interception requests are made, maximum number of agencies making requests, etc. are all left to future regulations. Bill C-30 doesn’t even specify what communications must be interception-capable. Section 7 identifies a series of requirements including enable the interception of communications and isolate the communication. But what is a “communication” for these purposes? That is left to the unspecified regulations.
The mandatory disclosure of subscriber information without a warrant has been the hot button issue in Bill C-30, yet it too is subject to unknown regulations. These regulations include the time or deadline for providing the subscriber information (Bill C-30 does not set a time limit) and “prescribing any confidentiality or security measures with which the telecommunications service provider must comply.” In other words, disclosing the disclosure could be subject to further restrictions.
These are just some of the uncertainties. Section 64, which identifies the issues subject to future regulations by the Governor-in-Council cover almost every major substantive issue in the bill. In case the government has forgotten something, there is a catch-all regulatory power “generally, for carrying out the purposes and provisions of this Act.”
Public Safety Minister Vic Toews has indicated that he is open to amendments and that the government welcomes debate on the bill at committee. However, it is difficult to propose amendments to an incomplete bill. The public should not be asked to accept lawful access legislation that leaves so many issues to future discussion and regulation. A full debate and reform process necessitates the government coming forward with the accompanying regulations before the hearings on Bill C-30 get underway.