The past ten days have been a difficult time for Canadians concerned with privacy and civil liberties. Strike one came with new Edward Snowden revelations regarding Canada’s role in the daily tracking of the Internet activities of millions. Strike two was the introduction of Bill C-51, the anti-terrorism legislation, which sparked concern from observers across the country. Strike three came with the response to those developments, with the government dismissing oversight mechanisms as “red tape” and the opposition parties choosing to focus on process rather than substance.
The opposition parties’ decision to focus on oversight is unsurprising given the weakness of the current system and the absence of any meaningful reforms within the proposed legislation. Yet the problem with focusing chiefly on oversight and is that it leaves the substantive law (in the case of CSE Internet surveillance) or proposed law (as in the case of C-51) largely unaddressed. If Canada fails to examine the shortcomings within the current law or within Bill C-51, there is no amount of accountability, oversight, or review that will restore the harm to privacy and civil liberties.
For example, the latest Snowden leaks revealed that the CSE has gathered information on as many as 15 million uploads and downloads per day from a wide range of hosting sites. The goal is reputed to be to target terrorist propaganda and training materials and identify who is uploading or downloading the materials. The leaked information shows how once a downloader is identified, intelligence agencies use other databases (including databases on billions of website cookies) to track the specific individual and their Internet use within hours of identified download.
The program removes any doubt about Canada’s role in global Internet surveillance and highlights how seemingly all Internet activity is now tracked by signals intelligence agencies. They are able to track who visits various websites and what they do from the outside, confirming the existence of a massive surveillance architecture of global Internet traffic that improved oversight in Canada alone would do little to address.
Moreover, these programs point to the fundamental flaw in Canadian law, where Canadians are re-assured that CSE does not – in fact, it legally cannot – target Canadians. However, mass surveillance of a hundred million downloads every week by definition targets Canadians alongside Internet users from every corner of the globe.
The claims that Canadians are not specifically targeted by such programs is based on arbitrary distinctions in defining “targeting” that only succeed in demonstrating the weakness of Canadian law. Given what we now know, better oversight of CSE is needed, but so too is a better law governing CSE activities.
Similarly, Bill C-51 is a problem not only because it fails to address longstanding limitations in oversight and accountability over CSIS, but rather because there are substantive provisions that raise real privacy and civil liberties concerns.
For example, the new CSIS disruption warrants featured in the bill are remarkably broad, providing legal power to effectively ignore any law (domestic or otherwise) and do whatever is deemed necessary to counter activities that extend far beyond just terrorism. It shocks to see the government openly empowering CSIS to break the law with few limitations or restrictions.
There are many other provisions in the bill that require detailed study, among them the potential website takedowns, the criminalization provisions on promoting terrorism that will be surely challenged under the Charter, and the broad information sharing provisions that the government-appointed Privacy Commissioner of Canada has warned against.
The radical reform of CSIS, when viewed alongside the mass surveillance programs of CSE, point to the need for a careful, non-partisan review of the law. Canadians may have already struck out in the hope for such a review, however, with the opposition parties confining most of their criticism to oversight. There is still time to reconsider this position since addressing oversight is surely necessary, but even a cursory review of CSE activities and Bill C-51 confirms that it is by no means sufficient.
Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can be reached at firstname.lastname@example.org or online at www.michaelgeist.ca.