Text: Small Text  Normal Text  Large Text  Larger Text
  • Columns
  • Why Canada's Telecom Companies Should Come Clean About Customer Information

Blog Archive

PrevPrevApril 2014NextNext
SMTWTFS
  12345
6789101112
13141516171819
20212223242526
27282930

Why Canada's Telecom Companies Should Come Clean About Customer Information

PDF  | Print |  E-mail
Wednesday January 29, 2014
Earlier this week, I wrote a column (Toronto Star version, homepage version) arguing that Canada's telecom companies should come clean about their disclosures of customer information. That column was in response to a public letter from leading civil liberties groups and academics  sent to Canada's leading telecom companies asking them to shed new light into their data retention and sharing policies. The letter writing initiative, which was led by Christopher Parsons of the Citizen Lab at the University of Toronto's Munk School of Global Affairs, is the latest attempt to address the lack of transparency regarding how and when Canadians' personal information may be disclosed without their knowledge to law enforcement or intelligence agencies.

That initiative has now effectively been joined by the Office of the Privacy Commissioner of Canada and NDP MP Charmaine Borg. Chantal Bernier, the interim Privacy Commissioner of Canada, released recommendations yesterday designed to reinforce privacy protections in the age of cyber-surveillance. The report includes the following recommended reform to PIPEDA:

require public reporting on the use of various disclosure provisions under PIPEDA where private-sector entities such as telecommunications companies release personal information to national security entities without court oversight.

In addition, Borg has filed an order paper question (Q-233) seeking detailed data on requests to telecom companies from various government agencies.

As my column notes, concerns with telecom secrecy has become particularly pronounced in recent months as a steady stream of revelations that have painted a picture of ubiquitous surveillance that captures "all the signals all the time", sweeping up billions of phone calls, texts, emails, and Internet activity with dragnet-style efficiency.

Canada's role in the surveillance activities remains a bit of mystery, yet there is little doubt that Canadian telecom and Internet companies play an important part as intermediaries that access, retain, and possibly disclose information about their subscribers' activities.

In the United States, companies such as Verizon and AT&T have announced plans to issue regular transparency reports on the number of law enforcement requests they receive for customer information. The telecom transparency reports come following a similar trend from top Internet companies such as Google, Twitter, Microsoft, and Facebook.

The first Verizon report was released last week and it revealed that there are hundreds of thousands of requests for subscriber information every year. Last year this included more than 30,000 demands for location data, the majority of which lacked a warrant.

By contrast, Canada's telecom companies remain secretive about their participation in the surveillance activities, with no transparency reports and no public indications of their willingness to disclose customer information without a court order.

The scope of such participation is potentially very broad. Not only is there the prospect of co-operation with Canadian intelligence agencies, but Canadian networks and services are frequently configured to allow for U.S. surveillance of Canadian activities.

For example, Bell and Rogers link their email systems for residential customers to U.S. giants with Bell linked to Microsoft and Rogers linked to Yahoo. In both cases, the inclusion of a U.S. email service provider may allow for U.S. surveillance of Canadian email activity. Moreover, Bell requires other Canadian Internet providers to exchange Internet traffic outside the country at U.S. exchange points, ensuring that the data is potentially subject to U.S. surveillance.

Secret disclosures of subscriber information extend beyond surveillance programs run by Canadian and U.S. intelligence agencies. Under Canadian law, telecom companies and Internet providers are permitted to disclose customer information without a court order as part of a lawful investigation. According to data obtained under Access to Information, the RCMP has successfully obtained such information tens of thousands of times.

In fact, Bill C-13, the so-called "cyberbullying" bill, includes a provision that is likely to increase the number of voluntary disclosures without court oversight since it grants telecom companies and Internet providers complete immunity from any civil or criminal liability for those disclosures.

The privacy implications of this secret disclosure system are enormous, potentially touching on the private data of hundreds of thousands of Canadians. Yet the policies seemingly operate between the cracks in the law, permitting some disclosures without court oversight, blocking notifications to those who are affected, and even providing financial compensation from taxpayers to the telecom companies for their co-operation.


Canadian privacy law requires telecom companies and Internet providers to adhere to an openness principle that includes making "readily available to individuals specific information about (its) policies and practices relating to the management of personal information."  Those companies have failed to comply with the spirit of this principle, suggesting that Privacy Commissioner of Canada should consider supplementing last week's civil society letter with an investigation of her own. a href=
Comments (5)add comment

Doug said:

...
I was interested in how long Bell was keeping my records a few years back, and it took a while to get any information out of them. I eventually suggested to them that I'd be speaking to the Privacy Commissioner and they started talking (that may have been when I got a call at home from the VP of Marketing ...) ... anyway, a nice fella told me quite clearly that they retain all call records for "at least five years". They suggested that this info is kept for "billing purposes". (this is a pretty good excuse, as they would need that info to resolve any billing disputes, but I still don't like it). I had a student in a class just this week describe to me how her mother had requested all of her text messages from her carrier, and managed to receive all of them in full detail (I have no idea how she managed that). I think that I may finally be reaching the five year point (I left Bell), but I have no faith that they actually get rid of old records. They also made it quite clear that they do not require anything beyond a request from authorities to give away all of your info ... i.e. - no need for a warrant or a court order of any kind ... just ask. Of course, we knew that from the recent downloading/Bittorrent cases in which info was handed out quite freely. We do need some type of precedent in the country to determine what "unreasonable search and seizure" means ...
January 29, 2014

Doug said:

...
I was interested in how long Bell was keeping my records a few years back, and it took a while to get any information out of them. I eventually suggested to them that I'd be speaking to the Privacy Commissioner and they started talking (that may have been when I got a call at home from the VP of Marketing ...) ... anyway, a nice fella told me quite clearly that they retain all call records for "at least five years". They suggested that this info is kept for "billing purposes". (this is a pretty good excuse, as they would need that info to resolve any billing disputes, but I still don't like it). I had a student in a class just this week describe to me how her mother had requested all of her text messages from her carrier, and managed to receive all of them in full detail (I have no idea how she managed that). I think that I may finally be reaching the five year point (I left Bell), but I have no faith that they actually get rid of old records. They also made it quite clear that they do not require anything beyond a request from authorities to give away all of your info ... i.e. - no need for a warrant or a court order of any kind ... just ask. Of course, we knew that from the recent downloading/Bittorrent cases in which info was handed out quite freely. We do need some type of precedent in the country to determine what "unreasonable search and seizure" means ...
January 29, 2014

Michael Heroux said:

Privacy Commissioner Of Canada Part 1

We are happy with the new recommendations from the Privacy Commissioner of Canada's Office.
My wife and I are the two people Justice Mosley was refering to when he ruled CSIS was end running the law. We have been following this decision very closely, we are being spied on right here in Canada. My wife and I and our 3 children have been abused by the RCMP CSIS CSEC and other police forces in Ontario and British Columbia for over 5 years now. I have a mental disability and the police started harassing my family and I when I started using Craigslist 5 years ago, what can I say, we're swingers. My wife slept with a few of them while I watched. We are not terrorist. It sounds strange but I have been poisoned and my wife has been poisoned for speaking out publicly about the abuse. We have also been assulted numerous times in the last 5 years. They are listening to us in our bedroom and living room because they let us know by telling us what we are talking about in the privacy of our home. We contacted the BC Human Rights and Civil Rights office last year because the police were trying to run me and my family over on the streets, but they never got back to us. We got a lawyer a couple years ago and the lawyer was able to get them to lay off for a bit. They sent a gunman to murder us last year, we managed to evade him. It also sounds strange but we have a spy monitoring us right now in the adjacent suite to us and they have been there for 10 months now. Since Judge Mosleys decision they quit harassing us but they are still messing around with our internet and phone communications. Thank God for Judge Mosley, I think he saved our lives. We think the reason they are still watching over us is because of what Judge Mosley refered to as "invasive survailence techniques" used against the people who had those warrents issued on them. They don't want us to tell anyone about the techniques used against us for the last 5 years. Pretty sophisticated alien technology if I do say so myself. Pretty cool actually but we don't plan on telling anyone. We are patriotic Canadians and we hate terrorist like everyone else but we don't want to see people abused. Caught up in the fish net so to speak. They have tried to set us up numerous times for arrest over the last 5 years to get their hands on us and make us look like the bad guy's but we have managed to evade those atemps also.
January 29, 2014

Michael Heroux said:

Privacy Commissioner Of Canada Part 2

My wife and I are concerned because Canada Post is being scaled back and it has got us worried. We use open source software for our operating system. In the last 5 years our privacy has been majorly violated. We are most concerned about our communications being sanitized. We no longer have control over who we can make contact with through electronic means. We can only contact people in person for representation so most people not within our city are off limits to us. We realize we are being followed and are being listened to in the privacy of our own home and our home has been entered numerous times when we are not home by intelligence but our means of communications are being sanitized. 5 years ago we noticed rootkits being installed on our operating systems and I was able to set up honey pots and found they were being installed by the military. Since, we switched to virtual machines from static medium verified with sha512sums (DEBIAN KNOPPIX) to get a malware free system each boot. The only website we use is Craigslist and we have met RCMP agents through Craigslist who wanted us to work for them to help them entrap people from terrorist to gangsters. We believe they were just looking for patsies though. I used to work for the RCMP over 20 years ago to infiltrate criminals and make arrests but I quit working for them because they wanted me to set people up that weren't even breaking the law. For the last 5 years we have used Gmail and we have had numerous internet suppliers and numerous Gmail accounts and we have noticed people we have been emailing and people emailing us have not been getting the emails even though Gmail says they have been sent. We use an SSL connection so our communications are encrypted. The same thing applies to our text messages, we have used Rogers for internet, text and phone for the last 5 years. We have noticed our posting on certains forums are not showing up or they are being deleted as we are writing them right before our eyes or our browsers are being closed as we are writing stuff. Our computers are being shut down and our cell phones are being shut down as we are trying to correspond with people. We have realized that people have been contacting us through our email and our cell phones claiming to be people we know like family members for instance but we know they are imposters. We have tried contacting Human and Civil Rights advocates through electronic means but have had no replies. We have even tried to contact legal representation through electronic means but have never heard anything back over the years. It sounds strange but a gunman was sent to kill us early last year but we managed to evade him. Shortly after that someone tried hiring a hitman through the SILK ROAD website to kill us. At first when the website was taken down by the FBI the owner said the hit was for a father of 3 from Vancouver but later he admitted it was for the whole family of 5, a husband, wife and 3 children. We have been poisoned numerous times in the last 5 years and I have numerous painful swollen lumps throughout my body. Strangers have come up to us on the streets and have told us I have cancer. I went to the emergency room last year because my brain was swelling in my head and my eyes were bulging and I was having severe headaches and the doctor didn't want to treat me and sent me home. Thanks for reading.
January 29, 2014

Chronoss said:

is meta data copyrightable?
i'd like to ask mike this:
As the meta data that the govt collects is unique when i do things and can only be done when i do stuff is it not then a creation of mine...and thus fall under new copyright legislation? As these people are PAID to collect it would not that mean COMMERCIAL COPYRIGHT INFRINGEMENT?

It would be akin to me writing a story but just about all the places i visit instead of what i did there....


January 31, 2014

Write comment
smaller | bigger

busy
Tags:
, , ,
Share: Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterEmailPrintPDF
Related Items: