Come back with a warrant by Rosalyn Davis (CC BY-NC-SA 2.0) https://flic.kr/p/aoPzWb
Anti-Lawful Access Tide Continues: Security Consultation Finds Public Strongly Opposed to New Reforms
Law enforcement efforts to revive lawful access reform continue to face political and public opposition. Earlier this month, the House of Commons Standing Committee on Public Safety and National Security recommended that the current approach remain unchanged. Indeed, Committee Chair Rob Oliphant said that police sought expanded powers, but that the argument was not yet “compelling.”
Public Safety’s report released last week on responses to its national consultation on security indicates that the broader public agrees. The issue drew the majority of feedback during the consultation:
Last month, I wrote about the recent initiative to revive lawful access, the rules that govern police access to Internet and subscriber information. A cybercrime working group has held consultations (I participated in one) as law enforcement seeks new powers for warrantless access to some ISP information (called “pre-cursor” data) and a new, lower threshold warrant for other subscriber data. While law enforcement has argued that the current system is broken, the House of Commons Standing Committee on Public Safety and National Security has recommended that the current approach remain unchanged.
The committee’s much anticipated report on developing a road map for national security contains dozens of recommendations (my colleague Craig Forcese reviews many of them) including one on lawful access. It states:
The federal government has yet to release its response to last year’s national security consultation, but at least one thing is increasingly apparent. Lawful access, the regulations that govern police access to Internet and telecom subscriber information, will be back on Public Safety Minister Ralph Goodale’s legislative agenda. My Globe and Mail column notes that the details of the complex new rules that would grant warrantless access to some telecom and Internet information system are still a work-in-progress, but the final outcome is sure to raise concerns with the privacy advocates as well as telecom and Internet providers.
A cybercrime working group comprised of senior officials from federal, provincial and territorial governments have spent months developing the new lawful access framework. It recently held two invitation-only consultations on the issue with Canadian telecom and Internet companies as well as civil society groups and academic experts. I participated in the latter event, which was held under Chatham House rules that allow for disclosure of the content of the meeting without attribution to specific commentators.
In the aftermath of the Snowden revelations in which the public has become largely numb to new surveillance disclosures, the Canadian reports over the past week will still leave many shocked and appalled. It started with the Ontario Provincial Police mass text messaging thousands of people based on cellphone usage from nearly a year earlier (which is not government surveillance per se but highlights massive geo-location data collection by telecom carriers and extraordinary data retention periods), continued with the deeply disturbing reports of surveillance of journalists in Quebec (which few believe is limited to just Quebec) and culminated in yesterday’s federal court decision that disclosed that CSIS no longer needs warrants for tax records (due to Bill C-51) and took the service to task for misleading the court and violating the law for years on its metadata collection and retention program.
The ruling reveals a level of deception that should eliminate any doubts that the current oversight framework is wholly inadequate and raises questions about Canadian authorities commitment to operating within the law. The court found a breach of a “duty of candour” (which most people would typically call deception or lying) and raises the possibility of a future contempt of court proceeding. While CSIS attempted to downplay the concern by noting that the data collection in question – metadata involving a wide range of information used in a massive data analysis program – was collected under a court order, simply put, the court found that the retention of the data was illegal. Further, the amount of data collection continues to grow (the court states the “scope and volume of incidentally gathered information has been tremendously enlarged”), leading to the retention of metadata that is not part of an active investigation but rather involves non-threat, third party information. In other words, it is precisely the massive, big data metadata analysis program feared by many Canadians.
Canada’s Privacy Failure: My Appearance Before the Standing Committee on Access to Information, Privacy & Ethics
I appeared last week before the Standing Committee on Access to Information, Privacy & Ethics as part of the committee’s review of the Privacy Act. My opening remarks highlighted several longstanding concerns with the legislation and then turned to three broader issues: Bill C-51’s information sharing provisions, transparency reporting, and the revival of lawful access issues.
My full prepared opening remarks are posted below:
Appearance before the House of Commons Standing Committee on Access to Information, Privacy & Ethics, September 29, 2016