My weekly Law Bytes column (Toronto Star version, homepage version) reports on government documents obtained under the Access to Information Act that provide some insight into how officials view, and have managed, Internet surveillance legislation. It uncovers a clear recognition of the negative public reaction to the lawful access proposals, a divide-and-conquer strategy for managing that reaction, and lingering internal doubts about the effectiveness of Canadian privacy legislation to address Internet privacy threats.
The negative public reaction is no secret to anyone who has followed the issue through the media. Indeed, a Department of Justice memorandum drafted just after the last federal election acknowledges that "although the public generally responds positively to the idea of 'getting tough on crime', proposals to introduce new investigative tools raise concerns about the surveillance powers of the state and the public’s underlying anxiety is heightened by the media and statements of privacy and civil liberties advocates." The memorandum continues by noting that "in the past, media coverage (albeit based on inaccurate and misleading interpretations) was highly critical and alarmist. Almost all stakeholders indicated generally that the lawful access proposals seemed to be moving ahead without the government having provided a convincing justification for the new measures."
With internal discussion focusing on public anxiety and critical media coverage, the issue may be well be viewed as a political liability that is best avoided by a minority government.
Should lawful access legislation be reintroduced, officials will be armed with detailed analysis of how stakeholder groups are likely to react.
Ottawa has twice consulted the public on the matter – a broad consultation in 2002 and a more limited, by-invitation only consultation with selected stakeholders in 2005. The Department of Justice commissioned a detailed analysis of the major stakeholder concerns and shifts in position between 2002 and 2005. That analysis, also released under the Access to Information Act, focuses specifically on the concerns of Canadian privacy commissioners and civil society groups.
The report sheds light into how the government has strategically sought to minimize stakeholder criticism. At least two proposals from 2002 became law in 2004 when they were quietly included in legislation designed to counter insider trading. The report notes that these changes had "low visibility" as few people realized that lawful access provisions were being implemented in this fashion.
Moreover, the decision to divide lawful access in two parts – the MITA and a Criminal Code reform package – had the effect of splitting opposition. The government enlisted Justice officials to consult with privacy and civil society groups on the Criminal Code reforms, while the telecommunications companies worked with Public Safety and Emergency Preparedness officials on MITA. The report concludes that the approach reduced the likelihood that privacy and civil society communities would join forces with the telecommunications industry in opposing lawful access. Given that "industry also has much more lobbying power than privacy commissioners and civil society. . . [those groups] will need to work harder to influence matters in 2006 than in 2002."
With the government working to diminish the effectiveness of the privacy community, it is particularly disheartening to learn that officials also recognize that Canadian privacy legislation suffers from serious shortcomings. A Department of Justice memorandum candidly notes that "current privacy laws may not be sufficient to protect Canadians' personal information," acknowledging that "federal privacy legislation is not responsive to new technologies, including the Internet, biometrics, data matching and data mining, video and infrared surveillance, the decoding of the human genome, the need for protection of genetic information and the ability to store and manipulate large personal data banks." Officials are open to reform, stating that "as the privacy and personal information of citizens and businesses is increasingly vulnerable in the online environment, substantive measures to protect personal information need to be considered." Potential solutions apparently considered by the Department of Justice include the establishment of a new Task Force on online privacy.
The column concludes that while a task force would be a step in the right direction, these government documents point to a simpler solution – rather than searching for ways to diminish the privacy community, officials should be actively working with them to identify reforms that protect both privacy and security.