As discussed in the last entry, Bill C-61 includes an exception for encryption research much like the U.S. DMCA. The U.S. DMCA exception has been widely criticized as providing insufficient legal protection for legitimate encryption research, leading to significant concerns in the research community about the prospect for liability. The Canadian provision is little better. In both cases it requires the researcher to inform the target about plans for circumvention for research purposes. The Canadian bill substitutes a requirement of "good faith effort to obtain authorization" in the U.S. law for a notice requirement ("the person has informed the owner of the copyright in the work . . . who has applied the technological measure"), notice and/or authorization are unnecessary and potentially chilling.
The exception already includes a condition that "it would not be practical to carry out the research without circumventing the technological measure" and that the person has "lawfully obtained the work," so the researcher has a legal copy and must pass a necessity barrier. The inclusion of an additional notice requirement should be dropped since it has little to do with copyright protection, yet creates a possible barrier for researchers who need to do encryption research without telegraphing their plans to the target organization.