Yet Toews has not talked about a provision in Bill C-30 that creates a voluntary warrantless system that would allow police to ask for the content of emails or web surfing habits and allow ISPs to comply with the request without fear of liability. Section 487.0195 states the following:
(2) A person who preserves data or provides a document in those circumstances does not incur any criminal or civil liability for doing so.
This provision opens the door to police approaching ISPs and asking them to retain data on specified subscribers or to turn over any subscriber information – including emails or web surfing activities – without a warrant. ISPs can refuse, but this provision is designed to remove any legal concerns the ISP might have in doing so, since it grants full criminal and civil immunity for the disclosures.
While many would hope that ISPs would not hand over personal information without a warrant, revelations that they already provide customer name and address information about 95 percent of the time suggests that police have little to lose in asking for more detailed data preservation and disclosure. Bill C-30 increases the likelihood of “voluntary” warrantless disclosures, creating a legal framework that makes it easy and risk-free from a provider perspective.