Telcos on Lawful Access: Primary Concern is Who Pays

Last week, I posted about a recent Justice Committee report that includes recommendations that would expand Bill C-30, the lawful access/online surveillance bill, in several important ways.  Toward the end of the post is a comment from Bell on the issue. While the source article is no longer available online – it appears to have been pulled – the company spokesperson states:

“Our primary concern in this area has always been the capacity of industry to implement any new requirements and who bears the cost.”

The message from Bell that it prioritizes cost on the lawful access issue should not come as a surprise. For years, the telecom and Internet provider community have focused most of their attention on the costs associated with divulging subscriber information or responding to other law enforcement requests. While recouping the costs associated with installing new surveillance-capable equipment is an obvious issue, the potential to turn subscriber information disclosures into a new revenue source is particularly troubling.

In 2006, ITAC, the Canadian Chamber of Commerce, CAIP, and the Canadian Wireless Telecommunications Association responded to the original lawful access bill by emphasizing the need to address compensation for provider costs. The concerns focused on three cost issues: mandated capability before the development of technical standards, operational costs, and a transition period. The first concern pointed to the problem of mandating surveillance capabilities. The associations argued that carriers would cover the costs of normal upgrades, but that customized solutions that extended beyond typically available equipment should be compensated by the government. The transition period concern was similarly focused on meeting normal equipment upgrade cycles.

On compensation for operational costs, the associations adopted the position that they should be compensated for all disclosures, including the disclosures of subscriber information under the mandatory warrantless model. A year later, the CWTA went further, telling Public Safety that “unless our legitimate concerns are addressed, it will be difficult for the industry to support this important initiative going forward.” Given the tens of thousands of disclosures that occur every year (most presumably without compensation), this could turn into a new source of revenue.

Despite years of wrangling over the cost issue, the government still has not decided how to handle the issue. Law enforcement previously proposed a levy on subscriber bills and a recent briefing note obtained under Access to Information for Public Safety Minister Vic Toews produced after Bill C-30 was introduced notes the issue is still unresolved with the talking point that “my Department is working in concern with the RCMP, CSIS, and several other agencies and departments to develop a fee schedule that will be fair for all parties.” No one knows what that means – it could mean payments for assistance on warrants that involve surveillance of subscribers, payments for disclosure of subscriber information, or payments for surveillance equipment installations. The likely outcome, however, is that the major telecom and Internet providers will trade support of the bill for payments to cover their costs, leaving subscribers stuck with less privacy and ultimately footing the bill.


  1. Bell — “Do Know Evil”

  2. Yea…
    I can see it now:

    You can now access our subscriber’s information for the price of 10$. If you buy 5, you get 1 free!

  3. Hell froze over…
    I agree with Bell, however it’s unfortunate that that is their only objection. It costs time, money and resources for each request, therefore they should be compensated for that. In an industry where the cost of EVERYTHING is carefully calculated, why should the government get a “free pass” when nobody else does? It should cost the police money, even on a per-request basis. It’s fair, and it would prevent excessive and superfluous information requests.

  4. Dinsdale Piranha says:

    I think a larger question- beyond cost and who pays- is does the technology even exist for such online surveillance to be even feasible? They are talking about collection data from millions of subscribers-every single day for who knows how long. Even if such a record could be compiled and retained- what sort of guarantee do we have it would remain secure?

  5. I agree with Bell
    Bell’s job is to advocate on behalf of their shareholders, and to that extent the are doing well. What we explicitly do *not* want is for Bell to be making value judgments about privacy. While it might feel good to have them agree with you, it is the job of Parliament to write laws, not corporations.

  6. At one time
    Various forms of the lawful access legislation have been around for some time. For instance, at some point in the ’90s, if I remember correctly, the telcos were required to provide access for warranted wiretap information. Since there was costs involved there, who paid in that situation? I know that the warrant holder, if they weren’t recording on site, had to pay for transport of the live intercept.

    Dinsdale, I do something similar to what law enforcement wants occasionally as part of my job. Certainly the tools are a bit more rudimentary than what would be needed for evidence collection, however with a tool like the freely available wireshark I can record traffic to/from a specific IP address, of a specific type, etc. In fact, a couple of years ago I was using wireshark to help debug a communications issue. Remember, even with the proposed legislation the police can’t just go on a fishing expedition; to get actual intercept they need a warrant under the proposed legislation. As such, we aren’t talking about recording all traffic of all subscribers, it is more like all traffic of selected subscribers. If they need to pay for transport to a collection point, the cost involved there would also be a limiting factor in the number of taps active (police budgets are not unlimited).

  7. Ray Saintonge says:

    The simple fact that the industry refers to this as an “important initiative” is worrisome.

  8. Why will no Canadian firm step like these folks in the US: – surely there are enough technically savvy IT people, legal minds and civil society folks here to get something like this up and running. Sooner rather than later, one would hope …

  9. We don’t need this
    because they could just get all the info they want from here soon anyway:

  10. probably in the backrooms in Canada too says:

    almost related side issue
    US slams Australia’s on-shore cloud fixation

    The United States’ global trade representative has strongly criticised a perceived preference on the part of large Australian organisations for hosting their data on-shore in Australia, claiming it created a significant trade barrier for US technology firms and was based on a misinterpretation of the US Patriot Act.

    The Office of the United States Trade Representative (USTR), recently released “The 2012 National Trade Estimate Report on Foreign Trade Barriers (NTE),” that surveys significant foreign barriers to US exports. The issue of cloud computing was a major barrier, it was felt.