Columns

Debating Surveillance and the Law in Canada

The recent stories about surveillance in the United States and Canada have generated increased debate in the media over the issue and I’ve been privileged to participate in several discussions. Last week, I sat down with Nick Taylor-Vaisey of Maclean’s to discuss the issue.  The full interview is now posted here.  Further, CBC’s Cross-Country Check-Up spent two hours discussing surveillance and privacy on Sunday’s show. I appeared as a guest at about the 54 minute mark.  Yesterday, I also participated in a far-ranging debate on surveillance and transparency on TVO’s The Agenda. The video version of the program should be online shortly, but in the meantime a podcast version is available.

Finally, my technology law column (Toronto Star version, homepage version) this week focuses again on the disconnect between 20th century laws and 21st century surveillance. It notes that revelations about secret surveillance in the United States involving both Internet-based communications and the collection of metadata from all cellphone calls immediately raised questions about the possibility of Canadian involvement or the inclusion of Canadian data. Given the common communication infrastructure and similarities between Canadian and U.S. laws, it seemed likely that Canada was engaged in much of the same activities. Within days, it was reported that Canada has its own metadata surveillance program, with the ministerial approval coming in 2011 from Defence Minister Peter McKay. The government has tried to downplay the public concern by focusing on two safeguards. First, it argues that its secret metadata surveillance program only targets foreign communications. Second, it notes that the data captured is metadata rather than content and therefore does not raise significant privacy issues. â€¨â€¨Neither response should provide Canadians concerned for their privacy with much comfort. Indeed, the emphasis on these two issues highlights how Canadian surveillance laws have failed to keep pace with current surveillance technologies.

The suggestion that Canadians are not affected by surveillance targeting foreign communications does not stand up to even mild scrutiny. The same claims are made by other intelligence agencies, with each claiming that they limit surveillance to foreign targets. However, information sharing between intelligence services is common, providing a backdoor mechanism to access information.

The prospect that U.S. surveillance becomes a key source for Canadian agencies, while Canadian surveillance supports U.S. agencies, does not strike anyone as particularly far-fetched. Wayne Easter, a former government minister with responsibility for CSIS, has said that such sharing is common. In other words, relying on the domestic-foreign distinction is necessary for legal compliance, but does not provide much assurance to Canadians that they are not being tracked.



Moreover, given the commingling of data through integrated communications networks and “borderless” Internet services residing on servers around the world, distinguishing between Canadian and foreign data seems like an outdated and increasingly impossible task. In fact, the reported decision to stop the Canadian surveillance program several years ago arose in part due to fears of overbroad surveillance. In the current communications environment, tracking Canadians seems inevitable and makes claims that such domestic surveillance is “inadvertent” increasingly implausible.

Assurances that metadata surveillance is less invasive than tracking the content of telephone calls or Internet usage also ring hollow. Metadata can include geo-location information, call duration, call participants, and Internet protocol addresses. While officials suggest that this information is not sensitive, there are many studies that have concluded otherwise. These studies have found that metadata alone can be used to identify specific persons, reveal locational data, or even disclose important medical and business information.


The problem is that surveillance technologies (including the ability to data mine massive amounts of information) have moved far beyond laws that were crafted for a much different world. The geographic or content limitations placed on surveillance activities by organizations such as CSEC may have been effective years ago when such activities were largely confined to specific locations and the computing power needed to mine metadata was not readily available.

That is clearly no longer the case. The law seeks to differentiate surveillance based on geography, but there is often no real difference with today’s technology. Moreover, the value of metadata is sometimes greater than the actual content of telephone conversations. The current law provides few privacy protections and ineffective oversight in the face of intelligence agencies investing billions of dollars in surveillance technologies and telecommunications and Internet companies providing assistance that remains subject to court-imposed gag orders.

The legal framework leaves Canadians with 20th century protections in a world of 21st century surveillance. If we genuinely believe in preserving some privacy in an environment where everyone’s cellphone call is tracked, we must be open to significant legislative reforms and increased oversight that better reflects the realities of modern-day communications surveillance.

11 Comments

  1. pat donovan says:

    info wars
    since ‘above the law’ parts one and two, the police state has been a function of the politics of the day.

    mulroney demanding 30 days notice for MPs BEFORE they get charged, for example.

    admin law growth, with all it’s problems (no evidence,lawyers, rules of law, planting evidence, etc)

    NOW there’s an info black-list with extortion galore. (Toronto mayor and the assignation of whoever held the tape, for example)

    death by scandel? blackmail? having your deals swept out from under you?

    welcome to the brave new world. watching the watchers is the least of the problems here.

    pat

  2. People quickly forget …
    Is privacy something we can expect, or even desire? Why does it matter? What harm is there in having our all our lives recorded and indexed in a database?

    Well nothing, unless you become the target. Recall, the ‘communist’ witch hunts mid last century? They were founded on much less.

    The bottom line is once collected, indexed and easily accessible, all it takes is a change in focus to fall on you. Anyone who thinks that is not a problem has never had to deal with Revenue Canada.

    They are not ‘listening’ to your calls, so why the fuss? Here is an article explaining why even ‘metadata’ today can be worse than a wiretap … http://falkvinge.net/2012/07/19/debunking-the-dangerous-nothing-to-hide-nothing-to-fear/

  3. One might easily ask: If the metadata is so useless, why bother?

    Americans in large measure are willing to give up privacy when “It helps prevent Muslims from killing Americans.”

  4. BitMessage
    https://bitmessage.org/wiki/Main_Page

    This open source software project is designed to prevent the collection of metadata and it encrypts messages.

  5. One resource, for all your freedom fighting needs…
    http://prism-break.org/ is an EFF site which lists dozens of anonymizing tools, from operating systems to browser plugins to websites to bitcoin alternatives.

  6. Technology
    I have little or no faith in the government to protect my rights, I do have faith in technology.

  7. 1984 is here. There is a lot that can be done to reverse things and I say arrest all those who spied on people and their communications without a warrant.

  8. BemusedLurker says:

    On metadata
    Does anyone have any faith in the fair and equal application of these new technologies.

    For instance, Over and Over again we hear about the “Muslim” problem being interdicted by information from this source. Why not the “white supremacists?” Why not the Military dictatorships in south America. Why not the Drug cartels? Why not Pierre Poutine? You can see why I am less than impressed by the state’s use of such tools; and just to insure clarity, state in this case does not apply to a single country.

    Ever since the west turned its back on the rule of law
    – condoning and accepting torture as a valid technique for the state to extract information at best, and as a method of inflicting none judicial punishment at worst
    – refusing to punish those responsible for the above policy
    fighting what are essentially undeclared wars through such means as drone strikes and assassinations

    Why would anyone who actually believes in the rule of law, without exception, especially in reference to the state which has the vast majority of the resources in any dispute, agree to provide a trove of data that would allow any government to cherry pick through to come up with its scapegoat of the year/month/day/minute/second – you pick the news cycle.

    We have unfortunately become a living parody of that inadvertent black view of the future – ROBOCOP

  9. If CSIS were to have scanners in all Canada Post sorting facilities to retrieve to and from addresses, sender and receiver, etc. people would be very upset. Why should we be less concerned about the trawling of our electronic communications? I don’t care if respecting my privacy puts spies out. I am ok with clear laws that allow surveillance coupled with overseers who have the power to fire people, to sound the alarm, and to lay charges, coupled with publicly available reporting.

  10. What makes you think CSIS doesn’t have access to Canada Post data?
    Ian, what makes you think CSIS /doesn’t/ have access to all to/from addresses in Canada Post data. Most physical mail routing is done via automation, which generates logs, and the trends are used to figure out how to assign planes and trucks appropriately. What makes you think CSIS doesn’t have access to these data? I’d be rather surprised if they didn’t, in fact. It’s probably been in place for ~30 years.

    The fact that “people would be very upset” is more a function of /knowing/ about the privacy intrusion, not whether or not the intrusion itself exists. That’s why the focus is always on whistleblowers, and the actual actions they revealed quickly forgotten when attention span shifts. Most of this stuff isn’t new, or specific to the media that happened to be described this time around.

  11. dwi lawyer
    A profoundly talented and master DUI legal counselor in Houston can additionally should supervise your case with the slightest measure of time and exertion. http://www.phoenixdwiattorney.com