Two shocking terror attacks on Canadian soil, one striking at the very heart of the Canadian parliament buildings and both leaving behind dead soldiers. Office buildings, shopping centres, and classrooms placed under lockdown for hours with many confronting violence first hand that is rarely associated with Canada.
Last week’s terror events will leave many searching for answers and seeking assurances from political and security leaders that they will take steps to prevent it from happening again. There will be an obvious temptation to look to the law to “fix” the issue, and if the past is a guide, stronger anti-terror legislation and warnings that Canadians may need to surrender more of their privacy and civil liberties in the name of greater security will soon follow.
My weekly technology law column (Toronto Star version, homepage version) notes that if there are legal solutions that would help foster better security, they should unquestionably be considered. Yet Canada should proceed with caution and recognize that past experience suggests that the unintended consequences that may arise from poorly analyzed legislation may do more harm than good.
The Canadian experience with lawful access reform provides an instructive lesson in how knee-jerk legislative responses rarely provide the desired solutions. Lawful access bills began appearing soon after the events of 9-11 with the initial bills envisioning the creation of a massive surveillance infrastructure. It featured provisions mandating that Internet providers disclose detailed personal information on subscribers and requiring them to install extensive surveillance equipment on their networks.
The public expressed disapproval with the proposals, raising serious questions about the lack of evidence to support claims the legislation would address actual law enforcement problems, the associated costs, and the implications for striking a reasonable balance between security needs and privacy safeguards.
Lawful access has remained a hot button issue, but successive bills have gradually retreated from those early plans. Bill C-13, the latest lawful access bill (labelled as cyber-bullying legislation), has generated well-deserved criticism, yet many of the most invasive provisions have been removed. As the bill heads for Senate review, there is still room for improvement, but even the fiercest critic must acknowledge that many of the biggest privacy concerns have been addressed.
New anti-terrorism legislation is next on the legislative docket. The forthcoming bill is ostensibly a response to last year’s federal court decision that rebuked Canada’s intelligence agencies (CSEC and CSIS) and the Justice Department for misleading the court when they applied for warrants to permit the interception of electronic communications.
Justice Mosley, a former official with the Justice Department who was involved with the creation of the Anti-Terrorism Act, expressed concern about warrants involving two individuals that were issued in 2009 permitting the interception of communications both in Canada and abroad using Canadian equipment. At the time, the Canadian intelligence agencies did not disclose that they might ask their foreign counterparts (namely the “five eyes” partners in the U.S., U.K., Australia, and New Zealand) to intercept the foreign communications.
The government appealed Mosley’s decision, but the Federal Court of Appeal ruling has not been publicly released. Many observers suspect that the government lost the appeal and plans to use legislative changes to address issues related to interceptions and information sharing.
In the aftermath of the Canadian terror attacks, there will likely be calls to go even further, granting police and intelligence agencies more powers. But before we look to the law to address our security concerns, a better understanding of the possible security and intelligence failures that may have contributed to the terror attacks is needed. If agencies are not effectively using their current powers, more powers will do little to remedy the current situation.
Moreover, legislative reforms must also address Canada’s weak oversight and accountability mechanisms. One of the glaring problems with Canada’s current system is the lack of oversight: limited Parliamentary review, long delays in issuing reports from the CSEC Commissioner, and sporadic public revelations about the operations of Canada’s security and intelligence agencies.
Notwithstanding the urge to “do something”, Canada should be cautious about looking to more laws as the primary means to prevent a repeat of this week’s tragic events and ensure that any reforms that emerge be accompanied by effective oversight and accountability.