Michael Geist

Latest Posts

Anonymity; and the Internet. by Stian Eikeland (CC BY-NC-SA 2.0) https://flic.kr/p/6CCWXH

Ontario Provincial Police Recommend Ending Anonymity on the Internet

The Standing Senate Committee on Legal and Constitutional Affairs began its hearings on Bill C-13, the lawful access/cyberbullying bill last week with an appearance from several law enforcement representatives. The Ontario Provincial Police was part of the law enforcement panel and was asked by Senator Tom McInnis, a Conservative Senator from Nova Scotia, about what other laws are needed to address cyberbullying. Scott Naylor of the OPP responded (official transcript not yet posted online):

If the bag was open and I could do anything, the biggest problem that I see in the world of child sexual exploitation is anonymity on the Internet. When we get our driver’s licence we’re required to get our picture taken for identification. When you get a mortgage you have to sign and provide identification. When you sign up for the Internet, there is absolutely no requirement for any kind of non-anonymity qualifier. There are a lot of people who are hiding behind the Internet to do all kinds of crime, including cybercrime, fraud, sexual exploitation and things along those lines.

The Internet is moving so quickly that law enforcement cannot keep up. If there were one thing that I would ask for discussion on is that there has to be some mechanism of accountability for you to sign on to an Internet account that makes it like a digital fingerprint that identifies it to you sitting behind the computer or something at that time. There are mechanisms to do it, but the Internet is so big and so vast at this point, and it’s worldwide, I’m not sure how that could happen, but that would certainly assist everybody. In that way I can make a digital qualification that that’s the person that I’m talking to. If I had one choice, that’s what I would ask for.

November 10, 2014 — 39 comments — News

Sierra Wireless Compass 597 by Scott Beale / Laughing Squid (CC BY-NC-ND 2.0) http://laughingsquid.com/

The CCTS Report on Wireless Code Violations: When Is Data on a Data Stick an “Add On”?

The Commissioner for Complaints for Telecommunications Services released his annual report yesterday resulting in a wide range of interpretations with some citing improved customer service due to an overall decline in complaints, others focusing on declining customer service owing to an increase in complaints from misleading contractual terms, and yet others pointing to the CRTC Wireless Code as the reason behind the overall decline in complaints.

Despite some improvement in service, the most notable aspect of the report is a review of compliance with the wireless code. With the code now fully operational, there is simply no excuse for carrier non-compliance. Yet the data suggests that there are numerous confirmed breaches. Bell is easily the most notable company when it comes to failure to comply with the code: when you combine Bell Canada, Virgin Mobile (which it owns), and Northern Tel (which it now also owns), 2/3 of the confirmed breaches all come from the same source. In other words, every few weeks, Bell Canada or one of its companies had a confirmed breach of the wireless code.

November 5, 2014 — Comments are Disabled — News

DSC_0110 Minister of Canadian Heritage and Official Languages James Moore by Heather (CC BY 2.0) https://flic.kr/p/6BbzwP

Why the Digital Privacy Act Will Expand Personal Information Disclosure Without Court Oversight

My column this week on warrantless access to personal information under Canadian law noted that Bill S-4, the Digital Privacy Act, will expand the likelihood warrantless disclosures between private organizations. As I posted recently:

Bill S-4 proposes that:

“an organization may disclose personal information without the knowledge or consent of the individual… if the disclosure is made to another organization and is reasonable for the purposes of investigating a breach of an agreement or a contravention of the laws of Canada or a province that has been, is being or is about to be committed and it is reasonable to expect that disclosure with the knowledge or consent of the individual would compromise the investigation;

Unpack the legalese and you find that organizations will be permitted to disclose personal information without consent (and without a court order) to any organization that is investigating a contractual breach or possible violation of any law. This applies both past breaches or violations as well as potential future violations. Moreover, the disclosure occurs in secret without the knowledge of the affected person (who therefore cannot challenge the disclosure since they are not aware it is happening).

November 4, 2014 — 6 comments — News

Come back with a warrant by Rosalyn Davis (CC BY-NC-SA 2.0) https://flic.kr/p/aoPzWb

Warrantless Access to Subscriber Information: Has the Tide Turned on Canada’s Privacy Embarrassment?

In a year in which privacy issues have captured near weekly headlines, one concern stands out: warrantless access to Internet and telecom subscriber information. From revelations that telecom companies receive over a million requests each year to the Supreme Court of Canada’s landmark decision affirming that there is a reasonable expectation of privacy in subscriber information, longstanding law enforcement and telecom company practices have been placed under the microscope for the first time.

Last week, the Privacy Commissioner of Canada released a report that shed further light on the law enforcement side of warrantless disclosure requests, raising disturbing questions about the lack of record keeping and politically motivated efforts to drum up data on the issue.

My weekly technology law column (Toronto Star version, homepage version) notes that the Office of the Privacy Commissioner of Canada notified the Royal Canadian Mounted Police last October that it was planning to conduct preliminary investigative work on the collection of warrantless subscriber information from telecom companies. The plan was to assess RCMP policies and to determine the frequency and justification for warrantless requests.

November 3, 2014 — 5 comments — Columns

The Fifth Eye by Dustin Ginetz (CC BY-NC-SA 2.0) https://flic.kr/p/id9KHn

Canada’s New “Anti-Terrorism” Bill: Responding to the Courts, Not the Attacks

The government yesterday introduced Bill C-44, the Protection of Canada from Terrorists Act. While some were expecting significant new surveillance, decreased warrant thresholds, and detention measures, this bill is a response to several court decisions, not to the attacks last week in Ottawa and Quebec. A second bill – which might use the U.K. legislative response to terror attacks as a model – is a future possibility, but policy decisions, cabinet approval, legal drafting, and constitutional reviews take time.

Bill C-44, which was to have been tabled on the day of the Ottawa attack, responds to two key issues involving CSIS, Canada’s domestic intelligence agency. The first involves a federal court case from late last year in which Justice Richard Mosley, a federal court judge, issued a stinging rebuke to Canada’s intelligence agencies (CSEC and CSIS) and the Justice Department, ruling that they misled the court when they applied for warrants to permit the interception of electronic communications. Mosley’s concern stemmed from warrants involving two individuals that were issued in 2009 permitting the interception of communications both in Canada and abroad using Canadian equipment. At the time, the Canadian intelligence agencies did not disclose that they might ask their foreign counterparts (namely the “five eyes” partners in the U.S., U.K., Australia, and New Zealand) to intercept the foreign communications.

October 28, 2014 — 7 comments — News