Post Tagged with: "c-13"

Five Measures to Help Counter the Tidal Wave of Secret Telecom Disclosures

The House of Commons engaged in an extensive debate on privacy yesterday in response to an NDP motion that would require the government to disclose the number of warrantless disclosures made by telecom companies. I’ll have more on the debate shortly (it’s worth reading), but the government has made it clear that it will not be supporting the motion.

My weekly technology law column (Toronto Star version, homepage version) notes that the revelations of massive telecom and Internet provider disclosures of subscriber information generated a political firestorm with pointed questions to Prime Minister Stephen Harper in the House of Commons about how the government and law enforcement agencies could file more than a million requests for Canadian subscriber information in a single year.

The shocking numbers come directly from the telecom industry after years of keeping their disclosure practices shielded from public view. They reveal that Canadian telecom and Internet providers are asked to disclose basic subscriber information every 27 seconds. In 2011, that added up to 1,193,630 requests, the majority of which were not accompanied by a warrant or court order. The data indicates that telecom and Internet providers gave the government what it wanted – three providers alone disclosed information from 785,000 customer accounts.

The issue is likely to continue to attract attention, particularly since the government is seeking to expand the warrantless disclosure framework in Bill C-13 (the lawful access bill) and Bill S-4 (the Digital Privacy Act).

May 6, 2014 — 8 comments — Columns

Bill C-13: Podcast on Cyber-Bullying and Internet Surveillance Legislation

I appeared on The Docket podcast with Leo Russomanno and Michael Spratt to discuss the Conservative governments new cyber-bullying / internet surveillance legislation – Bill C-13.

May 2, 2014 — Comments are Disabled — ExtPodcasts

Is a Canadian Telco Allowing the Government To Mirror Its Subscriber Communications?

The recent revelations regarding massive telecom and Internet provider disclosures of subscriber information has generated a political firestorm with pointed questions yesterday to Prime Minister Stephen Harper in the House of Commons. While Harper tried to provide reassurances that warrants were obtained where necessary, the reality is that the law […]

May 1, 2014 — 8 comments — News

Canadian Telcos Asked to Disclose Subscriber Data Every 27 Seconds

Every 27 seconds. Minute after minute, hour after hour, day after day, week after week, month after month. Canadian telecommunications providers, who collect massive amounts of data about their subscribers, are asked to disclose basic subscriber information to Canadian law enforcement agencies every 27 seconds. In 2011, that added up to 1,193,630 requests. Given the volume, most likely do not involve a warrant or court oversight (2010 RCMP data showed 94% of requests involving customer name and address information was provided voluntarily without a warrant).

In most warrantless cases, the telecommunications companies were entitled to say no. The law says that telecom companies and Internet providers may disclose personal information without a warrant as part of a lawful investigation or they can withhold the information until law enforcement has obtained a warrant. According to newly released information, three telecom providers alone disclosed information from 785,000 customer accounts in 2011, suggesting that the actual totals were much higher. Moreover, virtually all providers sought compensation for complying with the requests.

These stunning disclosures, which were released by the Office of the Privacy Commissioner of Canada, comes directly from the telecom industry after years of keeping their disclosure practices shielded from public view. In fact, the industry was reluctant to provide the information to even the Privacy Commissioner.

According to correspondence I obtained under the Access to Information Act, after the Commissioner sent letters to the 12 biggest telecom and Internet providers seeking information on their disclosure practices, Rogers, Bell and RIM proposed aggregating the information to keep the data from individual companies secret. The response dragged on for months, with Bell admitting at one point that only four providers had provided data and expressing concern about whether it could submit even the aggregated response since it would be unable to maintain anonymity [I’ve released the full ATIP I received here].

April 30, 2014 — 29 comments — News

Who Needs Lawful Access?: Cdn Telcos Hand Over Data on Thousands of Subscribers Without a Warrant

The debate over Bill C-13, the government’s latest lawful access bill, is set to resume shortly. The government has argued that the bill should not raise concerns since new police powers involve court oversight and the mandatory warrantless disclosure provisions that raised widespread concern in the last bill have been removed. While that is the government’s talking points, I’ve posted on how this bill now includes incentives for telecom companies and other intermediaries to disclose subscriber information without court oversight since it grants them full civil and criminal immunity for doing so. Moreover, newly released data suggests that the telecom companies don’t seem to need much of an incentive as they are already disclosing subscriber data on thousands of Canadians every year without court oversight.

This week, the government responded to NDP MP Charmaine Borg’s request for information on government agencies requests to telecom providers for customer information. The data reveals that the telecom companies have established law enforcement databases that provides ready access to subscriber information. For example, the Competition Bureau reports that it “accessed the Bell Canada Law Enforcement Database” 20 times in 2012-13. The wording may be important, since the Bureau indicates that it accessed the information, rather than Bell provided it. It is not clear what oversight or review is used before a government agency may access the Bell database.

March 26, 2014 — 18 comments — News