My first post on the privacy threats in Bill C-13 focused on the voluntary disclosure of personal information and the complete civil and criminal immunity granted to intermediaries such as ISPs and telecom companies that provide such disclosures. This post focuses on the low threshold the bill establishes for a new “transmission data” warrant and explains why this represents a serious privacy risk.
The bill defines transmission data as data that:
(a) relates to the telecommunication functions of dialling, routing, addressing or signalling;
(b) is transmitted to identify, activate or configure a device, including a computer program as defined in subsection 342.1(2), in order to establish or maintain access to a telecommunication service for the purpose of enabling a communication, or is generated during the creation, transmission or reception of a communication and identifies or purports â€¨to identify the type, direction, date, time, duration, size, origin, destination or termination of the communication;
(c) does not reveal the substance, meaning or purpose of the communication.
The bill creates a new warrant that allows a judge to order the disclosure of transmission data where there are reasonable grounds to suspect that an offence has been or will be committed, the identification of a device or person involved in the transmission will assist in an investigation, or will help identify a person. The government relies on the fact that this is a warrant with court oversight to support the claim that Canadians should not be concerned by this provision. Yet the reality is that there is reason for concern as the implications of treating metadata as having a low privacy value is enormously troubling.