Bill C-2, the government’s proposed lawful access legislation, has been the subject of several prior episodes covering warrantless disclosure of information as part of the new information demand power in Part 14 of the bill as well as some of the surveillance technology capabilities found in Part 15. Those remain major issues, but there is another element of the bill that deserves greater attention, particularly at this moment when the Canada – US relationship is increasingly fraught. That issue involves mandated data sharing with implications for Canada’s international treaty obligations under the “Second Additional Protocol” to the Budapest Convention as well as the US Cloud Act. Kate Robertson, a lawyer and senior research associate at the Citizen Lab in the Munk School at the University of Toronto, wrote an extensive brief on these issues soon after the bill was introduced. She joins the Law Bytes podcast to talk about a critical Bill C-2 issue that has thus far attracted limited attention.
Post Tagged with: "c-2"
Government Doubles Down in Defending Bill C-2’s Information Demand Powers That Open the Door to Warrantless Access of Personal Information
The return of the House of Commons from the summer break brings with it a resumption of debate on government bills. Topping the list this week is Bill C-2, the omnibus border measures bill, that buries dangerous lawful access provisions that open the door to warrantless access to personal information and increased surveillance capabilities in Canadian networks. I wrote multiple posts on the privacy concerns before the summer (here, here, here, here, here, and here), expressing concern not only with the substantive provisions but also with a bill that combines everything from border measures to restrictions on cash transactions to warrantless access for law enforcement to personal information. The risk is that no issue will get sufficient attention as major issues get lost among the myriad of disparate provisions. For that reason, the lawful access provisions in Parts 14 and 15 in the bill should be removed and contained, if at all, within a separate bill.
The Law Bytes Podcast, Episode 238: David Fraser on Why Bill C-2’s Lawful Access Powers May Put Canadians’ Digital Security At Risk
The Bill C-2 lawful access focus has thus far primarily centred on the creation of a new warrantless information demand power and the expansion of production orders to access information. Those provisions are found in Part 14 of the bill, but there is also a Part 15 that requires closer scrutiny. It grants law enforcement access to electronic service provider networks, including inspection, oversight, and demands regarding the equipment on their networks. At issue is everything from the use of end-to-end encryption to notifications of network vulnerabilities.
David Fraser is one of Canada’s leading privacy lawyers and he’s been sounding the alarm on the implications of those provisions. He joins the Law Bytes podcast to talk about the implications of Part 15 – aka the Supporting Authorized Access to Information Act – and what it means for network providers and the safety, security, and privacy of Canadians.
Why Bill C-2 Faces a Likely Constitutional Challenge By Placing Solicitor-Client Privilege at Risk
The government’s inclusion of warrantless information demand powers in Bill C-2 has attracted mounting concern, particularly the stunning decision to target everyone who provides services in Canada which creates near limitless targets for warrantless disclosure demands. Department of Justice officials have confirmed that Bill C-2 extends far beyond just telecom companies to services such as financial institutions, car rental companies, and hotels. The inclusion of professional services that frequently face strict confidentiality obligations deserves greater scrutiny as the approach virtually guarantees a constitutional challenge alongside the challenge on privacy grounds in light of the previous Supreme Court of Canada rulings in Spencer and Bykovets.
The implications for the legal community, who face strict solicitor-client confidentiality requirements, are particularly notable. Under Bill C-2, lawyers could be compelled to confirm whether they have provided services to client, whether they have information about the client, and when they provided the service, including when a person became a client. If they are aware of other service providers, they must provide that information as well. These disclosure demands come without a warrant or court oversight and lawyers could be barred from advising their clients about the demand for a year. Lawyers would undoubtedly seek to challenge the demand, but would only have five days to do so.
Lawful Access on Steroids: Why Bill C-2’s Big Brother Tactics Combine Expansive Warrantless Disclosure with Unprecedented Secrecy
Earlier this week, I wrote about how the government’s inclusion of warrantless information demand powers in Bill C-2 may make this the most dangerous lawful access proposal yet, exceeding even the 2010 bill led by Conservative Public Safety Minister Vic Toews. The post emphasized the broad scope of the information demand power. Unlike prior lawful access proposals that targeted telecom and Internet companies, Bill C-2 targets anyone that provides a service to the public. This could include physicians, lawyers, accountants, financial institutions, hotels, car rental companies, libraries, and educational institutions. The list literally never ends. Each of these service providers could be compelled to confirm whether they have provided services to any subscriber, client, account, or identifier. They must also disclose whether they have any information about the subscriber, client, account or identifier as well as advise where and when they provided the service. On top of that, they must advise when they started providing the service and list the names of any other person that may have provided other services. All without a warrant or court oversight.
Department of Justice officials provided a briefing on the provisions yesterday and confirmed this reading of the bill. Officials acknowledged that Bill C-2 extends far beyond just telecom companies to services such as financial institutions, car rental companies, and hotels. When asked about hospitals, physicians, and other health professionals, the officials affirmed that they were covered as well (officials claimed that there would still be the need for a criminal investigation, but that is incorrect since this applies to any Act of Parliament, not just the Criminal Code).
Recent Posts
Heads They Win, Tails We Lose: What Lies Behind the U.S. Trade Battle For Control over Data 
Still Not a Privacy Law: Bill C-25’s Political Party Privacy Provisions Fall Short Again 
Could Bill C-22 Make Canadians Less Safe? The Systemic Vulnerability Gap in Canada’s New Surveillance Law 
Why the Verdict on Social Media Defective Design Harming Children Gets the Instinct Right But the Law Wrong 
Scoping in the Tech Giants: Bill C-22’s International Production Order and the Shift to a Less Privacy-Protective Cross-Border Disclosure System
