While much of the focus on lawful access and subscriber information has centred on the reduced standards for obtaining an order for such information from Canadian telecom and Internet providers, there is another new production order deserving of attention (see earlier posts on domestic subscriber information standards and mandatory metadata retention). Bill C-22 introduces a new mechanism for Canadian courts to authorize police to request subscriber information and transmission data held outside the country directly from foreign platforms such as Google, Meta, and other services that provide communications services to the public. The provision is presented as a tool to modernize cross-border investigations, but in practice, it is likely to reduce privacy safeguards.
Post Tagged with: "lawful access"
The Law Bytes Podcast, Episode 263: The Lawful Access Act Roundtable With David Fraser and Robert Diab
Lawful access is back. The decades-long battle has entered a new phase with the introduction of Bill C-22, the Lawful Access Act. This bill follows last spring’s attempt to bury lawful access provisions in Bill C-2, a border measures bill. The latest bill covers the two main aspects of lawful access: law enforcement access to personal information held by communication service providers such as ISPs and wireless providers, and the development of surveillance and monitoring capabilities within Canadian networks.
To discuss the latest iteration of lawful access, I’m joined on the Law Bytes podcast by David Fraser and Robert Diab for a roundtable discussion of the key elements of the proposed legislation. David is one of Canada’s leading privacy lawyers and a partner with McInness Cooper in Halifax, and Robert is a law professor at Thompson Rivers University in BC and the co-author of a book on search and seizure law.
The Hidden Lawful Access Tradeoff: How Bill C-22 Lowers the Evidentiary Standards for Police Access to Subscriber Information
The return of lawful access in Bill C-22 has unsurprisingly focused on the government’s significant shift on warrantless access to subscriber information, which was the headline concern with Bill C-2, the previous lawful access proposal. As noted in my initial summary of the bill, Bill C-22 establishes court oversight for subscriber information with the warrantless access piece limited to requiring telecom companies to confirm whether they provide service to a given individual. That is a positive step, but there is a tradeoff, namely that the evidentiary standard needed to obtain an order for access to subscriber information is actually being lowered.
The Lawful Access Privacy Risks: Unpacking Bill C-22’s Expansive Metadata Retention Requirements
Much of the discussion around the new lawful access bill (Bill C-22) has focused on provisions that improved upon Bill C-2, notably the decision to scrap the warrantless information demand power by requiring judicial oversight for access to subscriber information. Yet despite that improvement, there remain serious privacy concerns with the government’s latest iteration of lawful access. Buried in the second half of Bill C-22 is a provision granting the government the power to require “core providers” to retain categories of metadata, including transmission data, for up to one year. This is mandatory metadata retention that would require telecom and electronic service providers to store information about the communications of all their users, regardless of whether those users are suspected of anything. It is one of the most privacy invasive tools a government can deploy and the international experience suggests that there are major privacy risks.
A Tale of Two Bills: Lawful Access Returns With Changes to Warrantless Access But Dangerous Backdoor Surveillance Risks Remain
The decades-long battle over lawful access entered a new phase yesterday with the introduction of Bill C-22, the Lawful Access Act. This bill follows the attempt last spring to bury lawful access provisions in Bill C-2, a border measures bill that was the new government’s first piece of substantive legislation. The lawful access elements of the bill faced an immediate backlash given the inclusion of unprecedented rules permitting widespread warrantless access to personal information. Those rules were on very shaky constitutional ground and the government ultimately decided to hit the reset button on lawful access by proceeding with the border measures in a different bill.
Lawful access never dies, however. Bill C-22 cover the two main aspects of lawful access: law enforcement access to personal information held by communication service providers such as ISPs and wireless providers and the development of surveillance and monitoring capabilities within Canadian networks. In fact, the bill is separated into two with the first half dealing with “timely access to data and information” and the second establishing the Supporting Authorized Access to Information Act (SAAIA).
Recent Posts
Why the Verdict on Social Media Defective Design Harming Children Gets the Instinct Right But the Law Wrong 
Scoping in the Tech Giants: Bill C-22’s International Production Order and the Shift to a Less Privacy-Protective Cross-Border Disclosure System 
The Law Bytes Podcast, Episode 263: The Lawful Access Act Roundtable With David Fraser and Robert Diab 
When Writing About Antisemitism Proves the Point: What the Replies Reveal 
Acting on Antisemitism: If This Was Always Possible, Why Didn’t It Happen Sooner?
