Post Tagged with: "privacy"

Transparency by HonestReporting (CC BY-SA 2.0) https://flic.kr/p/owfMYY

Why Telecom Transparency Reporting in Canada Still Falls Short

Canadian telecom company privacy practices were back in the spotlight this month with the release of a transparency report from Rogers Communications. The report provides new insights into how much – or how little – Canadians know about when their personal information is disclosed to government agencies.

For Rogers customers, the good news is that recent changes in the law, including court decisions that set limits on the disclosure of mass data from cellphone towers and that protect Internet subscriber information – are having a significant effect. Law enforcement agencies are still able to obtain data on hundreds of thousands of people, but warrantless access to basic subscriber information has stopped.

My weekly technology law column (Toronto Star version, homepage version) notes that the latest Rogers report is the first from the company since the release in 2015 of telecom transparency guidelines that garnered support from the federal privacy commissioner, Industry Canada, and the telecom sector. The guidelines attempt to provide a common framework for disclosure so that the public will be better able to compare privacy protections and policies among Canada’s major telecom companies.

May 30, 2016 — 2 comments — Columns

Information security by Ervins Strauhmanis (CC BY 2.0) https://flic.kr/p/umPu7S

Why the FBI’s Apple iPhone Demands Are Rotten to the Core

The U.S. government’s attempt to invoke a centuries-old law to obtain a court order to require Apple to create a program that would allow it to break the security safeguards on the iPhone used by a San Bernardino terrorist has sparked an enormous outcry from the technology, privacy, and security communities.

For U.S. officials, a terrorism related rationale for creating encryption backdoors or weakening user security represents the most compelling scenario for mandated assistance. Yet even in those circumstances, companies, courts, and legislatures should resist the urge to remove one of the last bastions of user security and privacy protection.

My weekly technology law column (Toronto Star version, homepage version) argues that this case is about far more than granting U.S. law enforcement access to whatever information remains on a single password-protected iPhone. Investigators already have a near-complete electronic record: all emails and information stored on cloud-based computers, most content on the phone from a cloud back-up completed weeks earlier, telephone records, social media activity, and data that reveals with whom the terrorist interacted. Moreover, given the availability of all of that information, it seems likely that much of the remaining bits of evidence on the phone can be gathered from companies or individuals at the other end of the conversation.

March 1, 2016 — 4 comments — Columns

Vint Cerf by Joi Ito (CC BY 2.0) https://flic.kr/p/3LJLYj

The Trouble With the TPP, Day 28: Privacy Risks From the Source Code Rules

Yesterday’s Trouble with the TPP post examined some of the uncertainty created by the surprising e-commerce provision that involves restrictions on source code disclosures. KEI notes that governments have not been shy about requiring source code disclosures in other contexts, such as competition worries. Yet this rule will establish new restrictions, creating concerns about the implications in areas such as privacy. For example, security and Internet experts have been sounding the alarm on the risks associated with exploited wifi routers and pointing to source code disclosures as potential solution.

Dave Farber, former Chief Technologist of the Federal Communications Commission, warns:

February 10, 2016 — 3 comments — News

Untitled by kris krüg (CC BY-NC-ND 2.0) https://flic.kr/p/bsty4b

Why Canadian Telecom Companies Must Defend Your Right to Privacy

In today’s communications driven world, no one collects as much information about its customers as telecom companies. As subscribers increasingly rely on the same company for Internet connectivity, wireless access, local phone service, and television packages, the breadth of personal data collection is truly staggering.

Whether it is geo-location data on where we go, information on what we read online, details on what we watch, or lists identifying with whom we communicate, telecom and cable companies have the capability of pulling together remarkably detailed profiles of millions of Canadians.

My weekly technology law column (Toronto Star version, homepage version) notes that how that information is used and who can gain access to it has emerged as one the most challenging and controversial privacy issues of our time. The companies themselves are tempted by the prospect of “monetizing” the information by using it for marketing purposes, law enforcement wants easy access during criminal investigations, and private litigants frequently demand that the companies hand over the data with minimal oversight.

January 28, 2016 — 5 comments — Columns

No Spam by Thomas Hawk (CC BY-NC 2.0) https://flic.kr/p/y1JmD

The Trouble with the TPP, Day 15: Weak Anti-Spam Law Standards

The Trouble with the TPP and privacy, which includes weak privacy laws, restrictions on data localization, bans on data transfer restrictions, and a failure to obtain privacy assurances from the U.S., also includes the agreement’s weak anti-spam standards. Given the fact that nearly all TPP countries have some form of anti-spam law (with the exception of Brunei), the inclusion of anti-spam provision in the TPP was not surprising, yet the agreement sets the bar far lower than that found in many countries. Article 14.14 states:

Each Party shall adopt or maintain measures regarding unsolicited commercial electronic messages that:
(a) require suppliers of unsolicited commercial electronic messages to facilitate the ability of recipients to prevent ongoing reception of those messages;
(b) require the consent, as specified according to the laws and regulations of each Party, of recipients to receive commercial electronic messages; or
(c) otherwise provide for the minimisation of unsolicited commercial electronic messages.

The TPP provision features two key requirements: anti-spam laws that provide for a binding unsubscribe mechanism and some form of consent. Yet with the standard of consent left wide open, countries are free to adopt weak, ineffective standards and still comply with the TPP requirements. In fact, since spam raises global concerns that frequently requires cross-border co-operation, the TPP would have been an ideal mechanism to strengthen international anti-spam rules and enforcement.

January 22, 2016 — 4 comments — News