The Citizen Lab at the University of Toronto, led by Professor Ron Deibert, has a well-earned reputation for uncovering surveillance technologies and security vulnerabilities with research and reports that attract immediate attention worldwide. Professor Deibert has won an incredible array of awards and accolades for his remarkable work, including the Order of Ontario and the EFF’s Pioneer Award. In 2020, he delivered the Massey Lectures, based on his book for the lectures, Reset: Reclaiming the Internet for Civil Society. Professor Deibert joins the Law Bytes podcast to talk about the lab, his work, and the threat of what he calls “despotism as a service”, where spyware is used to target journalists, activists, and civil society groups.
Post Tagged with: "Spyware"
The Law Bytes Podcast, Episode 114: The Citizen Lab’s Ron Deibert on Protecting Society from Surveillance Software
On May 17, 2005, the National Task Force on Spam, which included stakeholders from the across the spectrum including the Canadian Marketing Association, ITAC, Bell, CAIP, and consumer groups, presented its final report to then-Industry Minister David Emerson. The unanimous report included the following recommendation:
There should be an appropriate private right of action available to persons, both individuals and corporations. There should be meaningful statutory damages available to persons who bring civil action.
The inclusion of a private right of action was no small matter. I was a member of the Task Force and recall discussion of lawsuits launched in the United States by large ISPs and Internet companies such as Microsoft and Amazon that had proven effective. It took nine years for the task force recommendations to become law when all parties – Conservative, Liberal, NDP and Bloc – supported the resulting legislation. The private right of action provision was to have taken an additional three years as the Conservative government chose to delay its implementation until July 2017 to give businesses three years to ensure compliance with Canada’s anti-spam law.
Yesterday, Innovation, Science and Economic Development Minister Navdeep Bains indefinitely suspended the private right of action before it could take effect. In doing so, Bains blocked important consumer redress for harmful spam and spyware that would have supplemented enforcement efforts overwhelmed by spam complaints. Bains indicated that the statutorily-mandated review of the law, which is required after three years, will be used to assess the law and the private right of action (the Canadian Federation of Independent Business holds out hope that it will be struck down permanently).
The Internet is buzzing over a new report from the Commission on the Theft of American Intellectual Property that recommends using spyware and ransom-ware to combat online infringement. The recommendations are shocking as they represent next-generation digital locks that could lock down computers and even “retrieve” files from personal computers:
Software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account.
While many of the recommendations sound outrageous (see further details here and here), it is worth noting that earlier this year Canadian business groups led by the Canadian Chamber of Commerce recommended that the Canadian government introduce a regulation that would permit the use of spyware for these kinds of purposes.
The business opposition to Canada’s anti-spam legislation has added an unlikely supporter: the Canadian Recording Industry Association, now known as Music Canada. The organization has launched an advocacy campaign against the law, claiming that it “will particularly hurt indie labels, start-ups, and bands struggling to build a base and a career.” Music Canada is urging people to tweet at Canadian Heritage Minister James Moore to ask him to help bands who it says will suffer from anti-spam legislation.
Yet Music Canada’s specific examples mislead its members about the impact of the legislation. The organization offers seven examples posted below in italics (my comments immediately follow):
For the past month, business groups from across the country have waged an extraordinary campaign against Canada’s anti-spam legislation. With the long overdue law likely to take effect by year-end, groups such as the Canadian Chamber of Commerce, the Canadian Federation of Independent Business, and the Canadian Marketing Association, have launched an all-out blitz to carve out large loopholes in the law and exempt highly questionable conduct.
My weekly technology law column (Toronto Star version, homepage version) notes that the business groups’ chief concern is that the law moves Canada toward a stricter “opt-in” privacy approach that requires marketers to obtain customer consent before sending commercial electronic messages. The move will provide Canadians with greater control over their in-boxes, while also resulting in more effective electronic marketing campaigns for businesses.