In the aftermath of the Snowden revelations in which the public has become largely numb to new surveillance disclosures, the Canadian reports over the past week will still leave many shocked and appalled. It started with the Ontario Provincial Police mass text messaging thousands of people based on cellphone usage from nearly a year earlier (which is not government surveillance per se but highlights massive geo-location data collection by telecom carriers and extraordinary data retention periods), continued with the deeply disturbing reports of surveillance of journalists in Quebec (which few believe is limited to just Quebec) and culminated in yesterday’s federal court decision that disclosed that CSIS no longer needs warrants for tax records (due to Bill C-51) and took the service to task for misleading the court and violating the law for years on its metadata collection and retention program.
The ruling reveals a level of deception that should eliminate any doubts that the current oversight framework is wholly inadequate and raises questions about Canadian authorities commitment to operating within the law. The court found a breach of a “duty of candour” (which most people would typically call deception or lying) and raises the possibility of a future contempt of court proceeding. While CSIS attempted to downplay the concern by noting that the data collection in question – metadata involving a wide range of information used in a massive data analysis program – was collected under a court order, simply put, the court found that the retention of the data was illegal. Further, the amount of data collection continues to grow (the court states the “scope and volume of incidentally gathered information has been tremendously enlarged”), leading to the retention of metadata that is not part of an active investigation but rather involves non-threat, third party information. In other words, it is precisely the massive, big data metadata analysis program feared by many Canadians.
Read more ›
I appeared last week before the Standing Committee on Access to Information, Privacy & Ethics as part of the committee’s review of the Privacy Act. My opening remarks highlighted several longstanding concerns with the legislation and then turned to three broader issues: Bill C-51’s information sharing provisions, transparency reporting, and the revival of lawful access issues.
My full prepared opening remarks are posted below:
Appearance before the House of Commons Standing Committee on Access to Information, Privacy & Ethics, September 29, 2016
Read more ›
The controversial issue of lawful access rules, which address questions of police use of Internet subscriber information and interception capabilities at Canadian telecom companies, has long been played down by Canadian governments. When policy proposals first emerged in the early 2000s, the Liberal government focused on the anti-terrorism and anti-spam benefits. Subsequent Conservative proposals promoted the ability to combat child pornography, and most recently, cyber-bullying.
Yet when the Conservatives passed lawful access legislation in late 2014, it seemed that more than a decade of debate had delivered a typical Canadian compromise. The new legislation eliminated liability concerns for Internet providers who voluntarily disclose basic subscriber information and created a series of new police powers to require preservation and access to digital data.
Notwithstanding the legislative resolution and renewed legal certainty, my new tech law column at the Globe and Mail notes that Public Safety Minister Ralph Goodale has quietly revived the lawful access debate with a public consultation that raises the prospect of new rules that would effectively scrap the 2014 compromise. Ironically, the focus this time is the public demand for amendments to Bill C-51, the Conservatives’ anti-terrorism law that sparked widespread criticism and calls for reform during last year’s election campaign.
In other words, the Canadian privacy balance is being placed at risk by a policy initiative that purports to fix privacy. Read the full column here.
Read more ›
With new trade agreements, a new government, new court cases, and new rules governing the Internet, law and technology issues garnered headlines all year long. My weekly technology law column (Toronto Star version, homepage version) takes a look back at 2015 from A to Z:
A is for the Ashley Madison data breach, which affected millions of people and placed the spotlight on online privacy.
B is for Bill C-51, the anti-terrorism bill, which became a flashpoint political issue on striking the right balance between surveillance and civil liberties.
C is for CBC v. SODRAC, a Supreme Court of Canada decision released in November that reinforced the significance of technological neutrality in copyright. The court sided with SODRAC, a copyright collective, on the need for payment for certain uses of music but ruled that an earlier rate-setting exercise had failed to account for the technological neutrality principle.
Read more ›
As the world grapples with the recent terrorist attacks in Paris, the policy implications for issues such as the acceptance of refugees and continued military participation in the fight against ISIL have unsurprisingly come to the fore. The attacks have also escalated calls to reconsider plans to reform Canadian privacy and surveillance law, a key election promise from the Trudeau government.
My weekly technology law column (Toronto Star version, homepage version) argues that despite the temptation to slow the re-examination of Canadian privacy and surveillance policy, the government should stay the course. The Liberals voted for Bill C-51, the controversial anti-terror law, during the last Parliament, but promised changes to it if elected. Even in the face of a renewed terror threat, those changes remain essential and should not have an adverse impact on operational efforts to combat terror threats that might surface in Canada.
Read more ›