Earlier this week, I posted on Ontario Provincial Police comments at the Standing Senate Committee on Legal and Constitutional Affairs hearing on Bill C-13 that were sharply critical of online anonymity. The same hearing was notable for additional comments from the OPP on the lawful access bill. The comments, which came in the opening statement, suggest that one of Canada’s largest police forces is simply unaware of the contents of the proposed legislation.
Scott Naylor of the OPP’s opening remarks included:
There is no question that some of the legislation involving technology and communication in Canada is out of date. Under the current legislation, police can only access the very basic subscriber information – i.e., name, address, telephone number – on a totally ad hoc basis, by production order from service providers. This means that there is an inconsistent response, which impedes investigations and, in extreme cases, may prolong victimization. Under the proposed legislation, Internet service providers would be compelled to provide this information in a timely fashion and on a consistent basis. Access to this information would be strictly controlled and limited to law enforcement officials, who would be fully trained in these procedures and subject to auditing and report oversight. I will repeat – auditing and report oversight.
Here is the problem: Naylor appears to think that Bill C-13 has not changed from Vic Toews’ Bill C-30. Under the lawful access bill, ISPs would not be compelled to disclose subscriber information. Indeed, the mandatory disclosure of subscriber information without a warrant was removed from the bill altogether. The bill does include incentives for voluntary disclosure, but there are no mandatory disclosure requirements. If the OPP think the bill guarantees consistent disclosure of subscriber information, it is wrong. In fact, the Supreme Court’s Spencer decision means that subscriber information now only comes (except in emergency circumstances) through a court order.
Read more ›
The Standing Senate Committee on Legal and Constitutional Affairs began its hearings on Bill C-13, the lawful access/cyberbullying bill last week with an appearance from several law enforcement representatives. The Ontario Provincial Police was part of the law enforcement panel and was asked by Senator Tom McInnis, a Conservative Senator from Nova Scotia, about what other laws are needed to address cyberbullying. Scott Naylor of the OPP responded (official transcript not yet posted online):
If the bag was open and I could do anything, the biggest problem that I see in the world of child sexual exploitation is anonymity on the Internet. When we get our driver’s licence we’re required to get our picture taken for identification. When you get a mortgage you have to sign and provide identification. When you sign up for the Internet, there is absolutely no requirement for any kind of non-anonymity qualifier. There are a lot of people who are hiding behind the Internet to do all kinds of crime, including cybercrime, fraud, sexual exploitation and things along those lines.
The Internet is moving so quickly that law enforcement cannot keep up. If there were one thing that I would ask for discussion on is that there has to be some mechanism of accountability for you to sign on to an Internet account that makes it like a digital fingerprint that identifies it to you sitting behind the computer or something at that time. There are mechanisms to do it, but the Internet is so big and so vast at this point, and it’s worldwide, I’m not sure how that could happen, but that would certainly assist everybody. In that way I can make a digital qualification that that’s the person that I’m talking to. If I had one choice, that’s what I would ask for.
Read more ›
In a year in which privacy issues have captured near weekly headlines, one concern stands out: warrantless access to Internet and telecom subscriber information. From revelations that telecom companies receive over a million requests each year to the Supreme Court of Canada’s landmark decision affirming that there is a reasonable expectation of privacy in subscriber information, longstanding law enforcement and telecom company practices have been placed under the microscope for the first time.
Last week, the Privacy Commissioner of Canada released a report that shed further light on the law enforcement side of warrantless disclosure requests, raising disturbing questions about the lack of record keeping and politically motivated efforts to drum up data on the issue.
My weekly technology law column (Toronto Star version, homepage version) notes that the Office of the Privacy Commissioner of Canada notified the Royal Canadian Mounted Police last October that it was planning to conduct preliminary investigative work on the collection of warrantless subscriber information from telecom companies. The plan was to assess RCMP policies and to determine the frequency and justification for warrantless requests.
Read more ›
Two shocking terror attacks on Canadian soil, one striking at the very heart of the Canadian parliament buildings and both leaving behind dead soldiers. Office buildings, shopping centres, and classrooms placed under lockdown for hours with many confronting violence first hand that is rarely associated with Canada.
Last week’s terror events will leave many searching for answers and seeking assurances from political and security leaders that they will take steps to prevent it from happening again. There will be an obvious temptation to look to the law to “fix” the issue, and if the past is a guide, stronger anti-terror legislation and warnings that Canadians may need to surrender more of their privacy and civil liberties in the name of greater security will soon follow.
My weekly technology law column (Toronto Star version, homepage version) notes that if there are legal solutions that would help foster better security, they should unquestionably be considered. Yet Canada should proceed with caution and recognize that past experience suggests that the unintended consequences that may arise from poorly analyzed legislation may do more harm than good.
Read more ›
In the aftermath of the Supreme Court of Canada’s Spencer decision, I argued that the decision upholding the reasonable expectation of privacy in subscriber information contradicted the government’s claims supporting Bills C-13 and S-4, leaving the government’s lawful access strategy in tatters. I noted that it faced a choice:
The Canadian government could adopt the “bury our heads in the sand approach” by leaving the provision unchanged, knowing that it will be unused or subject to challenge. That would run counter to the spirit of the Supreme Court ruling, however, and do nothing to assist law enforcement.
Yesterday, the government did just that, as Bill C-13 passed another legislative hurdle with the reported committee version of the bill was approved by the House. During the debate, the government insisted that the legislation is consistent with the Spencer decision. While it is true that the voluntary warrantless disclosure provision does not directly contradict the Spencer decision, the reality is that it has been rendered largely moot. In other words, the government is touting a legislative solution to assist law enforcement that the police will not use and that telecom companies will ignore.
Read more ›