Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh

Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh

Privacy

Wiertz Sebastien - Privacy by Sebastien Wiertz (CC BY 2.0) https://flic.kr/p/ahk6nh

BC Court Rules on Signing Away Your Reasonable Expectation of Privacy

Canadian privacy law has long been reliant on the principle of “reasonable expectation of privacy.”  The principle is particularly important with respect to the Charter of Rights and Freedoms, as the Supreme Court of Canada has held that the right to be free from unreasonable search and seizure is grounded in a reasonable expectation of privacy in a free and democratic society.

The reasonable expectation of privacy standard provides a useful starting point for analysis, but the danger is that privacy rights can seemingly be lost with little more than a contractual provision indicating that the user has no privacy. Indeed, if privacy rights can disappear based on a sentence in a contract that few take the time to read (much less assess whether they are comfortable with), those rights stand on very shaky ground.

My weekly technology law column (Toronto Star version, homepage version) notes the limits of the reasonable expectation of privacy standard emerged in a recent British Columbia Court of Appeal case involving the search of a courier package that contained illegal drugs. The court rejected claims of an illegal search, concluding that the defendant had no reasonable expectation of privacy despite the fact that he had no commercial relationship with the courier company and had never agreed to, or even viewed, the terms of the contract.

Read more ›

August 27, 2014 9 comments Columns
Credit Cards by Sean MacEntee (CC BY 2.0) https://flic.kr/p/kkUu3B

From Cell Towers to Credit Card Data: Telecom Privacy Case Reveals Scope of Police Demands for Subscriber Information

Last month, media reports covered a recently released Ontario court decision involving a Peel Regional Police warrant application for subscriber data from Telus and Rogers. The two telecom companies challenged the order, arguing that it was overbroad. The police withdrew the order in favour of a more limited request, but the court decided that the Charter issues raised by the request should still be examined.

The money quote from the judge – “the privacy rights of the tens of thousands of cell phone users is of obvious importance” – captured the attention, but the case is more interesting for the data it provides on police warrant applications for subscriber data. The case reveals that Telus received approximately 2,500 production orders and general warrants in 2013, while Rogers produced 13,800 files in response to production orders and search warrants that year.

Even more interesting is how the police were seeking access to a huge amount of subscriber information by asking for all records involving dozens of cell phone towers, including subscriber data, billing information, bank data, and credit card information.  The specifics as described by the court:

Read more ›

August 14, 2014 4 comments News
Silence by Alberto Ortiz (CC BY-NC-ND 2.0) https://flic.kr/p/3cRLS7

Why Has Bell Remained Silent on Its Subscriber Information Disclosure Practices?

In the aftermath of the Supreme Court of Canada’s Spencer decision, several leading Canadian ISPs have publicly announced that they have changed their practices on the disclosure of subscriber information (including basic subscriber information such as name and address) to law enforcement. For example, Rogers announced that it will now require a warrant or court order prior to disclosing information to law enforcement except in emergency situations. Telus advised that it has adopted a similar practice and TekSavvy indicated that that has long been its approach. SaskTel says that it will release name, address, and phone number.

Unlike its competitors, Bell has remained largely silent in recent weeks. In media reports, the company says little more than that it follows the law.  In fact, the Toronto Star’s Alex Boutilier tweets that the company is now declining to respond to journalist inquiries about the issue. In the past, the company was a clear supporter of disclosing “pre-warrant” information in some circumstances to law enforcement. As detailed in this Canadian Bar Association article:

Read more ›

July 24, 2014 20 comments News
Come Back With a Warrant doormat, Cindy's place, Noe Valley, San Francisco, CA by Cory Doctorow (CC BY-SA 2.0) https://flic.kr/p/bB3VJN

Come Back With a Warrant: How Will the Canadian Government Respond to the Supreme Court’s Reshaping of Privacy Law?

Canadian Internet and telecom providers have, for many years, disclosed basic subscriber information, including identifiers such as name, address, and IP address, to law enforcement without a warrant. The government has not only supported the practice, but actively encouraged it with legislative proposals designed to grant full civil and criminal immunity for voluntary disclosures of personal information.

Last month, the Supreme Court of Canada struck a blow against warrantless disclosure of subscriber information, ruling that there is a reasonable expectation of privacy in that information and that voluntary disclosures therefore amount to illegal searches.

My weekly technology law column (Toronto Star version, homepage version) notes the decision left little doubt that Internet and telecom providers would need to change their disclosure policies. Last week, Rogers, the country’s largest cable provider, publicly altered its procedures for responding to law enforcement requests by announcing that it will now require a court order or warrant for the disclosure of basic subscriber information to law enforcement in all instances except for life threatening emergencies (warrantless disclosures may still occur where legislation provides the lawful authority to do so). Telus advised that it has adopted a similar approach.

Read more ›

July 21, 2014 12 comments Columns
Rogers on the corner of Robson and Seymour by Jeffery Simpson (CC BY-NC-SA 2.0) https://flic.kr/p/hZGAN

Rogers Releases New Policy on Disclosing Subscriber Information: Come Back with a Warrant

Rogers has updated its approach to responding to law enforcement requests for subscriber information to reflect last month’s Supreme Court of Canada Spencer decision. The company will now require a warrant for access to basic subscriber information (with the exception of life threatening emergencies), a policy that effectively kills the government’s Bill C-13 voluntary disclosure provisions. The government wants to provide full immunity for voluntary disclosure of personal information, but Canadian Internet providers and telecom companies are unlikely to provide such information without a court order given the recent decision. The Rogers update:

After hearing your concerns and reviewing the Supreme Court ruling from last month, we’ve decided that from now on we will require a court order/warrant to provide basic customer information to law enforcement agencies, except in life threatening emergencies. We believe this move is better for our customers and that law enforcement agencies will still be able to protect the public.

Read more ›

July 16, 2014 10 comments News
1 47 48 49 50 51 189