Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links

Press Release: CCLA Challenges Constitutionality Of Privacy Legislation « Canadian Civil Liberties Association

Toronto –  The Canadian Civil Liberties Association (CCLA) has launched a constitutional challenge to parts of the federal privacy legislation that effectively permits private companies to engage in warrantless disclosure of personal information to government. The challenge is part of CCLA’s ongoing work in the areas of privacy, national security, and accountability in law enforcement, and comes in the wake of recent revelations that telecommunications service providers provide government agencies with customer information on a massive scale.  CCLA’s General Counsel, Sukanya Pillay, described the court challenge as “a way to protect the privacy rights of Canadians and ensure accountability across the board.”

CCLA is challenging parts of the Personal Information Protection and Electronic Documents Act (PIPEDA) that allow private corporations to disclose their users’ personal information to a government institution (including law enforcement agencies) for a number of reasons including national security and the enforcement of any law of Canada, any province or a foreign jurisdiction.  While law enforcement may have a need to access some personal information in a narrow set of circumstances, the current law is too broad and should be struck out.  The consequences of government accessing and sharing personal information without an individual’s knowledge or consent, can be very serious and violate fundamental constitutional rights.  The fact that information is being obtained from the private sector further complicates things.  As CCLA’s General Counsel stated:  “Non-state actors are playing an increasingly large role in providing law enforcement and government agencies with information they request.  The current scheme is completely lacking in transparency and is inadequate in terms of accountability mechanisms.”

CCLA’s legal challenge asks that provisions of PIPEDA be struck as an unconstitutional violation of the right to life, liberty and security of the person and the right to be free from unreasonable search and seizure.  CCLA brings this challenge to create the impetus for change necessary to effectively protect the privacy rights of individuals.

Click here to read CCLA’s Notice of Application.

Press Release: CCLA Challenges Constitutionality Of Privacy Legislation « Canadian Civil Liberties Association

Categories
Aside Links

CCLA Challenges Federal Privacy Legislation

What may likely be a long, and very interesting, case to follow.

Categories
Links

Canada’s New Cyberbullying Law Is All About Surveillance

Canada’s New Cyberbullying Law Is All About Surveillance:

The Conservatives promised that transmission data would not include anything relating to the content of what Canadians are doing online. Fraser disagreed. He told the committee that it included everything from a user’s IP address, details on what computers and browsers are being used, the URL of the website, and ultimately, some level of content from what users are browsing.

Then he moved on to immunity—the complete legal protection for any company that voluntarily forks over Canadians’personal information to police, even without a warrant: “This provision, I believe, should be removed. It can’t be fixed, and will only encourage overreaching by law enforcement,” Fraser said.

Chu says that police have the onus to always take the least intrusive route to an investigation. He, however, incorrectly believed that companies would not have immunity if the requesting officer was acting in bad faith, like if a cop called up Bell to request his ex-wife’s call logs. The language in the bill is clear though: if a peace or public officer requests the information, and the company is legally allowed to disclose it, the company “does not incur any criminal or civil liability for doing so.”

The Tories admitted that, yes, companies can volunteer our personal data without a warrant, but, they maintained, those companies already have that ability. C-13, they argued, just codifies and clarifies it in the law.

However, re-wording the provision will make it a whole lot easier.

I think that the author is bullish in thinking that the legislation might be stopped, but then I was equally depressed at the prospect of C-30 being halted.

Categories
Links

CJFE Annual General Meeting 2014 and Public Debate: Should Surveillance Scare You?

On June 17, 2014 I’ll be debating John Adams, the former Chief of the Communications Security Establishment Canada (CSEC). It should be a lively back and forth!

Categories
Links

Police could see tax info without warrant under proposed law

Police could see tax info without warrant under proposed law:

Police would be able to see Canadians’ private tax information without the use of a warrant under a proposed government law. If it’s passed, the Canada Revenue Agency could voluntarily hand over a taxpayer’s data to police and the citizen would never be notified. The change is proposed in the Conservatives’ 375-page omnibus budget bill through a clause that amends the Income Tax Act.

Omnibus legislation: the most efficient way of pushing through massive changes to the structure of Canada’s laws without most people (including experts) fully appreciating the extent to which things are about to change.

Categories
Links

For Canada’s Spies, Your Data Is Just a Phone Call Away

For Canada’s Spies, Your Data Is Just a Phone Call Away:

“I have recently had to deal with a client who had a request from CSIS for information,” said a Canadian lawyer who asked to remain anonymous. The lawyer and client asked CSIS to put the request in writing so it could properly consider the request. “CSIS said ‘it is against our policy to put those requests in writing.’”

Penney says he tried to log onto his client’s account, only to find that the password wasn’t working. He recovered the account to discover someone changed it. Penney brought that fact to the judge and discovered the culprit was an officer in the Saskatchewan Internet Child Exploitation Unit. The officer sent a PIPEDA request to Gigatribe requesting the password.

Sean Carter, a Toronto lawyer who has experience with warrantless disclosure, said off-the-books requests are not exactly uncommon. “They hate putting it in writing,” he said. “It’s so hard to follow the trail back to the actual request.” Carter pointed out that if they obtain data from a company, and use that to put together evidence for a production order or warrant, nobody would ever be the wiser that they obtained the data in the first place.

Warrantless access to information isn’t just used to extract data from telcos, but from a litany of other ‘telecommunications service providers.’

Categories
Links

Cyber-bullying, privacy measures should be dealt with separately

Cyber-bullying, privacy measures should be dealt with separately:

“I am concerned about some of the other unrelated provisions that have been added to the bill in the name of Amanda … and all of the children lost to cyberbullying attacks,” she told the committee. “I don’t want to see our children victimized again by losing privacy rights.

“We should not have to choose between our privacy and our safety. We should not have to sacrifice our children’s privacy rights to make them safe from cyberbullying, sextortion and revenge pornography.”

Carol Todd showed a tremendous amount of courage Tuesday. The government should honour her request to split out the cyber-bullying provisions, accept the NDP’s offer to fast-track them, and then turn its attention to finding a more reasonable solution to fighting online threats.

Based on comments during that hearing, I and highly doubtful the government of Canada will split the legislation in two. Still, we can always hope…

Categories
Links

Op-Ed: The circular, peculiar state of CSEC oversight (Includes interview)

Op-Ed: The circular, peculiar state of CSEC oversight (Includes interview):

Communications Security Establishment Canada (CSEC) is insulated from meaningful oversight. This article explains how the agency avoids scrutiny, and what you can do to encourage change.

One of the better articles in recent past on CSEC. Highly recommended.

Categories
Links Quotations

Privacy watchdog calls for reforms but ministers stay silent

Privacy watchdog calls for reforms but ministers stay silent:

The federal privacy watchdog’s concerns appear to be falling on deaf ears in the government, with three cabinet ministers yet to respond to her calls for reform.

(…)

While Clement has agreed to work with the commissioner, it’s not clear if her other recommendations will be entertained by the government. Chris Parsons, a privacy scholar with the Munk School of Global Affairs in Toronto, said the government has little incentive to change the current system or increase oversight.

“As revelations come out, that could be hurtful to government,” Parsons said. “There’s an understandable political value in not (enhancing) these audit powers. You can just imagine the first audit is performed and it reveals very high amounts of personal information being collected from various sources … . It could be politically unhelpful.”

My money is on the government quietly hoping the public and media just forget about this issues through the summer, given that they’ll be breaking from Parliament soon for BBQ season.

Categories
Aside Links

Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed

Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed:

Some 300,000 systems remain susceptible to catastrophic exploits, one scan shows.

With the media off (most) companies’ backs there’s just no way/reason that these remaining companies are going to patch the heartbleed vulnerability. One can only hope that civil suits are launched against these remaining companies to show via the market that patching is a requirement for contemporary digitally-enabled businesses.