What may likely be a long, and very interesting, case to follow.
Category: Links
Canada’s New Cyberbullying Law Is All About Surveillance:
The Conservatives promised that transmission data would not include anything relating to the content of what Canadians are doing online. Fraser disagreed. He told the committee that it included everything from a user’s IP address, details on what computers and browsers are being used, the URL of the website, and ultimately, some level of content from what users are browsing.
Then he moved on to immunity—the complete legal protection for any company that voluntarily forks over Canadians’personal information to police, even without a warrant: “This provision, I believe, should be removed. It can’t be fixed, and will only encourage overreaching by law enforcement,” Fraser said.
Chu says that police have the onus to always take the least intrusive route to an investigation. He, however, incorrectly believed that companies would not have immunity if the requesting officer was acting in bad faith, like if a cop called up Bell to request his ex-wife’s call logs. The language in the bill is clear though: if a peace or public officer requests the information, and the company is legally allowed to disclose it, the company “does not incur any criminal or civil liability for doing so.”
The Tories admitted that, yes, companies can volunteer our personal data without a warrant, but, they maintained, those companies already have that ability. C-13, they argued, just codifies and clarifies it in the law.
However, re-wording the provision will make it a whole lot easier.
I think that the author is bullish in thinking that the legislation might be stopped, but then I was equally depressed at the prospect of C-30 being halted.
On June 17, 2014 I’ll be debating John Adams, the former Chief of the Communications Security Establishment Canada (CSEC). It should be a lively back and forth!
Police could see tax info without warrant under proposed law:
Police would be able to see Canadians’ private tax information without the use of a warrant under a proposed government law. If it’s passed, the Canada Revenue Agency could voluntarily hand over a taxpayer’s data to police and the citizen would never be notified. The change is proposed in the Conservatives’ 375-page omnibus budget bill through a clause that amends the Income Tax Act.
Omnibus legislation: the most efficient way of pushing through massive changes to the structure of Canada’s laws without most people (including experts) fully appreciating the extent to which things are about to change.
For Canada’s Spies, Your Data Is Just a Phone Call Away:
“I have recently had to deal with a client who had a request from CSIS for information,” said a Canadian lawyer who asked to remain anonymous. The lawyer and client asked CSIS to put the request in writing so it could properly consider the request. “CSIS said ‘it is against our policy to put those requests in writing.’”
…
Penney says he tried to log onto his client’s account, only to find that the password wasn’t working. He recovered the account to discover someone changed it. Penney brought that fact to the judge and discovered the culprit was an officer in the Saskatchewan Internet Child Exploitation Unit. The officer sent a PIPEDA request to Gigatribe requesting the password.
…
Sean Carter, a Toronto lawyer who has experience with warrantless disclosure, said off-the-books requests are not exactly uncommon. “They hate putting it in writing,” he said. “It’s so hard to follow the trail back to the actual request.” Carter pointed out that if they obtain data from a company, and use that to put together evidence for a production order or warrant, nobody would ever be the wiser that they obtained the data in the first place.
Warrantless access to information isn’t just used to extract data from telcos, but from a litany of other ‘telecommunications service providers.’
Cyber-bullying, privacy measures should be dealt with separately:
“I am concerned about some of the other unrelated provisions that have been added to the bill in the name of Amanda … and all of the children lost to cyberbullying attacks,” she told the committee. “I don’t want to see our children victimized again by losing privacy rights.
“We should not have to choose between our privacy and our safety. We should not have to sacrifice our children’s privacy rights to make them safe from cyberbullying, sextortion and revenge pornography.”
…
Carol Todd showed a tremendous amount of courage Tuesday. The government should honour her request to split out the cyber-bullying provisions, accept the NDP’s offer to fast-track them, and then turn its attention to finding a more reasonable solution to fighting online threats.
Based on comments during that hearing, I and highly doubtful the government of Canada will split the legislation in two. Still, we can always hope…
Op-Ed: The circular, peculiar state of CSEC oversight (Includes interview):
Communications Security Establishment Canada (CSEC) is insulated from meaningful oversight. This article explains how the agency avoids scrutiny, and what you can do to encourage change.
One of the better articles in recent past on CSEC. Highly recommended.
Privacy watchdog calls for reforms but ministers stay silent:
The federal privacy watchdog’s concerns appear to be falling on deaf ears in the government, with three cabinet ministers yet to respond to her calls for reform.
(…)
While Clement has agreed to work with the commissioner, it’s not clear if her other recommendations will be entertained by the government. Chris Parsons, a privacy scholar with the Munk School of Global Affairs in Toronto, said the government has little incentive to change the current system or increase oversight.
“As revelations come out, that could be hurtful to government,” Parsons said. “There’s an understandable political value in not (enhancing) these audit powers. You can just imagine the first audit is performed and it reveals very high amounts of personal information being collected from various sources … . It could be politically unhelpful.”
My money is on the government quietly hoping the public and media just forget about this issues through the summer, given that they’ll be breaking from Parliament soon for BBQ season.
Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed:
Some 300,000 systems remain susceptible to catastrophic exploits, one scan shows.
With the media off (most) companies’ backs there’s just no way/reason that these remaining companies are going to patch the heartbleed vulnerability. One can only hope that civil suits are launched against these remaining companies to show via the market that patching is a requirement for contemporary digitally-enabled businesses.
Categories
Is social media info reliable?
Is social media info reliable?:
Christopher Parsons of Citizen Lab says the government’s use of social media to obtain information is filled with pitfalls.
I much preferred this interview over the one with CBC; in particular, the final discussion is helpful: Canadians want a responsible and transparent government, not one that is opaque and operates counter to Canadian values.
Excited Pixels 