Today, Canadian scholars and civil liberties organizations have asked Canada’s telecommunications companies to explain how they disclose information to government authorities.
A project that’s been in the works, now, for 1.5 years is finally really starting! Exciting times!
Source: Towards Transparency in Canadian Telecommunications – The Citizen Lab
I’m not in corporate PR, but when it turns out your company (i.e. BlackBerry) holds the patent on a known-NSA-backdoored encryption standard I’m not sure shutting up and avoiding the press is the best of ideas. Especially if your product (*cough* BlackBerry *cough*) is predicated on strong security against all attackers.
Source: The strange connection between the NSA and an Ontario tech firm
Case # 34644 Matthew David Spencer v. Her Majesty the Queen (December 9, 2013) At issue is Whether section 8 of the Charter of Rights and Freedoms was violated. The appellant downloaded child pornography from the internet using a peer-to-peer file-sharing software program. The appellant stored child pornography in a shared folder and did not override the default settings that made the folder accessible to others. Since the files were accessible to other users they could therefore be downloaded. A police officer searched the shared folder and discovered the pornographic files. The officer couldn’t identify the owner of the folder but was able to determine that the IP address being used was assigned by Shaw Communications. The police wrote to Shaw and requested information identifying the assignee at the relevant time. Shaw Communications identified the user as the appellant’s sister. The police obtained a warrant and searched her residence, where they seized the appellant’s computer. The appellant was charged with possession of child pornography and making child pornography available.
An interesting case, especially when read against the scholarship that examines the Charter and PIPEDA implications of disclosing subscriber data absent a court order.
jakke said: This seems like he’s hoping referees will be sufficiently unfamiliar with the subject matter, no?
It’s a published piece; it landed in International Data Protection Law. And the people he acknowledges in the published piece are some of the experts who were – at the time, pre-Snowden – calling Swire’s article out for BS. I was at an event where his paper was critiqued as largely devoid of real, empirical, details which if included would have undermined many of the premises of the paper. But the paper was published (largely unchanged) regardless.
But peer-review…still not broken, am I right?
To players of WoW (such as my sons), WOW is a fun game. They often wear headsets to talk with teammates while playing, and keep a chat window scrolling as well. To law enforcement, WoW (or any other similar game) can seem instead to be a global terrorist communications network. Players can talk and send chat messages, internationally, outside of the traditional telephone network and outside of the scope of CALEA. The architecture is based on what works for the game, and not what facilitates lawful access.
Peter Swire, “From real-time intercepts to stored records: why encryption drives the government to seek access to the cloud”
Of course, this statement is largely bunk given that the large companies (like Blizzard, the producers of World of Warcraft) tend to have lawful access guides. And Blizzard’s, in particular, is incredibly detailed (and humorous) and been around since at least 2009. It’s statements like the one quoted, above, that make Swire’s entire paper dubious: given the empirical deficiency of his paper (especially in light of Snowden) he should be required to either write an update to the paper and identity everything that was false in it, or just recant the old paper in its majority.
While policies may vary, the sensitive nature of the data produced does not. Traffic data analysis generates more sensitive profiles of an individual’s actions and intentions, arguably more so than communica- tions content. In a communication with another individual, we say what we choose to share; in a transaction with another device, for example, search engines and cell stations, we are disclosing our actions, movements, and intentions. Technology- neutral policies continue to regard this transactional data as POTS traffic data, and accordingly apply inadequate protections.
…
This is not faithful to the spirit of updating laws for new technology. We need to acknowledge that changing technological environments transform the policy itself. New policies need to reflect the totality of the new environment.
Alberto Escudero-Pascual and Ian Hosein, “Questioning Lawful Access to Traffic Data”
Once we decide it’s OK to let a mob loose on anyone who’s offended us, the only people who are safe are those who never say anything at all.
Michelle Goldberg, Sympathy for Justine Sacco – The Nation (via chartier)
Mobs don’t lead to justice. They to politics of shame, dismissal of the rule of law, and (more often than not) a willingness to ‘ban’ actions, associations, and speech that is disliked if not illegal. Those rights have to be protected, regardless of how repugnantly they are used, so that democratic societies can operate as thriving environments of human dignity and freedom instead of nations where normalcy quiets the human spirit.
Particularly relevant for Snowden’s whistleblower status is his efforts to reveal misconduct within official NSA channels. According to the interview, Snowden aired his misgivings as early as October 2012 with as many as 17 co-workers and superiors, challenging them with the sheer volume of domestic data being collected by the BOUNDLESSINFORMANT program. The challenges went nowhere. Six months later, he began contacting reporters. Contacted for comment, an NSA spokesman told the Post there was no record of the conversations.
Russell Brandom, “NSA leaker Edward Snowden: ‘I already won’”
The irony that the NSA lacks a record of those conversations is incredibly rich.
…according to a former NSA employee, by 1995 the agency had installed sniffer software to collect various kinds of traffic at nine major Internet exchange points (IXPs). Terry Thompson, the NSA deputy director, also acknowledged in 2001 that the agency has taken to hiring technicians away from the private companies that run much of the World Wide Web, such as Cisco systems, and employing them to reverse engineer various communications technologies in order to locate vulnerabilities that the agency can exploit. This poached taken much be invaluable in sorting through the packetized and multiplexed flows of digital data.
Patrick Radden Keefe, Chatter: Dispatches from the Secret World of Global Eavesdropping
Some have suggested that the [Nova Scotia cyberbullying] law has to be so broad to capture all the harmful conduct and we should leave it to the courts and the cybercops to use their judgement in how it is applied. I’m sorry, but as soon as an employee of the government of Nova Scotia picks up the phone and tells a citizen to remove Charter protected speech from the internet, that crosses the line. That goes waaaaay over the line. Canadians have an absolute right to speak truth to power. Canadians have an obligation to call out politicians on hypocrisy and idiocy. An elected official like Lenore Zann, before publicly admonishing a minor, should educate herself about “copyrwite (sic) law”, fair dealing and the criminal code. (A bit of free advice: Bill C-12 isn’t the law yet and an image taken on a sound stage surrounded by a filming crew for the purpose of international broadcast on cable television likely does not qualify as an intimate image “in respect of which, at the time of the recording, there were circumstances that gave rise to a reasonable expectation of privacy”.)
David Fraser, “Nova Scotia politician alleges cyberbullying, calls the authorities on tweeting teen”
Excited Pixels