Link

Provincial Liberals Policy Launder for Federal Conservatives?

David Eby, formerly with the British Columbia Civil Liberties Association and now a MLA with the NDP, has written a brief piece about forthcoming BC provincial legislation. The Missing Persons Act would let provincial authorities:

issue emergency orders to telephone companies and internet service providers to get access to your browsing history, text messages, e-mail, voice mail, banking records, you name it. If the companies or individuals don’t consent to the access, police can go to court without notice to you to get your records ordered to be handed over. Any record you can think of is covered by the new law.

However, there would be no notice to the individual(s) affected that such a request had been made, regardless of whether it was appropriate.

This kind of concern over finding missing people before they’re formally missing is something that the federal government of Canada has previously used to justify its lawful access legislation. Access to subscriber data (though less expansively than envisioned under the BC legislation) was presented as useful in missing persons’ cases, to return stolen property, and more. To date, the federal government has failed to push through its lawful access legislation, though the recent version (C-13) is scheduled for second reading in the coming weeks.

Of note, the BC Liberal party has a substantial number of past-lieutenants from the Prime Minister’s Office that have passed through. Also, the Chief Constable of Vancouver has been amongst the most fervent advocates for the federal lawful access legislation. As such, I have to wonder how much the proposed BC Act is an attempt to address genuine provincial issues and how much it is meant to quietly start introducing or laundering a flavour of the federal lawful access legislation. I also have to wonder if, after this legislation is passed, the Chief Constable of Vancouver will back off of his federal advocacy: was he trying to solve a particular provincial issue by way of lobbying for changes to federal laws?

It’s quite sad, though, that the meagre consensus that was achieved in the federal lawful access fights – that there would be some reporting system, however sad – was excised by the BC Liberals. It’s hard to claim transparency as a political party when you actively undermine attempts to inject it into new (to say nothing of previously past) legislation.

Quote

While policies may vary, the sensitive nature of the data produced does not. Traffic data analysis generates more sensitive profiles of an individual’s actions and intentions, arguably more so than communica- tions content. In a communication with another individual, we say what we choose to share; in a transaction with another device, for example, search engines and cell stations, we are disclosing our actions, movements, and intentions. Technology- neutral policies continue to regard this transactional data as POTS traffic data, and accordingly apply inadequate protections.

This is not faithful to the spirit of updating laws for new technology. We need to acknowledge that changing technological environments transform the policy itself. New policies need to reflect the totality of the new environment.

* Alberto Escudero-Pascual and Ian Hosein, “Questioning Lawful Access to Traffic Data”
Link

Police spy on web, phone usage with no warrants

Just so it remains clear just how much surveillance can happen in Commonwealth countries when authorities enjoy broad lawful access to communications data without needing warrants:

Law enforcement and government departments are accessing vast quantities of phone and internet usage data without warrants, prompting warnings from the Greens of a growing “surveillance state” and calls by privacy groups for tighter controls.

Figures released by the federal Attorney-General’s Department show that federal and state government agencies accessed telecommunications data and internet logs more than 250,000 times during criminal and revenue investigations in 2010-11.

(…)

Access is authorised by senior police officers or officials rather than by judicial warrant.

Federal agencies making use of telecommunications data include the Australian Federal Police, Australian Crime Commission and Australian Taxation Office, departments including Defence, Immigration and Citizenship, and Health and Ageing, and Medicare and Australia Post.

Data is also accessed by state police and anti-corruption bodies, government departments and revenue offices, and many other official bodies.

Needless to say, that’s an awful lot of parties accessing an awful lot of information about Australian citizens. Not included: statistics on telecommunications data access by the Australian Security Intelligence Organisation.

Link

This is not surveillance as we know it: the anatomy of Facebook messages

There are a lot of issues related to ‘wiretapping the Internet.’ A post from Privacy International, from 2012, nicely details the amount of metadata and data fields linked with just a Facebook message and the challenges in ‘just’ picking out certain fields from large lists.

As the organization notes:

Fundamentally, the whole of the request to the Facebook page must be read, at which point the type of message is known, and only then can the technology pretend it didn’t see the earlier parts. Whether this information is kept is often dismissed as “technical detail”, but in fact it is the fundamental point.

We should be vary of government harvesting large amounts of data and then promising to dispose of it; while such actions could be performed, initially, once the data is potentially accessible the laws to legitimize its capture, retention, storage, and processing will almost certainly follow.

Quote

But an attempt by Canadian ISPs to garner an all-access pass that would let them secretly install software to monitor potentially illicit user activity was thwarted, at least in part.

According to the note accompanying the draft regulations, industry representatives “had argued for exemptions from the requirement for consent to install software to prevent unauthorized or fraudulent use of a service or system, or to update or upgrade systems on their networks.”

Under the revised rules, service providers would only be permitted to install software “where illegal activities pose a threat to [their] networks.”

Video

Lawful access legislation and its associated powers are not new. In the wrong hands, however, these powers ‘legitimize’ the gross abuse of citizens. I highly recommend you watch this investigative news piece on Sweden’s Teliasonera and how lawful access is used by dictators reliant on Teliasonera’s equipment.

If you can’t watch it all then at least watch the interview with the company’s representative, starting at around minute 52. It’s a chilling interview that exposes how ‘good’ Western companies enables human rights abuses around the world in the name of profit and ‘enabling’ communication.