Tag: Media

Categories
Links

The new way Canadians can discover the data ISPs are collecting

The new way Canadians can discover the data ISPs are collecting:

Canadians concerned about their online privacy have a new way to find out whether their telecom provider is collecting information about them – and sharing it with third parties like government entities.

“What we’re trying to do as researchers is identify what kind of data telecommunications companies in Canada collect, obtain, and process, and disclose to third parties,” said Dr. Christopher Parsons, a fellow at the Munk School of Global Affairs’ Citizen Lab.

The Supreme Court of Canada ruled last Friday that police need a search warrant to get information from Internet service providers about their subscribers’ identities during investigations.

Privacy experts believe the ruling will force Internet service providers to change their practices on voluntary warrantless disclosure.

“The government will no longer be able to use the voluntary disclosure regime,” Parsons said.

“I think it’s a real demonstration that the need to keep people safe in Canada doesn’t mean we need to set aside their privacy rights.”

For now, though, Parsons is hoping Canadians use the tool to help gain a better understanding of the scale of information collected about them. He said it will also demonstrate which third parties are potentially accessing telecom companies’ data stores.

Potential third parties range from law enforcement like the RCMP, provincial, and municipal police, to government agencies like CSIS, CSEC and the CRA, Parsons said.

Check out and use the Access My Info tool to learn what information your telecom provider collects, retains, processes, and discloses about you.

Categories
Links

Supreme Court decision cheered by online privacy proponents

Supreme Court decision cheered by online privacy proponents:

Supreme Court ruled on Friday that police must seek judicial approval before they can request data about individuals’ internet identities, even in the case of serious crimes.

“This is an amazing ruling for Canadians who are concerned about privacy,” said Christopher Parsons, a postdoctoral fellow at the Citizen Lab at the Munk School of Global Affairs and a frequent critic of government policy on electronic privacy.

Recent revelations of widespread internet surveillance by police, not just in Canada but across much of the world, have caused alarm among academics and others concerned about lack of information around the extent to which governments snoop on citizens.

In response to rising public concern, Canada’s telecom sector has for the first time begun disclosing details about the number and type of requests they’ve received. Rogers Communications Inc. and TekSavvy Solutions Inc. recently came forward and others are expected to follow.

The disclosures suggest a close relationship among police and at least some telecoms, where authorities routinely ask for and are given information about individual customers, typically IP addresses and phone numbers, though sometimes also the contents of email conversations.

The Supreme Court ruling means that at the very least, getting access to customer data is going to become a lot more time consuming for the police and as a result “the enormous volume of requests would have to go down,” said Mr. Parsons.

 

Categories
Links

Police investigations show even BlackBerry messages can be intercepted

Police investigations show even BlackBerry messages can be intercepted:

Touted as one of the most secure ways to communicate, BlackBerry smartphones have been put in the spotlight after several police investigations said they were able to track criminals who used the device’s encrypted technology.

“It’s a problem in the way that BlackBerry has marketed some of its services to the consumer market,” said Christopher Parsons, a fellow at the University of Toronto’s Citizen Lab, which specializes on how privacy is affected by digital surveillance.

“It’s a very difficult security posture and probably one that most users … don’t fully understand.”

Parsons said many BlackBerry owners assume incorrectly that their smartphones meet the same standards as BlackBerrys used by major corporations and the U.S. government, even though they’re not operating on the same high-level security servers that have come to define the company’s advantage over its competitors.

Categories
Links

Cyberbullying law would let police ‘remotely hack into computers, mobile devices, or cars’

Cyberbullying law would let police ‘remotely hack into computers, mobile devices, or cars’:

Experts say police would be able to install viruses, or malware, into the electronics of anyone suspected of a crime, after gaining judicial approval.

“There’s a series of different tactics that they could adopt. They could engage in phishing schemes — deliberately serving infected files to computers — or it could involve sending URLs to people’s emails and when they click it, it infects their computers,” he said, adding that it could also involve installing malicious apps onto Canadians’ smartphones that work as listening devices. Police could even hack into a car’s OnStar to keep tracking of location, and call logs.

While C–13 is intended to target transmission data — call information, IP address, and location data — Mr. Parsons said it’s entirely possible that C–13 could capture basic data from Canadians’ Skype conversations, as well as a vast field of other digital information. “That’s the way that it reads,” he says.

The powers would still be subject to judicial oversight. The warrants are valid for two months for most crimes, but extends that to a year if the crime is terrorism-related, or if the suspect is connected to a criminal organization.

“Compounding that, there’s no reporting required,” Mr. Parsons said. “We won’t know if it’s 10 requests a year, a hundred requests a year, a thousand requests a year, or a million requests a year.”

Mr. Parsons calls it the dawn of Canadian ‘‘Govware.’’ Passing this bill, as is, said Mr. Parsons, “risks introducing significant, and poorly understood, new powers to the Canadian authorities.”

Mr. Fraser and Mr. Parsons raise the practical implication of the procurement process for this sort of software. If Ottawa contracts out the creation of a digital snooping program, it risks legitimizing the creation of malware, said Mr. Parsons, adding that Ottawa should be fighting to improve the security of our electronics, not exploiting their weaknesses.

Another good piece by Justin Ling, who is quickly becoming a key go-to reporter for all federal government issues privacy- and surveillance-related issues.

Categories
Links

Teksavvy and Rogers publish transparency reports highlighting the extent of government data requests

Teksavvy and Rogers publish transparency reports highlighting the extent of government data requests:

Third-party internet provider Teksavvy and Rogers, one of the largest ISPs in Canada, have published the first Canadian telecommunications transparency reports.

Both Teksavvy and Rogers have released documents detailing the subscriber information both companies have released to police and spy agencies over the last few years. Teksavvy disclosed their transparency report first and then Rogers followed soon after.

 

Categories
Links

Telecom giant Rogers got 175,000 info requests from government

Telecom giant Rogers got 175,000 info requests from government:

Rogers is the first major Canadian telecommunications company to issue a so-called transparency report on co-operation with law enforcement.

However, one of Canada’s smaller telecommunications companies, Teksavvy, issued a similar report yesterday in response to a request from University of Toronto researchers. Its report revealed that it received just 52 requests from government and law enforcement agencies in 2012 and 2013. It said it complied with a third of the requests and denied the rest.

The releases come as civil libertarians and privacy advocates urge companies and governments to be more forthcoming about when and how customer data is shared.

A study by University of Toronto researchers recently gave low marks to Canada’s internet service providers about how they handle customer information — including whether they routinely give personal data to spy agencies.

Rogers says it does not allow agencies direct access to its customer databases, nor does it hand over metadata — the routing codes and other data about emails and calls — without a warrant.

“We only provide the information we are required to provide and this information is retrieved by our staff.”

 

Categories
Links

Rogers opens curtain on warrantless government snooping

Rogers opens curtain on warrantless government snooping:

OTTAWA—Rogers Communications gave Canadians their first real peek behind the curtain of warrantless government snooping Thursday, revealing they were asked almost 175,000 times for their customers’ data in 2013.

Rogers became the first major Canadian telecommunications provider to issue a transparency report, revealing aggregate numbers on how many law enforcement requests they receive in a year.

More telecom and Internet service providers are expected to follow suit, as Canadian customers learn more about the scope of government access to their personal data.

 

Categories
Links

Rogers got 175,000 official requests for customer info last year

Rogers got 175,000 official requests for customer info last year:

An informal coalition — including The University of Toronto’s Citizen Lab, academics and civil liberties organizations — said in March that Canadians have only a vague understanding of how, why, and how often companies have disclosed information to government agencies.

This week the coalition received an updated response from Internet provider TekSavvy Solutions — one of Rogers’ smaller competitors — saying it received 52 requests from government authorities in 2012 and 2013. It made 17 disclosures related to criminal investigations and denied the remaining 35.

Christopher Parsons, a postdoctoral fellow with The Citizen Lab, said the Rogers and TekSavvy reports are “positive steps in the right direction.”

He singled out TekSavvy’s response as “the gold standard” for company transparency on handling of subscriber information due to the extensive detail in its report.

“The bar has now been set: transparency reports are expected when doing business in Canada,” Parsons said.

“There’s only a question of how long until other companies adhere to what is becoming an industry best practice in Canada.”

 

Categories
Links

Rogers, TekSavvy first to divulge customer data requests (Subscription)

Rogers, TekSavvy first to divulge customer data requests (Subscription):

As Cartt.ca reported, a coalition of Canadian academics and consumer groups asked the country’s biggest telecommunications service providers in January to reveal the extent to which they pass on their customers’ private information to government agencies when asked. Sixteen different telcos were asked to respond or commit to responding by March 3, 2014.

When contacted by Cartt.ca, Telus said it is preparing a transparency report and plans to issue it this summer. A spokesperson reiterated that the company only provides confidential customer information to third parties pursuant to valid court orders or other applicable law, and that it contests orders if it believes they “overreach”.

Bell responded to Cartt.ca, but did not specify whether it would issue a transparency report. “Bell releases information to law enforcement agencies only when required by law and always in compliance with federal privacy and CRTC regulations”, reads the spokesperson’s emailed response.

Categories
Links

In shadow of NSA revelations, Rogers, TekSavvy open up on government data requests

In shadow of NSA revelations, Rogers, TekSavvy open up on government data requests:

In the wake of blockbuster revelations by former NSA contractor Edward Snowden, Canada’s telecommunications companies are starting to pull back the curtains on their relationships with government authorities around the sharing of customer information.

Rogers Communications Inc. on Thursday released what it called its 2013 Transparency Report, a brief four-page document detailing the number and types of requests the company has received, and the legal framework governing its response.

The Rogers report comes on the heels of similar disclosure from independent communications provider TekSavvy Solutions Inc. Other providers are expected to follow suit later this year.