What may likely be a long, and very interesting, case to follow.
Tag: Privacy
Canada’s New Cyberbullying Law Is All About Surveillance:
The Conservatives promised that transmission data would not include anything relating to the content of what Canadians are doing online. Fraser disagreed. He told the committee that it included everything from a user’s IP address, details on what computers and browsers are being used, the URL of the website, and ultimately, some level of content from what users are browsing.
Then he moved on to immunity—the complete legal protection for any company that voluntarily forks over Canadians’personal information to police, even without a warrant: “This provision, I believe, should be removed. It can’t be fixed, and will only encourage overreaching by law enforcement,” Fraser said.
Chu says that police have the onus to always take the least intrusive route to an investigation. He, however, incorrectly believed that companies would not have immunity if the requesting officer was acting in bad faith, like if a cop called up Bell to request his ex-wife’s call logs. The language in the bill is clear though: if a peace or public officer requests the information, and the company is legally allowed to disclose it, the company “does not incur any criminal or civil liability for doing so.”
The Tories admitted that, yes, companies can volunteer our personal data without a warrant, but, they maintained, those companies already have that ability. C-13, they argued, just codifies and clarifies it in the law.
However, re-wording the provision will make it a whole lot easier.
I think that the author is bullish in thinking that the legislation might be stopped, but then I was equally depressed at the prospect of C-30 being halted.
For Canada’s Spies, Your Data Is Just a Phone Call Away:
“I have recently had to deal with a client who had a request from CSIS for information,” said a Canadian lawyer who asked to remain anonymous. The lawyer and client asked CSIS to put the request in writing so it could properly consider the request. “CSIS said ‘it is against our policy to put those requests in writing.’”
…
Penney says he tried to log onto his client’s account, only to find that the password wasn’t working. He recovered the account to discover someone changed it. Penney brought that fact to the judge and discovered the culprit was an officer in the Saskatchewan Internet Child Exploitation Unit. The officer sent a PIPEDA request to Gigatribe requesting the password.
…
Sean Carter, a Toronto lawyer who has experience with warrantless disclosure, said off-the-books requests are not exactly uncommon. “They hate putting it in writing,” he said. “It’s so hard to follow the trail back to the actual request.” Carter pointed out that if they obtain data from a company, and use that to put together evidence for a production order or warrant, nobody would ever be the wiser that they obtained the data in the first place.
Warrantless access to information isn’t just used to extract data from telcos, but from a litany of other ‘telecommunications service providers.’
Privacy watchdog calls for reforms but ministers stay silent:
The federal privacy watchdog’s concerns appear to be falling on deaf ears in the government, with three cabinet ministers yet to respond to her calls for reform.
(…)
While Clement has agreed to work with the commissioner, it’s not clear if her other recommendations will be entertained by the government. Chris Parsons, a privacy scholar with the Munk School of Global Affairs in Toronto, said the government has little incentive to change the current system or increase oversight.
“As revelations come out, that could be hurtful to government,” Parsons said. “There’s an understandable political value in not (enhancing) these audit powers. You can just imagine the first audit is performed and it reveals very high amounts of personal information being collected from various sources … . It could be politically unhelpful.”
My money is on the government quietly hoping the public and media just forget about this issues through the summer, given that they’ll be breaking from Parliament soon for BBQ season.
Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed:
Some 300,000 systems remain susceptible to catastrophic exploits, one scan shows.
With the media off (most) companies’ backs there’s just no way/reason that these remaining companies are going to patch the heartbleed vulnerability. One can only hope that civil suits are launched against these remaining companies to show via the market that patching is a requirement for contemporary digitally-enabled businesses.
Categories
Is social media info reliable?
Is social media info reliable?:
Christopher Parsons of Citizen Lab says the government’s use of social media to obtain information is filled with pitfalls.
I much preferred this interview over the one with CBC; in particular, the final discussion is helpful: Canadians want a responsible and transparent government, not one that is opaque and operates counter to Canadian values.
U.S. tech firms routinely denying Canada’s requests for personal data:
Transparency reports from Twitter, Facebook, Microsoft, Yahoo! and Google suggest that the U.S. companies are being far more careful with Canadian data than even Canadian telecoms.
…
“The volume of (Canadian) requests, in the absence of the need for judicial warrants or other court oversight, illustrates the routine nature with which government and law enforcement can easily get (Canadian) telecoms to hand over personal information,” said Christopher Parsons, a post-doctoral fellow at the University of Toronto’s Citizen Lab.
The transparency report numbers remain suspicious, and we need to investigate how accurate they actually are in recording Canadian requests for data when our requests are being served by US law enforcement agencies.
Is Canada Stalking Me? A New Software Platform Aims To Find Out:
Do you think CSEC and the Mounties are spying on you? There’s an app on its way to help you find out.
According to Parsons, creating the request platform isn’t the hard part, it’s securing the content from the prying eyes of government or hostile users.
“The hard part is, we could pound this out probably pretty quick, but we want to make sure the way we’re doing it is in the most privacy protective way possible,“ he said. “Canadians don’t want to worry the Citizen Lab or anyone who picks up this tool are in any position to use or know anything about them. We want to do this right.”
It’s important that Canadians are better able to request information about themselves from the companies they engage in commercial relations with. But, as important as facilitating that access is, it needs to be done in the most privacy-protective way possible.
Categories
Data issue took 3 years to surface
Data issue took 3 years to surface:
Documents made public for the first time this week show that government agencies requested customer data 1.2 million times per year from just nine Internet and telephone companies. But those documents are from December 2011. For three years they were not made public by the Office of the Privacy Commissioner of Canada.
“It would have been helpful, it would have advanced the debate several years ago had it come out,” said Christopher Parsons, a PhD candidate at University of Victoria’s political science department.
On his privacy issues blog, Parsons has developed a form to allow Canadians to find out how much of their personal information is stored and shared.
Canada’s privacy laws allow for Canadians to request this information from telecoms, which must respond. The form can be found at christopher-parsons.com.
Though they got my affiliation wrong (I’m currently a Postdoctoral Fellow in the Citizen Lab, Munk School of Global Affairs at the University of Toronto) I still do wish that these numbers had emerged earlier.
My recent interview with Jesse Brown about the disclosure of user data by telecommunications companies to the governments of Canada, why this is occurring, and how Canadians can learn if their telecom companies are sharing personal information with government agencies.
Excited Pixels 