Tag: Privacy

Categories
Links

Press Release: CCLA Challenges Constitutionality Of Privacy Legislation « Canadian Civil Liberties Association

Toronto –  The Canadian Civil Liberties Association (CCLA) has launched a constitutional challenge to parts of the federal privacy legislation that effectively permits private companies to engage in warrantless disclosure of personal information to government. The challenge is part of CCLA’s ongoing work in the areas of privacy, national security, and accountability in law enforcement, and comes in the wake of recent revelations that telecommunications service providers provide government agencies with customer information on a massive scale.  CCLA’s General Counsel, Sukanya Pillay, described the court challenge as “a way to protect the privacy rights of Canadians and ensure accountability across the board.”

CCLA is challenging parts of the Personal Information Protection and Electronic Documents Act (PIPEDA) that allow private corporations to disclose their users’ personal information to a government institution (including law enforcement agencies) for a number of reasons including national security and the enforcement of any law of Canada, any province or a foreign jurisdiction.  While law enforcement may have a need to access some personal information in a narrow set of circumstances, the current law is too broad and should be struck out.  The consequences of government accessing and sharing personal information without an individual’s knowledge or consent, can be very serious and violate fundamental constitutional rights.  The fact that information is being obtained from the private sector further complicates things.  As CCLA’s General Counsel stated:  “Non-state actors are playing an increasingly large role in providing law enforcement and government agencies with information they request.  The current scheme is completely lacking in transparency and is inadequate in terms of accountability mechanisms.”

CCLA’s legal challenge asks that provisions of PIPEDA be struck as an unconstitutional violation of the right to life, liberty and security of the person and the right to be free from unreasonable search and seizure.  CCLA brings this challenge to create the impetus for change necessary to effectively protect the privacy rights of individuals.

Click here to read CCLA’s Notice of Application.

Press Release: CCLA Challenges Constitutionality Of Privacy Legislation « Canadian Civil Liberties Association

Categories
Aside Links

CCLA Challenges Federal Privacy Legislation

What may likely be a long, and very interesting, case to follow.

Categories
Links

Canada’s New Cyberbullying Law Is All About Surveillance

Canada’s New Cyberbullying Law Is All About Surveillance:

The Conservatives promised that transmission data would not include anything relating to the content of what Canadians are doing online. Fraser disagreed. He told the committee that it included everything from a user’s IP address, details on what computers and browsers are being used, the URL of the website, and ultimately, some level of content from what users are browsing.

Then he moved on to immunity—the complete legal protection for any company that voluntarily forks over Canadians’personal information to police, even without a warrant: “This provision, I believe, should be removed. It can’t be fixed, and will only encourage overreaching by law enforcement,” Fraser said.

Chu says that police have the onus to always take the least intrusive route to an investigation. He, however, incorrectly believed that companies would not have immunity if the requesting officer was acting in bad faith, like if a cop called up Bell to request his ex-wife’s call logs. The language in the bill is clear though: if a peace or public officer requests the information, and the company is legally allowed to disclose it, the company “does not incur any criminal or civil liability for doing so.”

The Tories admitted that, yes, companies can volunteer our personal data without a warrant, but, they maintained, those companies already have that ability. C-13, they argued, just codifies and clarifies it in the law.

However, re-wording the provision will make it a whole lot easier.

I think that the author is bullish in thinking that the legislation might be stopped, but then I was equally depressed at the prospect of C-30 being halted.

Categories
Links

For Canada’s Spies, Your Data Is Just a Phone Call Away

For Canada’s Spies, Your Data Is Just a Phone Call Away:

“I have recently had to deal with a client who had a request from CSIS for information,” said a Canadian lawyer who asked to remain anonymous. The lawyer and client asked CSIS to put the request in writing so it could properly consider the request. “CSIS said ‘it is against our policy to put those requests in writing.’”

Penney says he tried to log onto his client’s account, only to find that the password wasn’t working. He recovered the account to discover someone changed it. Penney brought that fact to the judge and discovered the culprit was an officer in the Saskatchewan Internet Child Exploitation Unit. The officer sent a PIPEDA request to Gigatribe requesting the password.

Sean Carter, a Toronto lawyer who has experience with warrantless disclosure, said off-the-books requests are not exactly uncommon. “They hate putting it in writing,” he said. “It’s so hard to follow the trail back to the actual request.” Carter pointed out that if they obtain data from a company, and use that to put together evidence for a production order or warrant, nobody would ever be the wiser that they obtained the data in the first place.

Warrantless access to information isn’t just used to extract data from telcos, but from a litany of other ‘telecommunications service providers.’

Categories
Links Quotations

Privacy watchdog calls for reforms but ministers stay silent

Privacy watchdog calls for reforms but ministers stay silent:

The federal privacy watchdog’s concerns appear to be falling on deaf ears in the government, with three cabinet ministers yet to respond to her calls for reform.

(…)

While Clement has agreed to work with the commissioner, it’s not clear if her other recommendations will be entertained by the government. Chris Parsons, a privacy scholar with the Munk School of Global Affairs in Toronto, said the government has little incentive to change the current system or increase oversight.

“As revelations come out, that could be hurtful to government,” Parsons said. “There’s an understandable political value in not (enhancing) these audit powers. You can just imagine the first audit is performed and it reveals very high amounts of personal information being collected from various sources … . It could be politically unhelpful.”

My money is on the government quietly hoping the public and media just forget about this issues through the summer, given that they’ll be breaking from Parliament soon for BBQ season.

Categories
Aside Links

Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed

Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed:

Some 300,000 systems remain susceptible to catastrophic exploits, one scan shows.

With the media off (most) companies’ backs there’s just no way/reason that these remaining companies are going to patch the heartbleed vulnerability. One can only hope that civil suits are launched against these remaining companies to show via the market that patching is a requirement for contemporary digitally-enabled businesses.

Categories
Links

Is social media info reliable?

Is social media info reliable?:

Christopher Parsons of Citizen Lab says the government’s use of social media to obtain information is filled with pitfalls.

I much preferred this interview over the one with CBC; in particular, the final discussion is helpful: Canadians want a responsible and transparent government, not one that is opaque and operates counter to Canadian values.

Categories
Links

U.S. tech firms routinely denying Canada’s requests for personal data

U.S. tech firms routinely denying Canada’s requests for personal data:

Transparency reports from Twitter, Facebook, Microsoft, Yahoo! and Google suggest that the U.S. companies are being far more careful with Canadian data than even Canadian telecoms.

“The volume of (Canadian) requests, in the absence of the need for judicial warrants or other court oversight, illustrates the routine nature with which government and law enforcement can easily get (Canadian) telecoms to hand over personal information,” said Christopher Parsons, a post-doctoral fellow at the University of Toronto’s Citizen Lab.

The transparency report numbers remain suspicious, and we need to investigate how accurate they actually are in recording Canadian requests for data when our requests are being served by US law enforcement agencies.

Categories
Links

Is Canada Stalking Me? A New Software Platform Aims To Find Out

Is Canada Stalking Me? A New Software Platform Aims To Find Out:

Do you think CSEC and the Mounties are spying on you? There’s an app on its way to help you find out.

According to Parsons, creating the request platform isn’t the hard part, it’s securing the content from the prying eyes of government or hostile users.

“The hard part is, we could pound this out probably pretty quick, but we want to make sure the way we’re doing it is in the most privacy protective way possible,“ he said. “Canadians don’t want to worry the Citizen Lab or anyone who picks up this tool are in any position to use or know anything about them. We want to do this right.”

It’s important that Canadians are better able to request information about themselves from the companies they engage in commercial relations with. But, as important as facilitating that access is, it needs to be done in the most privacy-protective way possible.

Categories
Links

Data issue took 3 years to surface

Data issue took 3 years to surface:

Documents made public for the first time this week show that government agencies requested customer data 1.2 million times per year from just nine Internet and telephone companies. But those documents are from December 2011. For three years they were not made public by the Office of the Privacy Commissioner of Canada.

“It would have been helpful, it would have advanced the debate several years ago had it come out,” said Christopher Parsons, a PhD candidate at University of Victoria’s political science department.

On his privacy issues blog, Parsons has developed a form to allow Canadians to find out how much of their personal information is stored and shared.

Canada’s privacy laws allow for Canadians to request this information from telecoms, which must respond. The form can be found at christopher-parsons.com.

Though they got my affiliation wrong (I’m currently a Postdoctoral Fellow in the Citizen Lab, Munk School of Global Affairs at the University of Toronto) I still do wish that these numbers had emerged earlier.