Tag: Telecommunications

Categories
Links

Poor record of fed requests to telecom companies for Canadians’ data

Poor record of fed requests to telecom companies for Canadians’ data:

Many law-enforcement agencies do not track requests for private information, making the system vulnerable to abuse

“Many departments say they don’t have the information and say they don’t keep track of these things,” said NDP MP Charmaine Borg, whose questions led to the release of response documents. “… And if that is the case, that brings up to me a huge problem. How are we supposed to ensure there are no abuses, and that government agencies are making these requests within very extreme circumstances, when they don’t even keep track of when they’re making them?”

Christopher Parsons, a postdoctoral fellow at the Citizen Lab of the University of Toronto’s Munk School of Global Affairs, said non-federal agencies, such as police forces, are also seeking data. “Even if we got good numbers from all the federal government, there is a huge, huge part of the surveillance iceberg that’s yet to be seen,” he said.

It’s important to keep in mind that much of the attention concerning government surveillance has been about how federal agencies access telecommunications data, and how proposed lawful access legislation would extend and expand such access. While this attention is deserved there is an entirely different set of actors that have yet to be examined in any sustained way: provincial agencies and municipal organizations.

Categories
Links

Canadian ISPs Won’t Tell You Much About Your Own Data

Canadian ISPs Won’t Tell You Much About Your Own Data:

Ever wondered how long your telecom provider retains your user data? Or if law enforcement has requested your records?

This “Access My Info” tool was launched in June, and now, responses have started to trickle back in.

“We’re starting to be able to compare and contrast some of the larger company’s responses,” Parsons said.

Using either Parsons’ form letter, or the AMI tool, subscribers can request that their telecom providers clarify the types of data they collect, tell them how long they retain such data, provide copies of relevant records, and whether their information has been disclosed to law enforcement or government agencies. But perhaps unsurprisingly, policies and practices tend to differ from one provider to the next.

“I think that the letters from TekSavvy are comprehensive. They’re not trying to play games,” Parsons said, referring to the responses sent out by one of Canada’s smaller  internet service providers. “They’re actually taking seriously the questions that individuals are making and not trying to blow them off. That stands in variance with, I would say, almost every other member of the industry.”

Parsons said that in other responses, “the detail that is present, or is more often the case, absent, is really quite breathtaking. The only thing I have from Bell is a one page sheet that’s almost worse than useless. It almost doesn’t respond to the customer’s question.”

Parsons told me that discerning how long certain types of data are retained has proven particularly hard, for example.

“Retention schedules matter. How long you store data should not be a top secret corporate secret, because it’s about citizens,” said Parsons. ”Here we’re talking about basic, basic, basic privacy information. How long do you store information about me? None of these companies aside from TekSavvy have tried to comprehensively respond to that question.“

This is a detailed piece by Matt Braga, and one that I’d highly recommend if you’re interested what the Telecom Transparency Project has (and hasn’t) learned about Canadian telecommunications companies’ data retention schedules.

Categories
Links

Telus joins transparency push by sharing demands for customer info

Telus joins transparency push by sharing demands for customer info :

Christopher Parsons, a research fellow with Citizen Lab, which is part of the University of Toronto’s Munk School of Global Affairs, says he commends Telus for following through on a commitment to release a report this summer and for its call for industry standards on such disclosures.

“The trick is, however, that we’re still missing Bell Canada, which is the largest telecommunications provider in the country,” he said. “Clearly, there’s an industry movement in Canada and all across North America toward these transparency reports and Bell Canada needs to be on board.”

Mr. Parsons says any industry standard around reporting should also include disclosure about how long the companies retain customer information.

TELUS is to be congratulated for following through on their promise to release a transparency, report, as well as for committing to publishing future reports. At this point, two of the largest telecom in Canada (Rogers and TELUS) along with a leading independent telecom (TekSavvy) have released transparency reports: where’s Bell and all the smaller companies?

Categories
Aside Links

Rogers sheds new light on what personal data spy agencies can get

Rogers sheds new light on what personal data spy agencies can get:

Comments yield insights into a largely hidden relationship between intelligence agencies and communications corporations Federal spy agencies are, like police, “obviously going to have to get a lot more production orders than they did in the past,” one of Canada’s Big Three communications companies says.

And while Ottawa’s agents had been getting warrantless access to some corporately held records, “we have not opened up our metadata to the government as apparently has happened in the U.S.”

Rogers Communications’ vice-president of regulatory affairs, Ken Engelhart, made these and other remarks about his company’s relationships with federal intelligence-agencies, as he spoke to The Globe’s Christine Dobby about corporate transparency in an interview this week.

Such remarks, not published until now, are important because they yield some insights into a largely hidden relationship between intelligence agencies and communications corporations.

But even as Rogers is now publicizing its bona fides as a telecom company that acts more openly than most, it is privately admitting to customers that it can face federal gag orders.

“We are unable to confirm with a customer when their information has been disclosed to a government institution… where that institution has refused to allow Rogers to disclose that information,” reads one such July 10 letter obtained by The Globe and Mail from privacy researcher Christopher Parsons, of University of Toronto’s Citizen Lab.

That Rogers is, in essence, playing a game of Catch-22 (if we told you we didn’t disclose your information, then others could see if they got a different response and learn we had disclosed their information, therefore we can’t tell anyone if we disclosed their information) is absurd. As is their refusal to provide basic records to their subscribers.

Categories
Links

Telecoms move in right direction on privacy: Editorial

Telecoms move in right direction on privacy: 

Telus and Rogers won rare pats on the back for their decision to stop routinely handing out basic customer information to police and security agencies without seeing a warrant first.

It’s important to note that, while warrants will be required for police, they won’t necessarily be required for any agencies that already enjoy statutory authority to request information from telecommunications companies. So security agencies will continue to access data, often without warrant, despite what the Star has written.

Categories
Links

Rogers to require warrants for police requests

Rogers to require warrants for police requests:

In the wake of a landmark court ruling last month that upheld Canadians’ right to online privacy, telecommunications companies are tightening their policies on when they will share customer information with police and government authorities.

The move by one of Canada’s biggest cellphone, Internet and home-phone companies comes as the federal government works to pass legislation that academics and privacy advocates warn will erode protections around Canadians’ personal information. The Conservatives’ anti-cyberbullying bill is still before the House of Commons, but if passed in its current form, Bill C–13 would give legal immunity to telecommunications companies that voluntarily hand subscriber information to police and other public officials.

However, if telecom providers refuse to voluntarily disclose information without a warrant or court order, that could weaken the effect of the legislation, said Christopher Parsons, a research fellow with Citizen Lab, part of the University of Toronto’s Munk School of Global Affairs.

“Rogers’s decision shows even though that liability shield is being offered, some telecoms may decline to take advantage of it,” he said Wednesday. “Rogers is not the entire industry, of course. But if we see [others] start to take a similar position, maybe that would defray the impact of C–13, although it wouldn’t mean that C–13 was a better law.”

The Citizen Lab’s Mr. Parsons said Rogers’s policy shift is a positive step. “This is just making it really clear to their subscribers that no matter what interpretation [of the ruling] the authorities take, Rogers’s interpretation is going to be: You need to come with a warrant.”

Rogers, TELUS, and TekSavvy have all now changed their policies: no court order, no data. It’s good to see these companies taking seriously their duties to protect subscriber data from government overreach. Now, if only they can improve on how they respond to subscribers’ requests for their personal information…

Categories
Aside Links

Emergency surveillance bill clears Commons

Emergency surveillance bill clears Commons:

Data retention and investigatory powers bill is agreed after angry exchanges alleging an abuse of parliament

This ‘emergency’ follows the European Court of of Justice finding that mass data retention laws in Europe are illegal. In response, the UK government is passing a localized data retention and surveillance bill.

Significantly, the government has stated that:

The government has insisted the ruling throws into doubt existing regulations, meaning communications companies could begin deleting vital data. Ministers claim the bill only reinforces the status quo and does not create new powers.

At issue is that the existing status quo has been deemed illegal. And yet, in response, Parliament has decided to pass more – still illegal – legislation. And so civil liberties groups will bring this into court, spend years fighting, only to have the legislation overturned. And after which, government will likely pass similar, still illegal, legislation. And the wheel of politics will turn on and on and on…

Categories
Links

This App Helps Reveal What Personal Data Is Stored by Canadian ISPs

This App Helps Reveal What Personal Data Is Stored by Canadian ISPs:

To find out what people could expect to learn by using the Access My Info tool, I spoke to one of the main people behind it: Chris Parsons, a post-doctoral Fellow at the University of Toronto’s Citizen Lab.

“The privacy tool should let individuals know what information is being collected, and what’s being stored,” he said. “Additionally, telecoms’ responses should be informative if somebody wants to ask ‘have you exposed my information to government or another entity.”

Parsons and the team plan to crowdsource the replies that telecoms provide to users to gain a much better understanding of just what’s being held onto by service providers. Presently, it’s not exactly clear if ISPs track the sites we visit, or how long our mobile phone texts are stored.

Will the tool let users know if their data has been handed over to the police without a warrant? “Maybe,” said Parsons. “Companies would have to ask police before letting us know, so as not to jeopardize any ongoing investigations.” The same goes for finding out which agencies have had access to our information.

In any case, Parsons said, finding out what information could potentially be shared with authorities is the first giant step towards an informed discussion about privacy in Canada.

“This is our information, and we have a right to understand how it’s being managed. It’s not clear from the companies how they’re doing it. They don’t tell us,” he told me.

Parsons made it clear that the way the Access My Info tool works is very simple. It’s really just using existing legal powers available to citizens and bringing them into the digital world. The Citizen Lab had already released a template letter for doing the same thing, but the tool makes it even easier auto-fill request forms.

Moreover, Access My Info is based on an open platform. As a result, it can be reconfigured to send the same kinds of legal requests for information to all kinds of companies: credit card companies, banks, stores, or even car companies.

Parsons pointed to the example of OnStar, General Motors’ in-car service. Because it tracks the car’s location and other data, OnStar has proved a valuable resource for law enforcement. Thanks to this new tool, Canadians could soon be petitioning GM to find out how long their location data is stored.

 

Categories
Links

The new way Canadians can discover the data ISPs are collecting

The new way Canadians can discover the data ISPs are collecting:

Canadians concerned about their online privacy have a new way to find out whether their telecom provider is collecting information about them – and sharing it with third parties like government entities.

“What we’re trying to do as researchers is identify what kind of data telecommunications companies in Canada collect, obtain, and process, and disclose to third parties,” said Dr. Christopher Parsons, a fellow at the Munk School of Global Affairs’ Citizen Lab.

The Supreme Court of Canada ruled last Friday that police need a search warrant to get information from Internet service providers about their subscribers’ identities during investigations.

Privacy experts believe the ruling will force Internet service providers to change their practices on voluntary warrantless disclosure.

“The government will no longer be able to use the voluntary disclosure regime,” Parsons said.

“I think it’s a real demonstration that the need to keep people safe in Canada doesn’t mean we need to set aside their privacy rights.”

For now, though, Parsons is hoping Canadians use the tool to help gain a better understanding of the scale of information collected about them. He said it will also demonstrate which third parties are potentially accessing telecom companies’ data stores.

Potential third parties range from law enforcement like the RCMP, provincial, and municipal police, to government agencies like CSIS, CSEC and the CRA, Parsons said.

Check out and use the Access My Info tool to learn what information your telecom provider collects, retains, processes, and discloses about you.

Categories
Aside Links

Google to deploy 180 low-orbit satellites that provide Internet access

Google to deploy 180 low-orbit satellites that provide Internet access:

Billion-dollar project will complement Google’s balloons and drones.

It would be particularly interesting to see if Google tried to marry its satellites with its Loom project, to the effect of not having to integrate Loom balloon networks with known censorious ISPs in various countries around the world. If Google could  overcome technical and regulatory hurdles it could, by routing through space, try to proxy data access via ‘open’ Internet nations. Of course, this would mean that Google would become the ‘real’ pipe to the Internet itself…