Canada cops’ online spy power
p2pnet news view | P2P | Politics:- Canada has just come closer to becoming a police state.
The Harper government has, “taken another shot at lawful access legislation today, introducing a legislative package called the Investigative Powers for the 21st Century (IP21C) Act that would require mandated surveillance capabilities at Canadian ISPs, force ISPs to disclose subscriber information such as name and address, and grant the police broad new powers to obtain transmission data and force ISPs to preserve data,” blogs Michael Geist, going on »»»
Although I can only go on government releases (here, here), the approach appears to be very similar to the Liberal lawful access bill of 2005 that died on the order paper (my comments on that bill here). It is pretty much exactly what law enforcement has been demanding and privacy groups have been fearing. It represents a reneging of a commitment from the previous Public Safety Minister on court oversight and will embed broad new surveillance capabilities in the Canadian Internet.
The lawful access proposal is generally divided among two sets of issues – ISP requirements and new police powers.
1. ISP requirements
There are two key components here. First, ISPs will be required to install surveillance capabilities in their networks. This feels a bit like a surveillance stimulus package, with ISPs making big new investments and the government cost-sharing by compensating for changes to existing networks. The bill again exempts smaller ISPs for three years from these requirements. While that is understandable from a cost perspective, it undermines the claims that this is an effective solution to online crime since it will result in Canadians at big ISPs facing surveillance while would-be criminals seek out smaller ISPs without surveillance capabilities.
Second, the bill requires all ISPs to surrender customer name, address, IP address, and email address information upon request without court oversight. In taking this approach, Public Safety Minister Peter Van Loan has reneged on the promise of his predecessor and cabinet colleague Stockwell Day, who pledged not to introduce mandated subscriber data disclosure without court oversight.
2. New Police Powers
There are several new police powers that come with the lawful access approach. First, police will be able to obtain transmission data about Internet-based messaging. The government says this does not cover the content of a private communication, but it will cover information about what a person is doing online (what sites they visit, who they communicate with, etc.). This will be subject to a judicial order that will allow for obtaining real time data (a warrant) or historical data (a production order).
Second, police can obtain a preservation order that would require ISPs to preserve (ie. not delete) data related to a particular subscriber or even a specific communication. Third, there is an expansion of the police power to obtain a tracking warrant, by allowing police to “remotely activate existing tracking devices that are found in certain types of technologies such as cell phones.” Fourth, the law expands the computer virus provision in the Criminal Code and opens the door to greater international cooperation of cybercrime enforcement.
As for what is not in the lawful access package, there is nothing on data retention, a controversial issue in Europe. It is also not clear what reporting requirements the Government envisions to ensure that there is transparency in the process.
I’ll have more to say in the days ahead, but it should be stated that everyone wants to ensure that police have the ability to deal with serious crime. Lawful access has been on the public agenda for years, with law enforcement has demanded new powers but not providing compelling evidence that the current system has created serious barriers to their investigations. For example, last year CIRA caved to law enforcement pressure for a backdoor to WHOIS domain name registrant information.
“More than a year later, law enforcement has never once used this backdoor,” says Geist, adding:
“Given the potential for misuse (Greece, U.S. telcos), the onus should be on law enforcement to demonstrate how the current system has harmed investigations and then we should work on ensuring that there is always – including for customer name and address information – appropriate court oversight.”
Michael Geist – Government Introduces Bill To Require Surveillance Capabilities, Mandated Subscriber Disclosure, June 18, 2009
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
June 18th, 2009 at 2:48 pm
Why not just let google do it all for them?
google could provide a 360 degree view of the targets home, wiretap them on all communications, force install call-home spyware, and notify police if someone doesn’t conform to the norm.
Make it mandatory. No opt-in required.
Those tinfoil hat people who want an opt-out will have their file with all communications passed onto the cops.
Google is in the best position to supply this service.
It will be good for the economy and stimulate business and tourism.
June 18th, 2009 at 3:24 pm
This violates our privacy rights and also kills the “Innocent until proven guilty” belief.
Just more proof that Harper and his government bends over for big corps and has absolutely no care for Canada at all.
I hope the other parties use this against Harper and the conservatives in the next election.
Canada is not and will not be a Police State even if Harper thinks he is god.
June 18th, 2009 at 3:30 pm
Harper and Ignatieff will both vote yes on this. In the last 2-3 years Canada has been getting worse and worse. These fossils need to die off the revolution is almost here and we’re not ready.
June 18th, 2009 at 4:26 pm
Those extreme left wing reporters over at the CBC will be our first target, as well as the “sources” they get their info from.
Next time we get nailed for killing someone by tazer, we will know the lawyers attack plan in advance.
I would like to thank the honourable Harper and the honourable Iggy.
June 18th, 2009 at 6:52 pm
These comments are right on.
Police have not demonstrated they need these “powers”. Second a judge would be in the best position to determine if a warrant for particular sensitive data is necessary not the corrupt police (who will go to whatever lengths they can to prove their bullshit most the time).
June 18th, 2009 at 6:58 pm
to add to my above comment
Cue the function creep. I give it less than year after this is passed before someone innocent is spied on harassed later about it court and then found not guilty based on the fact the law would be unconstitutional.
June 18th, 2009 at 7:04 pm
It’s always Kiddie Porn. Watching Global’s 6 o’clock news there’s always an alliance guy in a suit going on about Kiddie Porn as the reason for invasion of privacy.
What is so fucking hard about have a non-paid-off judge evaluate the evidence before the police can invade privacy? Thousands of cases that can’t be investigated because of privacy? So you’re telling me that because they can see the site and it clearly has child porn or they know the news groups are posting child porn and a judge is not immediately granting a warrant?
I smell BULLSHIT! If there was a real reason for extended access, why not have a process with a judge or panel that evaluates the information? Why not have an INDEPENDENT (aka NO EX COPS OR POLITICIANS) committee full of privacy advocates overseeing every access extension?
Because the police know they can’t trust themselves and they know there will be violations and they know there’s no accountability, but hey, it’s in the name of kiddie porn so let’s strip away more privacy rights so cops (who themselves are often guilty of child porn) can go without accountability through personal lives of people. No, they’d NEVER abuse those powers, never. Riiiight!
Prove you need it and give cases where you actually have evidence and you can’t get a warrant fast enough. Real proof!
June 18th, 2009 at 10:02 pm
I smell shit heading for the fan. Their reason for putting this is no Child Porn, it’s attempting to cap on freedom and speech! They can get ANYONE with this! They can get people who know a bit too much, they can get p2p users, they can get anybody with an internet connection, AND THAT MEANS ALMOST EVERYBODY!
This is a complete invasion of privacy and this is illegal!
June 19th, 2009 at 12:52 am
In one of the p2pnet world headlines is a link to a story released the past week about how MS developed a new program to capture “child porn people”.
It was released and in trial only in Canada and Australia.
Now, since this is installed on ISP’s and on trial and works why is this new law needed for kiddie porn?
Keep in mind all the last major kiddie porn busts across Canada, US germany were all done with the older MS version of this software.
It was written on CBC and reported P2Pnet. Also I saw them state it on the CBC (TV) when the RCMP had a news conference about it. A reporter asked about the MS software used to capture these people across Canada (most were in Ontario) and they declined to discuss it.
It was a huge bust. Anyone recall it?
So again, this child porn thing is bull.
June 19th, 2009 at 1:12 am
There may be one problem installing this law.
They’re proposing that the PROVIDERS track and keep our information (for the police to access).
Most Canadian ISPs are also providers of other services as well as content.
Canadians are already at odds with the ISPs for the previous attempt to install DPI.
The issue of DPI use itself has yet to be completely hashed out, and there were some serious concerns expressed by the Canadian Government about the possible anticompetitive scenarios such a thing could open up.
The same roadblock would have to come into it again when proposing that providers track EVEN MORE DATA for the police.
We didn’t want providers tracking us before, when the data was supposedly intended for targetted marketing.
We don’t want them tracking us now, for all the same reasons as before.
So, when the providers themselves wanted our info, that was a hard sell.
But now, all of a sudden, the same government (that didn’t buy into it before) not only wants the providers to do it, but to do it in a much BIGGER WAY!
We may have to insist, en masse, that all internet providers participating in this masterpiece of BS not be allowed to also be providers of anything else, as there’s way too much incentive for a provider to abuse the position they would then be in.
(Fuck! This is nuts!!)