#CyberFLASH: Amendments To US Criminal Procedure May Threaten The Privacy Of Canadians

computer-gimbal

The explosion of modern communications technology is increasingly connecting Canadians to the world abroad. Geographical boundaries and distances are no longer as significant as they once were. Today, our phones, the device most of us carry in our pockets, enables us to access our private and confidential information from anywhere in the world, at any time. This same digital interconnectedness, however, makes our information vulnerable to hackers and other criminal enterprises. Indeed, for all its miraculous connectivity and convenience, this brave new world presents unprecedented challenges.

Like never before, lawmakers are having to grapple with the tension between safeguarding our privacy on the one hand, and maintaining our security on the other. Canadians entrust lawmakers, as part of our democratic society, to seek a delicate balance – allowing law enforcement to do its job while preventing undue intrusion into our private affairs. Crucially, if we disagree with their approach, we are free to voice our objections at the ballot box.

Canadian law, however, applies only within Canadian borders. And as cybersecurity becomes more of concern, hackers may not be the only parties interested in Canadians’ private information. If foreign governments enact laws effectively granting their agents access to this information, even in limited circumstances, Canadians have little say in the matter.

Read more here

#CyberFLASH: Security agencies must obey letter of law, Trudeau says amid surveillance fears

hacker-stolen-passwords

OTTAWA — Justin Trudeau says his government will ensure security and spy agencies follow the “letter and spirit” of the law, amid mounting concerns they have trampled the privacy of journalists and other Canadians.

In a roundtable interview this week with The Canadian Press, the prime minister stressed that national security agencies must protect Canadians but also safeguard the laws and values the public cherishes.

Trudeau’s words come as the Liberal government wraps up a national consultation on federal security policy and they follow two recent episodes that heightened public concern about unwarranted surveillance.

It emerged last month that the Montreal and Quebec provincial police forces had been tracking the communications of several journalists. Only days later, a Federal Court judge found the Canadian Security Intelligence Service had broken the law by keeping and analyzing information about the communications of innocent people — potentially revealing data that was collected during investigations into actual suspects.

There are also nagging questions about whether CSIS has used its considerable powers to monitor media members.

In the interview, Trudeau said the Liberals would “make sure that our security agencies and intelligence agencies obey the letter and the spirit of the laws that frame them.”

Read more here

#CyberFLASH: Canada’s ICT industry says no to more police powers to access subscriber data

computer-gimbalThe information and telecommunications industry has lined up almost solidly against suggestions police should have access without a warrant to basic subscriber information they hold.

That’s the take-away from a number of industry association and service provider briefs filed last week as submissions closed for Public Safety Canada’s search for citizen and private sector opinions for a new national security framework.

Public Safety Canada issued a green paper for discussion last September calling for opinions on potentially changing federal laws and policies on several issues including loosening police and intelligence agency access to basic subscriber information, forcing communications service providers to hold for a set period of time to subscribers’ metadata, forcing for all communications service providers to buy communications interception equipment police can use, and making developers of encryption solutions to build in backdoors so law enforcement can unscramble protected documents.

In a word, the answer to all from the industry was “no.”

On warrantless access to basic subscriber information

–Information and telecommunications Association of Canada (ITAC), which lobbies for most of the country’s ITC firms including Bell Canada, Rogers Communications, Telus, IBM, HP-Enterprise and others, said in its submission that improving and standardizing paperwork would speed up police access. It also called for “clear rules designed to avoid police “fishing expeditions” that could contravene judicial requirements and privacy laws.”

Read more here

#CyberFLASH: One quarter of Canadian online traffic vulnerable to NSA sweeps: researchers

leaked_data_focus_455234A large amount of Canadian internet traffic is being routed through the United States, leaving it vulnerable to collection and probing by the National Security Agency.

And most Canadians have no idea of how exposed they are to American data sweeps, say the researchers behind a new tool that aims to show Canadians what path their internet traffic takes to connect to the websites they want to visit.

In a new online project launched Thursday, researchers from the University of Toronto and York University have partnered with Open Media to create a tool to show the paths Canadians’ internet data take when they access websites or send online communications.

While past estimates have suggested roughly 90 per cent of Canadian internet traffic is routed through the United States — particularly in cases where a Canadian visits an American or foreign website — the new data gathered so far by the researchers build on that and suggest that even when both the origin and destination of the traffic are in Canada, there’s still a one-in-four chance it goes through the U.S.

“I think most Canadians would be really surprised to learn that quite so much of our internet traffic, even our domestic Canada-to-Canada traffic, actually ends up being routed through the U.S.,” said David Christopher, spokesperson for Open Media.

“Canada’s lack in sufficient internet exchange points within our borders is really a big reason why so much of our traffic does travel through the U.S. I think nowadays a lot of people think of the internet as almost like a cloud and I think a lot of people don’t put a lot of thought into what happens when we visit a website on the other side of the country.”

Read more here

#CyberFLASH: Security vs. privacy: Technology changes, rights don’t

cpt107-securityprivacy201The stakes are considerable, which is why the folks who run the national security apparatus have quietly and not-so-quietly been laying down markers as Ottawa reviews their powers. The argument goes they need more tools, and more leeway, to do their important work.

Maybe. Maybe not.

Canada’s federal Privacy Commissioner Daniel Therrien and his provincial and territorial counterparts are sounding a much-needed note of caution in a joint brief submitted as part of the ongoing security review.

“It is important that we not forget the lessons of history. One of these lessons is that once conferred, new state powers are rarely relinquished,” the document reads.

That’s true, as is the fact the expansion of state powers of surveillance over the past 15 years has resulted in “too many cases of inappropriate and sometimes illegal conduct by state officials,” including violations of privacy and other civil rights.

If Bill C-51, the former Conservative government’s anti-terrorism legislation, was an overreach, the attempt to fix it ought not to make things worse.

Mr. Therrien and his colleagues rightly raise the alarm over Ottawa’s apparent willingness to widen, rather than restrict, things like the collection of metadata. They argue that authorizations to gather metadata ought to meet elevated standards and require judicial, not merely administrative, sign-off. They’re right.

The privacy commissioners’ submission also points out that increased monitoring of online activities has a “potential chilling effect” that could defeat the purpose of having more powerful snooping tools; when people think they’re being watched, they go further underground. We could end up diminishing the freedom of many, without increasing security against the violent few. It’s an important consideration in online anti-radicalization efforts.

Read more here

#CyberFLASH: Privacy watchdog to look at electoral reform survey amid privacy concerns

daniel-therrien-privacy-commissioner-20140603

Canada’s privacy watchdog intends to look into the Trudeau government’s new online survey on electoral reform after concerns have been raised about invasion of privacy.

Canadians must be willing to disclose detailed personal information if they want their views on electoral reform to be included in the results of the online questionnaire.

The MyDemocracy.ca survey does not ask respondents to reveal their names but it does ask them to disclose gender, age, highest level of education attained, occupational work area, combined household income, first language learned, level of interest in politics and current events and whether they identify as a member of a specific minority group.

Respondents are also asked to provide their postal codes so that their region of residence can be determined — a request that’s particularly raising eyebrows.

In many instances, supplying a postal code would be enough to identify the individual, according to Ottawa University technology law expert Michael Geist, the Canada Research Chair in Internet and E-commerce law.

A spokeswoman for privacy commissioner Daniel Therrien said Tuesday that his office can’t comment because it hasn’t yet looked into the survey in detail.

Read more here

#CyberFLASH: Balancing police, power and privacy

hacker-stolen-passwords

Canadians support more investigative powers for police — with a catch, Nov. 17

Your story declares that Canadians support police demands for more surveillance, even though data from the survey indicates only 34 per cent are confident that new powers will be used “reasonably and according to the law.” Presumably that is why, in every case, the survey found that people want use of these powers to require a warrant from a judge.

Yet while it mentions reports of police spying on journalists and lawbreaking by CSIS, both your story and the survey neglect to mention that warrants were granted inappropriately in the first case, and that CSIS lied to the courts about their actions in the second.

The survey also suggests Canadians support data retention by telecom providers if authorities have a warrant to access the data. However, it wasn’t asked whether they should be able to retain that data before a warrant is granted or only afterwards. Your story assumes, without any justification, that Canadians support retention of data about a person before a warrant is granted.

The report also states that 74 per cent of Canadians have never encrypted their communications, without pointing out that we do so every time we use online banking, or visit an increasing number of websites — including the Star’s! Worst of all, it leaves out that Canadians have a right not to incriminate themselves under the Charter, protecting them against giving their passwords or encryption keys in an investigation.

Finally, the survey suggests 47 per cent of Canadians think there is a right to “complete digital privacy,” while only 23 per cent think it is currently possible to have that privacy.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.