#CyberFLASH: Canada’s ICT industry says no to more police powers to access subscriber data

computer-gimbalThe information and telecommunications industry has lined up almost solidly against suggestions police should have access without a warrant to basic subscriber information they hold.

That’s the take-away from a number of industry association and service provider briefs filed last week as submissions closed for Public Safety Canada’s search for citizen and private sector opinions for a new national security framework.

Public Safety Canada issued a green paper for discussion last September calling for opinions on potentially changing federal laws and policies on several issues including loosening police and intelligence agency access to basic subscriber information, forcing communications service providers to hold for a set period of time to subscribers’ metadata, forcing for all communications service providers to buy communications interception equipment police can use, and making developers of encryption solutions to build in backdoors so law enforcement can unscramble protected documents.

In a word, the answer to all from the industry was “no.”

On warrantless access to basic subscriber information

–Information and telecommunications Association of Canada (ITAC), which lobbies for most of the country’s ITC firms including Bell Canada, Rogers Communications, Telus, IBM, HP-Enterprise and others, said in its submission that improving and standardizing paperwork would speed up police access. It also called for “clear rules designed to avoid police “fishing expeditions” that could contravene judicial requirements and privacy laws.”

Read more here

#CyberFLASH: Privacy watchdog to look at electoral reform survey amid privacy concerns

daniel-therrien-privacy-commissioner-20140603

Canada’s privacy watchdog intends to look into the Trudeau government’s new online survey on electoral reform after concerns have been raised about invasion of privacy.

Canadians must be willing to disclose detailed personal information if they want their views on electoral reform to be included in the results of the online questionnaire.

The MyDemocracy.ca survey does not ask respondents to reveal their names but it does ask them to disclose gender, age, highest level of education attained, occupational work area, combined household income, first language learned, level of interest in politics and current events and whether they identify as a member of a specific minority group.

Respondents are also asked to provide their postal codes so that their region of residence can be determined — a request that’s particularly raising eyebrows.

In many instances, supplying a postal code would be enough to identify the individual, according to Ottawa University technology law expert Michael Geist, the Canada Research Chair in Internet and E-commerce law.

A spokeswoman for privacy commissioner Daniel Therrien said Tuesday that his office can’t comment because it hasn’t yet looked into the survey in detail.

Read more here

#CyberFLASH: Balancing police, power and privacy

hacker-stolen-passwords

Canadians support more investigative powers for police — with a catch, Nov. 17

Your story declares that Canadians support police demands for more surveillance, even though data from the survey indicates only 34 per cent are confident that new powers will be used “reasonably and according to the law.” Presumably that is why, in every case, the survey found that people want use of these powers to require a warrant from a judge.

Yet while it mentions reports of police spying on journalists and lawbreaking by CSIS, both your story and the survey neglect to mention that warrants were granted inappropriately in the first case, and that CSIS lied to the courts about their actions in the second.

The survey also suggests Canadians support data retention by telecom providers if authorities have a warrant to access the data. However, it wasn’t asked whether they should be able to retain that data before a warrant is granted or only afterwards. Your story assumes, without any justification, that Canadians support retention of data about a person before a warrant is granted.

The report also states that 74 per cent of Canadians have never encrypted their communications, without pointing out that we do so every time we use online banking, or visit an increasing number of websites — including the Star’s! Worst of all, it leaves out that Canadians have a right not to incriminate themselves under the Charter, protecting them against giving their passwords or encryption keys in an investigation.

Finally, the survey suggests 47 per cent of Canadians think there is a right to “complete digital privacy,” while only 23 per cent think it is currently possible to have that privacy.

Read more here

#CyberFLASH: Your cellphone password could hold the key in legal battle over collecting evidence

adam2-jpg-size-custom-crop-1086x724

Here’s the scenario: Police believe there is evidence on your cellphone or computer that could assist them in a criminal investigation.

They ask that you provide your password or encryption key so they can search for clues.

Currently, there is no law compelling you to comply with that request.

But police in Canada, frustrated by evidence trails that lead to digital dead ends, are calling for a law that would make it a criminal offence to say no to a police officer carrying a judicial warrant.

It’s an idea designed to accomplish through a legal order what police are increasingly unable to accomplish technologically — getting inside digital devices containing what they believe is crucial evidence in criminal investigations.

“It’s a very radical proposal in Canadian law,” said Micheal Vonn, executive director of the B.C. Civil Liberties Association. “It changes the basic nature of how we go about achieving the ends of criminal investigation, by compelling the person who is under investigation to participate in the investigation.”

Many privacy advocates — and even some in law enforcement — call the idea an abuse of both privacy protections and the rights of Canadians against self-incrimination.

Read more here

#CyberFLASH: Canadians not terribly savvy about digital privacy, poll finds

pope-vatican

We all delete our internet browser history from time to time, and most of us have, at some point, removed something we’ve posted online.

But encryption? Virtual private networks? Not so much.

A poll conducted by CBC News and the Toronto Star this month found that hardly anyone in Canada said they use more advanced personal security tools.

This means that when it comes to digital security and privacy, Canadians really aren’t too savvy.

“There are so many unauthorized uses of people’s data and data breaches and hacking — it’s just grown exponentially,” said Ann Cavoukian, the former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University.

Read more here

#CyberFLASH: Canadians want judicial oversight of any new digital snooping powers for police

computer-passwords

Most Canadians feel strongly about their right to privacy online, but a new poll shows the vast majority are willing to grant police new powers to track suspects in the digital realm — so long as the courts oversee the cops.

Nearly half of the respondents to an Abacus Data survey of 2,500 Canadians agreed that citizens should have a right to complete digital privacy. But many appeared to change their mind when asked if an individual suspected of committing a serious crime should have the same right to keep their identity hidden from police.

The vast majority of Canadians … are willing to accept certain conditions … if it means that public safety is put first and their own families or personal safety is protected because police and intelligence agencies have these tools,” Abacus CEO David Coletto said.

“When a judge is involved, when a warrant is needed, we find broad support. It’s only when you take away that judicial oversight that you see a much more divided population.”

The survey, conducted on behalf of CBC News and the Toronto Star, asked Canadians about their views on three specific proposals to expand police powers, which are raised in a federal discussion paper that’s part of a review of Canada’s Anti-Terrorism Act.​

Read more here

#CyberFLASH: RCMP want new powers to bypass digital roadblocks in terrorism, major crime cases

rcmp

Suspected child predators, drug traffickers and extremists allegedly planning attacks or to join ISIS are escaping the eyes of the law because of increasingly impenetrable encryption and other digital roadblocks, according to top secret RCMP files reviewed by a CBC News/Toronto Star investigation.

The Mounties provided access to the files in a bid to demonstrate how investigations of tech-savvy suspected criminals are increasingly “going dark” because crucial evidence is beyond their reach.

The rare look inside active investigations comes amidst a thorny debate and public consultation on Canada’s Anti-Terrorism Act (C-51), which includes proposals to significantly expand police powers.

Four ideas floated in the federal government’s green paper on national security would enhance investigative capabilities, including the power to compel suspects to unlock their encrypted computers and cellphones and a law to require telecommunication and internet service providers to install interception and data-retention equipment in their networks.

But privacy and civil liberties advocates are fiercely opposed to such measures and demand police provide more evidence to justify their request for new powers.

RCMP Chief Supt. Jeff Adam admits law enforcement hasn’t done a great job explaining the investigative challenges of the digital world to the public.

Read more here

#CyberFLASH: $50M class action filed lawsuit against Casino Rama after cyberattack

A sign in front of Casino Rama  in Orilia Ont., on January 14, 2015. THE CANADIAN PRESS IMAGES/J.P. Moczulski

One day after Casino Rama announced it was the victim of a cyberattack, a $50 million “national privacy breach” class action lawsuit is in the works.

The suit is being led by Charney Lawyers PC and Sutts-Strosberg LPP. Both firms are well known litigators.

The lawyers have been involved in previous class actions concerning Bell Canada, Ashley Madison and Peoples Trust Company.

“This is a massive privacy breach. We still do not know the whole story but it looks like Casino Rama rolled the dice with employee, customer and vendor data rather than invest in state-of-the-art security measures,” Ted Charney of Charney Lawyers PC said.

David Robins of Suts-Strosberg LPP said that in this digital age Casino Rama’s employees, patrons and suppliers reasonably expected that their sensitive and confidential information would be protected.

Casino Rama became aware of the situation on Nov. 4.

Personal and banking information, along with social insurance numbers and dates of birth, were stolen.

The casino told people affected to keep an eye on their bank accounts, credit cards and other financial information.

On Friday evening, Casino Rama released the following statement:

“There is now evidence that stolen customer and employee personal information has been published on the Internet.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.