On 23
November 2001, Canada signed the Council of
Europe’s Convention on Cybercrime. (When a county signs a
convention, it
means it is agreeing in principle to its provisions. When a country
ratifies a
convention, the convention becomes legally binding.) The Convention
on Cybercrime,
the first international treaty dealing with crimes committed via the
Internet
and other computer networks, will come into force when five countries
have
ratified the convention, including three Council of Europe member
states. (http://conventions.coe.int/Treaty/EN/WhatYouWant.asp?NT=185)
The
Convention addresses copyright infringement, child pornography on the
Internet,
fraud, and network security violations. Some countries are discussing
implementing an Additional Protocol that would make it a crime to
publish
racist or xenophobic propaganda via computer networks.
If Canada were to ratify the
Convention, it would be bound by the terms. However, the government has
stated
that there are additional steps that need to be taken to assure the
Convention
is enforceable in Canada. To that end, the government
made proposals in 2002 to amend the Criminal
Code and introduce new legislation to address these concerns.
Canada
is not alone in proposing this sort of legislation. In fact,
several countries have passed Internet monitoring legislation,
including China, Denmark, France, Germany, Italy, Spain, the United Kingdom, the United States and Vietnam.
After the terrorist attacks in
the U.S. on September 11, 2001, the Bush administration
passed the Patriot Act that gives government officials, in certain
situations,
access to individual Web activity without having to get a warrant.
Moreover, the
U.S. Federal Bureau of Investigations (FBI) is working to create new
technology
that will allow them to monitor Internet activity without requiring
physical
access to the computer. Currently, physical access to the computer is
required
in order to monitor Internet use.
In the U.K., Internet service providers are required to
keep a record
of email, Web site, and text messaging activity of their clients under
the
Regulation of Investigatory Powers Act, also enacted after September 11, 2001.
The Government’s Proposal “Lawful Access”
According to the
Federal Department of Justice and Ministry of Industry current Canadian
law is
inadequate to address the specific concerns raised by computer
technology.
Allan Rock, Minister of Industry, stated that “technology is a great
enabler
for Canadians, but it also presents challenges for law enforcement.”
Information provided by the Department of Justice states: “These new
technologies are posing challenges to conventional lawful access
methods. Law
enforcement and national security agencies must often overcome a
variety of
technical hurdles before they can access the communications or
information they
are legally authorized to collect.”
Accordingly, in
2002, the government proposed amendments to the Criminal Code and new
legislation to combat these hurdles. These proposed changes were
generally
termed “lawful access” legislation and according to Justice Minister
Martin
Cauchon would protect the privacy of Canadians while ensuring “crimes
and other
threats to public safety can continue to be investigated effectively.”
The Department
of Justice describes “lawful access” as “the interception of
communications and
the search and seizure of information, which law enforcement and
national
security agencies use to conduct investigations.” The Department stated
that
“updating lawful access legislation is essential to a broad range of
investigative bodies, in their continued efforts to fight crimes such
as
terrorism, child pornography, drug trafficking, smuggling, Internet and
telemarketing fraud, price fixing and money laundering.”
The government’s
proposal was designed to bring Canadian law in line with the Council of
Europe’s Convention on Cybercrime. The proposal contained
various
elements, including a suggestion that Internet service providers (ISPs)
provide
technology to enable law enforcement agencies to monitor the Internet
activity
of their clients. It was not clear who would bear the cost of such
measures,
although it was suggested it would be the ISPs. According to media
reports, Ottawa
was also reviewing the possibility
of creating an Internet database to store the collected information.
Under the
proposal, the government would be able to track Internet activity,
including
time and location of communications, visits to web sites, what searches
people
conducted on search engines, and the destination and origin of emails.
According to
some reports, the government was investigating an option that would
hold emails
to a lower privacy standard that telephone communication. This would
allow
officials to intercept and read emails, possibly without having to
secure the
same type of warrants required for wire tapping. This proposal elicited
many
objections, including an objection from the former Federal Privacy
Commissioner
George Radwanski, who stated that: “The proposal suggests that email
communications be subject to a lower standard of protection than now
exists for
telephone calls, letters or other private communications in the Criminal
Code. The Department has not produced any evidence that existing
rules
under the Criminal Code are inadequate for fighting
cyber-crime. For
that reason alone I oppose any relaxations of existing legal protection
for
Canadians.”
The Privacy
Commissioner alleged that “Agents of the state in Canada cannot order Canada Post
to photocopy the address on every envelope
we send, nor can they order bookstores to keep a record of every book
we buy,
let alone every page of every magazine we leaf through. There is no
reason why
they should be able to exercise such powers with regard to every email
The Debate
The Federal
Privacy Commissioner voiced several objections to the Canadian
government’s
lawful access proposal. However, he was not the only one opposed.
The
Information and Privacy Commissioner of Ontario, Ann Cavoukian (http://www.ipc.on.ca/),
echoed his objections in several letters written to Justice Minister
Martin
Cauchon, Revenue Minister Elinor Caplan, and Industry Minister Allan
Rock. The
Canadian Civil Liberties Association (CCLA) and ISP consumer groups
also voiced
concerns.
Observers have
noted that pressure is coming from the U.S., where cyber-crime legislation was passed following the
terrorist
attacks of September 11, 2001.
The Canadian government has stated that it is obligated under the
Council of
Europe’s Convention to implement new legislation combating cyber crime.
Not all were
persuaded by this argument, however. Privacy advocates stated that the
government did not show why existing laws were inadequate, nor did it
show how
the new laws would greatly enhance their ability to fight cyber-crime.
CCLA
stated: “[a]ny consideration of increasing the power of the state to
eavesdrop
on citizens requires from the government a clear demonstration of the
need. In
view of the considerable powers already available in this regard, the
mere
invocation of 9-11 will not suffice. The public needs to know precisely
why the
current powers are not enough.” Peter Hope-Tindall, a privacy
consultant in Toronto, stated that the proposals
discussed “maintaining lawful access capabilities, but clearly what we
see is
an extension of those capabilities and a lowering of the evidentiary
standard
to exercise them.”
Groups such as
the Canadian Bar Association and the Canadian Information Processing
Society
(CIPS) (an association representing information technology
professionals) have
also voiced concerns over the expansion of government ability to “cyber
snoop.”
CIPS stated that while the group agreed with the government’s need to
have the
ability to investigate terrorism and cyber crime, it should not be
accomplished
“at the expense of the privacy interests of law abiding Canadians.” (www.cips.ca/it/position/lawful/)
Philippa Lawson,
senior counsel with the Public Interest Advocacy Center in Ottawa stated that she felt the
laws were
“stepping right into Orwell’s vision of the future. With all the
anti-terror
initiatives we’re seeing, public interest advocates are getting really
concerned.”
CCLA also argued
that the proposed legislation would deter people from using the
Internet. In a
letter to the Department of Justice, CCLA stated: “The right to explore
and
communicate in anonymity has transformed the Internet into a special
sanctuary
for its users. By itself, the mere prospect of governmental invasion is
likely
to create a chill over Internet activity; the actual invasions are
likely to
exacerbate the chill.” The letter continued, “For all these reasons,
the
Canadian Civil Liberties Association takes the position that any
invasion of
these electronic sanctuaries should required the most compelling
circumstances
and exacting safeguards. Thus far, the government has not made the
case.”
Other
commentators have expressed even more dire predictions if the proposals
were to
take effect. Rick Broadhead, who has written articles about Internet
issues and
privacy, stated: “Some of these ideas are downright scary and I think
that every
Canadian should be quaking in their shoes right now at the thought of
where
this might lead.” Mr. Broadhead has compared these proposals to China’s policy of preventing
its citizens
from accessing certain anti-Chinese or anti-communist Web pages. “We’re
in
danger of becoming a police state,” he said.
In
August 2003,
the government released a summary of the responses it had received to
the
Lawful Access proposal. At that time, justice officials stated that the
government was reviewing the comments, and was not yet at a stage to
present a
bill.
Privacy Project Home
API-PNR | Cyber
Snooping
| National ID
Cards
Spouse
In The House | Strip Searches
| Video
Surveillance
