The battle over the way law enforcement agencies can get telecommunications companies to hand over subscriber information went into Question Period on Wednesday, with the Prime Minister deflecting heated questions from Opposition Leader Thomas Mulcair.
Following Tuesday’s revelation from acting privacy commissioner Chantal Bernier that agencies made 1.2 million requests for information in 2011 alone, Mulcair’s first question was blunt and without preamble: “How can the Prime Minister justify the invasion of the privacy of a million Canadians by his government?”
While that grabs headlines, but doesn’t help with what I see are the real issues, which is how law agencies get access to information – should they require a judicial warrant all the time? – how much do they need and how long can they save it if there is no evidence of criminal activity. There’s also the matter of service providers refusing to help the privacy commissioner’s office gain data on how much information is being handed over to law agencies.
What the current laws and regulations allow is service providers to hand over metadata on communications, not the messages themselves. For accessing messages police need a warrant. But also note that bill C-13 now before the House, the so-called cyberbullying act, includes provisions that seem to allow police to ask people to provide documents they aren’t specifically forbidden from disclosing. See section 487.0195.
So Stephen Harper easily turned aside the thrust: Agencies “always seek a warrant when they are required to so do,” he replied to Mulcair. Otherwise, they request information “in accordance with the law.”
“There is independent surveillance, independent oversight to make sure that these laws are respected,” he also said.
Mulcair tried again to shape the issue as one of privacy invasion, and again Harper said he didn’t accept the statement.
But Harper wasn’t beneath trying a little slight of hand as well, noting that proposals in the digital privacy bill now before the Senate includes an obligation of organizations to tell Canadians if personal information they hold has been lost or stolen. As Mulcair rightly noted, he was asking not about data breaches but lawful access to information held by telcos and ISPs.
Later the NDP’s Charlie Angus asked if the government approves of “open season on the use of data that belongs to Canadian citizens?” Industry Minister James Moore replied with more talk about the digital privacy act.
Finally, the NDP’s Alexandre Boulerice put it to the government squarely: Handing over customer information from providers “should never be done without a warrant,” he said.
That’s one of the things that should be debated.
Meanwhile in a blog University of Ottawa law professor Michael Geist pulled out an interesting snippet of information from pages of information submitted to the privacy commissioner’s office by the Canadian Wireless Telecommunications Association (CWTA) two years ago.
An unnamed provider said it sends “a mirror image of the packet data” law agencies have lawfully asked for. Geist finds handing over all of a communication “an incredible admission,” and wonders if it’s a way for law agencies to get around providers who don’t use deep packet inspection.
“Many, many questions without clear answers,” he rightly concludes. Hopefully when C-13 comes up for debate there will be serious questions and clear answers.