Bill C-13, An Act to amend the Criminal Code, the Canada Evidence Act, the Competition Act and the Mutual Legal Assistance in Criminal Matters Act passed third reading in the House of Commons on October 20 and then passed first reading in the Senate on October 21. Also known as the Protecting Canadians from Online Crime Act, and informally called the cyberbullying bill, it was first introduced on November 20, 2013 by Justice Minister Peter MacKay.
Great concern has been raised by the public that although the bill makes it illegal to distribute intimate images online without consent, its main thrust is to grant new powers to the police and the state to violate the right to privacy of Canadians. It would also grant immunity to telecom providers who hand over their customers’ private information to authorities without a warrant.
Meanwhile, a similar piece of legislation, Bill S-4, An Act to amend the Personal Information Protection and Electronic Documents Act and to make a consequential amendment to another Act (Short Title: Digital Privacy Act), was referred to second reading in the House of Commons on October 20. Bill S-4 purports to “enhance online privacy” but permits internet service providers/telecom companies to hand over private information to any organization investigating a possible breach of contract. Bill S-4 was introduced in the Senate on October 16, 2013.
Recent news reports indicate the rate at which private data is being handed over to state agencies under existing laws. For example, telecommunications companies gave individual customer data to the Canada Border Services Agency (CBSA) 18,849 times between April 2012 and March 2013. This information includes the content of voice mails and text messages, websites visited and the rough location of where a cellphone call was made, according to government data. In 99 per cent of cases, the CBSA asked for and received basic subscriber information without obtaining a warrant. Data was handed over in all but 25 cases. In 2011, three telecom providers alone disclosed information from 785,000 customer accounts.
In 2011, three telecom providers alone disclosed information from 785,000 customer accounts.
In most cases, the telecom companies could have rejected the requests and asked that a warrant be obtained. However, Canada Border Services appears to have an agreement with telecoms whereby basic subscriber information is handed over without a warrant, news reports state.
In a May 2 Toronto Star op-ed Michael Geist, Canada Research Chair in Internet and E-commerce Law at the University of Ottawa’s Faculty of Law, points out that Bill C-13 will expand warrantless disclosure of subscriber information to law enforcement by including an immunity provision from any criminal or civil liability (including class action lawsuits) for companies that voluntarily disclose personal information without a warrant. The immunity provision makes it more likely that disclosures will occur without a warrant since the legal risks associated with such disclosures are removed.
Geist added that Bill S-4 proposes extending the ability to disclose subscriber information without a warrant from law enforcement to private sector organizations. The bill includes a provision that allows organizations to disclose personal information without consent (and without a court order) to any organization that is investigating a contractual breach or possible violation of any law. This applies to both past breaches or violations as well as potential future violations. The disclosure occurs in secret without the knowledge of the affected person. Geist also pointed out that
“the industry has steadfastly refused to address the lack of transparency concerns regarding its practices. Providers admit that they do not notify customers that their information has been requested, thereby denying them the ability to challenge the demand in court. Moreover, documents released earlier this year suggest that companies such as Bell have even established a law enforcement database that may provide authorities with direct access to subscriber information. The systems may create great efficiencies for law enforcement – click, access subscriber data, and receive a bill from the telecom company – but they suggest a system that is entirely devoid of oversight with even the Privacy Commissioner excluded from ensuring compliance with the law.”
Bill C-13 and Supreme Court ruling on privacy rights
Last June the Supreme Court declared that law enforcement requires a warrant to get even basic subscriber data.
“A warrantless search, such as the one that occurred in this case, is presumptively unreasonable,” Justice Thomas Cromwell wrote for the majority.
“The Crown bears the burden of rebutting this presumption.”
The ruling also addressed the broader constitutional issues raised in Section 8 of the Charter of Rights and Freedoms, which protects Canadians’ privacy rights from unlawful search and seizure.
“In my view, in the totality of the circumstances of this case, there is a reasonable expectation of privacy in the subscriber information,” Cromwell wrote.
“The disclosure of this information will often amount to the identification of a user with intimate or sensitive activities being carried out online, usually on the understanding that these activities would be anonymous.”
Source: TML Weekly Information Project