Giving police better tools to fight crime in the online universe has been on the parliamentary agenda for years, but it has rarely moved forward. In the last Parliament, two bills that would have allowed police to gather user data from internet service providers (ISPs) without first getting search warrants died on the order paper.
The Conservatives have promised that if they form a majority government, these measures and other unpassed tough-on-crime legislation will be reshaped into a single omnibus bill that they plan to pass within 100 days of the new Parliament. But concerns about “lawful access” to ISP data have raised warning flags from the very start.
“What they purport is that certain innocuous kinds of data should be provided to police voluntarily by an ISP [when the police] haven’t really launched an investigation to the point where they’re able to get a warrant or where that’s really appropriate,” says Micheal Vonn, policy director with the BC Civil Liberties Association (BCCLA). “Our position is you can’t have it both ways: it’s either relevant or it’s not relevant. If it’s relevant, it has a privacy value.”
Opposition MPs have generally been in favour of these bills. Liberal justice critic Marlene Jennings says her party has been pushing for laws to modernize investigative techniques since before the Martin government fell in 2006, but with some reservations.
“Clearly privacy has to be protected, and what we have been calling forward is legislative changes to the Criminal Code that would allow police officers to go and get the proper warrants. They would need warrants. Individuals’ privacy would be protected,” Jennings says, adding that privacy protection is “of paramount importance.”
Indeed, provincial privacy commissioners as well as Federal Privacy Commissioner Jennifer Stoddard have expressed reservations over the scope of the lawful access bills.
“The provisions of the proposed acts raise privacy concerns. For instance, without a warrant, authorities could gain access to personal information, such as unlisted telephone numbers and email and IP addresses,” says Stoddard in a press release on the two bills tabled in the last Parliament.
“The legislation as currently drafted is not limited only to investigations of serious criminal offences, but also could be used to target even minor infractions and non-criminal matters.” She adds that “to date, the federal government has presented no compelling evidence that new powers are needed.”
NDP justice critic Joe Comartin says the bills leave too much authority in the hands of the police without judicial oversight, but, he says, Stoddard is being too cautious.
“We’re always trying to strike that balance, and I think some of the concerns she’s expressing weigh just a bit too heavily on the privacy side as opposed to the need for the police to have effective mechanisms to counter what, in effect, is the new technological methodologies of crime,” Comartin says.
Vonn concurs with Stoddard that there has yet to be an effective demonstration that new powers are needed.
“Don’t tell me that the ISPs are going to stand there on some privacy principle and obstruct the police in their important investigative duties,” says Vonn, calling the argument a red herring.
“The police already have the ability to get the information they require under the Criminal Code,” Vonn says. “The idea that the police are being thwarted in these life-or-death scenarios is simply untrue. They have those powers already, in the same way that without a warrant, they can follow you into your house if they’re in hot pursuit and there are exigent circumstances.”
Vonn says that when the bills come up for debate in the next Parliament, the BCCLA also plans to show that police have abused these powers whenever they have been granted.
In part, this is because there have been no adequate privacy protections in place, and that what is usually proposed are audit trails.
“That is not a privacy protection,” Vonn says. “That is a way of finding out who’s already violated your privacy; it does not protect privacy. Government does not protect their own information in this way.”
Vonn cites the case of Sean Bruyea, a Canadian Forces veteran whose medical records were improperly accessed more than 600 times by the Department of Veterans Affairs.
“How do we know it was that many times?” Vonn asks. “Well, because there’s an audit trail. Did that stop anybody? Apparently not.
“These are the same kinds of ‘protections’ that are being proposed here. That’s not privacy protection. That’s accountability, that’s audit. It’s many things that are good, but it’s not privacy protection; that’s our point.”