Everything about Bill C-30 Vic Toews doesn’t want you to know

Check @Vikileaks30So, Bill C-30. Man that shit really blew up last week, didn’t it? It was such a disaster, respectable news organizations like CTV Montreal have turned to your barely respectable blogger for an interview today on the noon news (update – check the video player on the right at montreal.ctv.ca and click on Newsmaker: Allen Mendelsohn for the vid). Want a preview of what I am going to say? Join me for a tour through the Bill after the jump.

The whole mess of the Bill starts with its title. The internet has named the bill the “Internet Spying Bill” or the “Internet Surveillance Act.” In reality, Bill C-30’s official title is “An Act to enact the Investigating and Preventing Criminal Electronic Communications Act and to amend the Criminal Code and other Acts.” It was also given the short title “Protecting Children from Internet Predators Act.” Now that one sounds like a good thing, right? Well, sure, but it was only given that title at the very last minute (literally, an hour before it was introduced in the House of Commons). Originally it was the “Lawful Access Act.” But protecting kids is always a good idea, so the Conservatives jumped on it, thinking we’d all be fooled. We were not.

The reason we were not fooled is we actually read the Bill! The Bill says absolutely nothing about protecting children. The bill says a lot about giving the police and the government powers to spy on people online. Sure, those powers could be used to protect children, but the powers are written so broadly they could be used for anything. So let’s take a look at some of the big stuff in there.

The Bill will create a new law, called the “Investigating and Preventing Criminal Electronic Communications Act.” Already, you can see that “criminal electronic communications” can be just about anything. So what does the Act do? It would give the police powers (which we’ll get to), but first it requires the ISPs (called “telecommunications service providers” here) to do the following:

Obligations Concerning Interceptions

6. (1) For the purpose of enabling authorized persons to exercise their authority to intercept communications, every telecommunications service provider must have the capability to do the following:

(a) provide intercepted communications to authorized persons

So basically the ISPs have to install equipment that will be able to intercept any communications from their customers. Fun! And who will pay for this equipment? Well the Bill doesn’t say. But you can bet it will show up on your monthly bill somehow. There is no choice btw; the ISP must provide this capability. The Act further goes on to say that if the ISP doesn’t have the capability, the RCMP or CSIS can ask for an order that the ISP get it. Like, now. What could possibly go wrong?

So that’s fun. But what mostly got the internet’s collective panties in a bunch is this:

Obligations Concerning Subscriber Information

16. (1) On written request by a person designated under subsection (3) that includes prescribed identifying information, every telecommunications service provider must provide the person with identifying information in the service provider’s possession or control respecting the name, address, telephone number and electronic mail address of any subscriber to any of the service provider’s telecommunications services and the Internet protocol address and local service provider identifier that are associated with the subscriber’s service and equipment.

So what we have here is a system of “designated persons” (basically the police will just name a bunch of people that work for them) making written requests to the ISP for six points of subscriber information. The issue here (well, one of many) is that the ISP must provide the info. No choice. This is the biggest change from the way it works now, when ISPs may give the information.

Perhaps more importantly, there is no independent arbiter of when the information is given. The designated person asks, the ISP must give. C’mon, who needs oversight? Especially considering that there is no legal standard as to when the designated person can ask for the subscriber info. The Act only says the person must be acting in service of their police duties when he requests the info. It is only after the fact that the person must say why getting the subscriber info was relevant. Again, what could possibly go wrong?

At least the procedure involves a written request which would leave a paper trail, right? Not so fast! The Act goes on to say:

Exceptional circumstances

17. (1) Any police officer may, orally or in writing, request a telecommunications service provider to provide the officer with the information referred to in subsection 16(1) in the following circumstances: (…)

Oh FFS. Already the Act is making exceptions for itself. So the police can just ask over the phone if the circumstances that come next apply. Here’s what caught my eye:

(b) the officer believes on reasonable grounds that the information requested is immediately necessary to prevent an unlawful act that would cause serious harm to any person or to property

I bolded that last part so you can see my big problem here. WTF does protection of property have to do with protecting children from online predators? Absolutely nothing of course. This is just one egregious example of how the Bill overreaches, and makes it clear that how it was drafted really had nothing to do with protecting children and everything to do with online spying.

Oh and btw, this part of the Act dumps the whole “designated person” business and replaces it with “any police officer.” Nice job, drafters! It even surprised Mr. Toews.

If I may pause for a minute to inform you of your rights, from our hard-won Canadian Charter of Rights and Freedoms:

7. Everyone has the right to life, liberty and security of the person and the right not to be deprived thereof except in accordance with the principles of fundamental justice.

8. Everyone has the right to be secure against unreasonable search or seizure.

There may be some issues here. Just sayin’.

But wait, we’re totally not finished with the juicy stuff. A lawyer at the Department of Justice who shall remain anonymous pointed me to sections 33 and 34 of the Act, which provide for the enforcement of the Act via an inspection power. According to section 34, these inspectors can “enter any place owned by, or under the control of, any telecommunications service provider” in order to enforce the Act. When they go in for an inspection, they can examine any document, test any equipment, use any equipment to get any information they want (seriously), and make copies of it all to take with them. And the ISP can’t stop them. In fact, the Act says the ISP must help the inspector. Again, what could go wrong?

Well, plenty. There are all sorts of quasi-criminal penalties in the Act, in the form of fines. This is often called “penal liability”. And if you will forgive a bit of a legal discussion, there is precedence here! The case was R v. Jarvis, and in it the Supreme Court said that when the government was doing investigations that brought about the penal liability under the Income Tax Act, there are a whole other set of considerations than when they are just doing an audit. And those considerations are the Charter and warrants. This Act has penal liability, not to mention the fact the the whole point of the Act is to catch criminals! Thus, the Charter and warrants should be in play. The government might want to read the Jarvis case sooner rather than later.

There is plenty more juicy stuff to go through, but I think this post is long enough already. Geist has a good piece today on one of the other provisions that updates the Criminal Code’s warrant provisions. It is pretty ugly too. This whole thing is pretty ugly, and everyone let Vic Toews know it. The government may actually be listening, as they have sent the Bill to committee before second reading, which most likely means there will be some changes. We can only hope they are significant. Protecting children is a good idea; a system that grants police and officials massive powers of warrantless spying is not.

Posted in: Internet law basics
Tagged: .

14 Responses to Everything about Bill C-30 Vic Toews doesn’t want you to know

  1. Pingback: Spy vs. I » Apple Guys Perspective

  2. moeman says:

    Well written and important information to pass on.

  3. steve says:

    Even I could understand it, and thats the first I heard about property. Which leads me to believe this was yet another law written by the RIAA and they told uncle Vic to trust them. You may give the government the benefit of the doubt that they did not know this was a law to create a police state, I dont.

  4. steve says:

    BTW great performance on CTV and I would bet you get asked to go National. I watch QP every week and would love to see you duel Ezra Levant or Andrew Coyen.

  5. steve says:

    Allen where is the link to the 2:10?

  6. steve says:

    This is the email I got back from Vic. It shows they have not given up, just changing the messaging.

    Thank you for contacting my office regarding Bill C-30, the Protecting Children from Internet Predators Act.

    Canada’s laws currently do not adequately protect Canadians from online exploitation and we think there is widespread agreement that this is a problem.

    We want to update our laws while striking the right balance between combating crime and protecting privacy.

    Let me be very clear: the police will not be able to read emails or view web activity unless they obtain a warrant issued by a judge and we have constructed safeguards to protect the privacy of Canadians, including audits by privacy commissioners.

    What’s needed most is an open discussion about how to better protect Canadians from online crime. We will therefore send this legislation directly to Parliamentary Committee for a full examination of the best ways to protect Canadians while respecting their privacy.

    For your information, I have included some myths and facts below regarding Bill C-30 in its current state.

    Sincerely,

    Vic Toews
    Member of Parliament for Provencher

    Myth: Lawful Access legislation infringes on the privacy of Canadians.

    Fact: Our Government puts a high priority on protecting the privacy of law-abiding Canadians. Current practices of accessing the actual content of communications with a legal authorization will not change.

    Myth: Having access to basic subscriber information means that authorities can monitor personal communications and activities.

    Fact: This has nothing to do with monitoring emails or web browsing. Basic subscriber information would be limited to a customer’s name, address, telephone number, email address, Internet Protocol (IP) address, and the name of the telecommunications service provider. It absolutely does not include the content of emails, phones calls or online activities.

    Myth: This legislation does not benefit average Canadians and only gives authorities more power.

    Fact: As a result of technological innovations, criminals and terrorists have found ways to hide their illegal activities. This legislation will keep Canadians safer by putting police on the same footing as those who seek to harm us.

    Myth: Basic subscriber information is way beyond “phone book information”.

    Fact: The basic subscriber information described in the proposed legislation is the modern day equivalent of information that is in the phone book. Individuals frequently freely share this information online and in many cases it is searchable and quite public.

    Myth: Police and telecommunications service providers will now be required to maintain databases with information collected on Canadians.

    Fact: This proposed legislation will not require either police or telecommunications service providers to create databases with information collected on Canadians.

    Myth: “Warrantless access” to customer information will give police and government unregulated access to our personal information.

    Fact: Federal legislation already allows telecommunications service providers to voluntarily release basic subscriber information to authorities without a warrant. This Bill acts as a counterbalance by adding a number of checks and balances which do not exist today, and clearly lists which basic subscriber identifiers authorities can access.

  7. Hadulf says:

    Nice explanation Allen. Thanks for taking it down an intellectual notch for me…

  8. Sheogorath says:

    And then there’s my case where the police were sniffing the packets of a suspected paedo and came across one of a strikingly similar size and with the same file extension that was on its way to me. I was extremely surprised when the cops broke down my front door with no warning and pinned me to the floor, cuffing my hands behind my back. It took going to court to establish that the ‘kiddie porn’ I’d downloaded was in fact Windows Movie Maker 2.6. I’m now suing the police because they obviously never bothered to check where my data packet was from before overreaching their powers. I honestly don’t think Micro$oft hosts porn of any type on its servers, do you? And that’s the whole problem of overbroad laws like this.

  9. Rwolf says:

    U.S. Expanding Cross-border Police Integration With Canada & Asset Forfeiture Sharing

    Concurrent with Obama’s proposed law legalizing and expanding cross-border police integration in North America, Canadians earlier this year discovered introduced (Commons Bill C-30 touted to protect children on the Internet—would also give any Canadian police officer—without a warrant—the power to request Internet service providers turn over customers’ information (see section 17 of C-30); allow Canadian police to seek into Canadians’ private computers. C-30 was strongly opposed by Canadians in April 2012. Canadians further discovered Canada had signed with the United States an array of (Asset Forfeiture Sharing Agreements) for Canada to share Canadian and Americans assets civilly or criminally confiscated using Asset Forfeiture laws that resulted from U.S. and Canada sharing information gleaned from electronic surveillance of Canadian and American Citizens’ communications, e.g., emails, faxes, Internet actively, phone records.

    Compare: The Obama Government wants the power (without a warrant) to introduce as evidence in U.S. Civil; Criminal and Administrative prosecutions any phone call record, email or Internet activity. Police can take out of context any innocent—hastily written email, fax or phone call record to allege a crime or violation was committed to cause a person’s arrest, fines and or civil asset forfeiture of their property. There are more than 350 laws/violations that can subject property to Government forfeiture that require only a civil preponderance of evidence.

    The U.S. “Civil Asset Forfeiture Reform Act of 2000” (effectively eliminated) the “five year statue of limitations” for Government Civil Asset Forfeiture: the statute now runs five years (from the date) government or a police agency allege they “learned” an asset became subject to forfeiture. It is foreseeable should (no warrant) government electronic surveillance be allowed; police will relentlessly sift through business and Citizens’ (government retained Internet data), emails and phone communications to discover possible criminal or civil violations. History Repeats: A corrupt or despot U.S. Government/Agency can too easily use no-warrant—(seized emails, Internet data and phone call information) to blackmail Americans, corporations and others in the same manner Hitler used his police state no warrant passed laws to extort support for the Nazi fascist government, including getting members of German parliament to pass Hitler’s 1933 Discriminatory Decrees that suspended the Constitutional Freedoms of German Citizens. A Nazi Government threat of Asset Forfeiture of an individual or corporation’s assets was usually sufficient to ensure Nazi support.

    Under U.S. federal civil asset forfeiture laws, a person or business need not be charged with a crime for government to forfeit their property. Most U.S. Citizens, property and business owners that defend their assets against Government Civil Asset Forfeiture claim an “innocent owner defense.” This defense can become a criminal prosecution trap for both guilty and innocent property owners. Any fresh denial of guilt made to government when questioned about committing a crime “even when you did not do the crime” may (involuntarily waive) a defendant’s right to assert in their defense—the “Criminal Statute of Limitations” past for prosecution; any fresh denial of guilt even 30 years after a crime was committed may allow U.S. Government prosecutors to use old and new evidence, including information discovered during Civil Asset Forfeiture Proceedings to launch a criminal prosecution. For that reason: many innocent Americans, property and business
    owners are reluctant to defend their property and businesses against Government Civil Asset Forfeiture. Annually U.S. Government seizes Billions in assets without filing criminal charges. Increasingly local police are turning their criminal investigations over to Federal Agencies to receive an 80% rebate of forfeited assets. Federal Government is not required to charge anyone with a crime to forfeit property.

    Re: waiving Criminal Statute of Limitations: see USC18, Sec.1001, James Brogan V. United States. N0.96-1579. U.S. See paragraph (6) at:
    http://www.law.cornell.edu/supct/html/96-1579.ZC1.html

Leave a Comment

Your email address will not be published. Required fields are marked *