Update: So, here is the PR release. Obviously we’ll still have to wait for the draft Bill to flesh out some of the things mentioned here.
In a nutshell:
no warrant required for subscriber information and the ISP is required to provide “timely access” to anyone’s personal information (name, address, telephone number and Internet Protocol (IP) address, e-mail address, service provider identification and certain cell phone identifiers) by a select (but undefined) group of people only,
warrant required for surveillance,
Provider > 100,000 must have a “intercept capability in certain new equipment and software” and the providers have their choice of technology,
Provider < 100,000 have three years,
banks, private networks, and charities are excluded,
Assuming this is how the draft shakes out, I'm not nearly as against this one compared to the travesty the Liberals tried to foist on us in 2005. A couple of questions though that better be addressed by the Bill. 1) Define "technological solution" because that's vague. i.e a port on a switch to plug in a wireshark server?, actually have wireshark set up and running? set up a big pipe to forward every packet to the gov’t? 2) Does this require the service providers to maintain retroactive information or is it from point of presentation of the warrant?
One thing cracks me up though, Criminals and terrorists are aware of interception “safe havens” and exploit them to continue their criminal activities undetected. Yeah, criminals know where the supposed safe havens are but they don’t know about the encrypted alternatives HTTPS, IMAPS and POPS, gnupg, or steganography.
Original post below the fold.
Cheers,
lance
Flash back to 2005.
Flash forward to Thursday.
Remember wayyyyy back in November? The policy convention? I don’t remember anyone talking about Internet taps. I have found this (PDF, 53 pp.) though:
93. Organized Crime
The Conservative Party recognizes that organized crime is growing throughout Canada, that international criminal organizations are more and more active in Canada in money laundering and illicit drug trafficking and, finally, that this phenomenon crosses boundaries.
i) To fight against this curse and ensure the safety of Canadians in their communities, we encourage the government to:
a) adopt, in collaboration with the provinces, a national strategy on the fight against organized crime, including the creation of a joint national task force on security;
b) increase the financial resources allocated to the RCMP to help them to fight against those activities in all regions of the country;
c) propose an amendment to the Criminal Code to reverse the burden of proof, so that members of a criminal organization (and not the Crown) will have to prove at the time of seizure that the goods were not acquired through criminal acts committed for organized crime. Specific criteria will govern this measure to respect the principle of the presumption of innocence of the accused; and
d) strengthen the legislation to prosecute any person who knowingly engages in counterfeit activities by manufacturing, reproducing, and distributing, importing, or selling counterfeit goods.
Or is it only bad when Liberals propose it?
not good then, not good now… it’s a bite in the ass for any libertarian.
If you speak to someone in public, is the state allowed to listen, without a warrant? Yes. Do you think the Internet is a private place? No it isn’t, or at least, not any more. It’s now a global mission-critical public utility and vector for trans-national illegal behaviour. You can either get used to it, or be hyper-silly and move all your electronically managed “assets” into your mattress. Just remember, this is not your father’s second-millenium Internet any more. This is the real thing. It’s not your toy walkie-talkie chit-chat with your buddy in the other room any more. It’s like shortwave radio now ~ and that’s always been regulated, and monitored. Or would rather have the bad guys use the Internet to arrange the kidnapping and trafficking of your daughter, without prevention or detection?
Y2K K2Y ……. whats to Know? Careful now! that spook may follow you home
Just another Harper libral policy. He sure loves censorship. Why do you think he has done nothing about the abusive CHRC and allows Lynch to swan around the world spending thousands of taxpayers money during a recession.
I don’t think that’s a valid argument Vit. It amounts to a “If it saves one child” emotional straw man. The same reasoning went into the gun registry.
In your example of the conversation, the state isn’t allowed to listen without a warrant.
Radio isn’t really an applicable analogy, that’s a one to many paradigm. Email OTOH is arguably one to one, the same as the conversation. There is a expectation of privacy and I detest any infringement on that.
Especially if, like the Liberals boat anchour, Van Loan tries to grant extra-judicial powers to the police agencies.
Encryption is a readily available technology, open source and restriction free. Totally interactive and available with any system. Those who would plan to do harm over Internet, especially those types cited in the article are already using it.
The child porn rings that we hear getting busted every second week or so managed to get busted with regular old police work and not extra-ordinary powers.
Cheers,
lance
No matter who we elect we always get this intrusive statist agenda.
What happened to “the state has no business in the bedrooms of the nation” – or our family rooms, dens, computer rooms or offices either.
Get stuffed Big Bro!
Just a couple of points:
1) Data is being collected right now from “traditional” sources (banks, telcos, borders, tax , airlines, CC’s, etc.).
2) There are way to many really bad guys to chase … there is no time or resources to deal with the just bad guys.
For info about how you are currently protected, I suggest the reading the book below. I can’t see the internet data being treated any differently.
Data Mining for Intelligence, Fraud & Criminal Detection: Advanced Analytics & Information Sharing Technologies … by Christopher Westphal
Ultimately, it all hinges on whether the police would require some sort of warrant or not, and for an article on such a potentially serious issue, the Canada.com report is annoyingly incomplete in this regard. If a warrant of some sort would not be required, then the proposed bill is, as Jennifer Stoddard said, “a serious step toward mass surveillance” and a Tony Blair-esque threat to Canadians’ rights. IF under the proposed bill a warrant IS required, then the statement “the proposed legislation would force (ISPs) to allow law enforcement to tap into their systems to obtain information about users and their digital conversations,” isn’t functionally more threatening to liberty than “the proposed legislation would force telephone companies to allow law enforcement to tap into their systems to obtain information about users and their phone conversations.”
The article’s only mention of whether a warrant is required or not is the quote from Clayton Pecknold — “This is really not about the warrantless tracking of Canadians’ Internet use.” yet the article doesn’t have anyone making a contrary case to what he says.
Bottom line, it’s hard to tell from the article if opposition to the bill is based on the spectre of it being onerous in a business/financial way for ISPs — that seems to be the case being made — or if it’s because it would give law enforcement, or whoever has their hands on the technological access, unfettered access to Canadians’ internet communications.
Vitruvius: what are you saying? You surprise me. I suggest that it would be a very serious matter indeed if such access by law enforcement to citizens’ communications required nothing resembling a warrant; such warrantless access would allow members of the law enforcement community to legally and without repercussion intercept his ex-wife’s emails, for example, or spy on his neighbours, or to spy on the internet communications pertaining to a particular business — yours, say — on behalf of his (private life) friends who are competitors in the same general field of business, or spy on the political enemies of the whoever the (future) force’s political masters are. That’s instrinsically abhorent, for obvious reasons, and, more to the point, once such a *mechanism* is in place, it’s available for use by whoever is in power at any point in the future.
It’s hard to say, though, based on the article, what Van Loans bill will be, because it is ambiguous in its use of language. Take these two sentences, the latter immediately subsequent to the first.
(Emphasis mine):
“Earlier this year, Van Loan publicly stated his intentions to pursue legislation, which had been promised for years but relegated to a back burner by his predecessor, Stockwell Day.”
“When he was public safety minister, Day also promised that any federal initiative would require police to obtain a warrant to access personal information of users, such as names and addresses.”
Does that mean Van Loan promised that too, that it would require a warrant — or that Day threw in that extra clause, which differentiates his earlier position from the bill Van Loan is about to table?
Who knows? Could easily be either the way it’s written. I guess we’ll find out on Thursday or Friday.
c) propose an amendment to the Criminal Code to reverse the burden of proof, so that members of a criminal organization (and not the Crown) will have to prove at the time of seizure that the goods were not acquired through criminal acts committed for organized crime. Specific criteria will govern this measure to respect the principle of the presumption of innocence of the accused
I’m not convinced that ‘c’ here is a good idea.
The recent Chatterjee decision of the Supreme Court of Canada dealt with similar legislation in Ontario. The Court upheld it; I haven’t read the judgment but I suspect it was a huge mistake.
You know, Lance & EBD, I’m not going to disagree with you, in principle. Remember, I was a founding member of the Libertarian Party of Alberta in 1972, and I’m still a libertarian in principle. However, in practice, I’m a (non-professional) engineer. So I am required to be pragmatic: to spend my scarce resources where they will do the most good. And as ET and I batted back forth a few time in some other recent thread, in practice there are some things that don’t care about our principles. I’m just saying, in the long run, if you fight the Internet monitoring daemon you’re going to lose. It’s sort of like the tobacco fight, in another two generations that will be history. Fortunately, they’ll never get rid of booze, just ask Scotty 😉
Now, to be clear, there is one particular exception I would like to make to my general comments supra. I think that on point-to-point email, that is from one sender to one recepient, absolutely formal warrant processes should be required to be followed for content access (traffic analysis excepted). That is a big part of EBD’s expectation that email is an analogue of postal mail.
But mass mailing, and web sites, those are broadcasting. And as I’ve mentioned with the short-wave analogy, broadcasting has always been regulated and monitored by the state.
Lastly, there is the question of: well, Vitruvius, why shouldn’t the Internet be the first place in the history of man where these commonalities of human behaviour do not apply. And frankly, properly argued, I’d probably support you. I just want to make it clear to everyone where you’re spending your resources.
Vitruvius wrote: “If you speak to someone in public, is the state allowed to listen, without a warrant? Yes. Do you think the Internet is a private place? No it isn’t, or at least, not any more.
Yeah but at least in a public place I can SEE the people around me who might be listening in and take precautions!
And as far as this goes:
“Or would rather have the bad guys use the Internet to arrange the kidnapping and trafficking of your daughter, without prevention or detection?”
I believe it is FAR more likely that the state will abuse its self-awarded mandate to access my information without my knowledge or consent, over the likelihood that some nebulous neer-do-well might decide to use the internet to plan a kidnapping of a member of my family!
Anyone remember the controversy surrounding Echelon and Airbus?
Oh sure, Vit, go ahead and agree and take all the fun out of it.
I’ll query one thing in your comment though, define mass-mailing? Do you mean spam or a mail-list (and if a mail list, do you mean any or just public?) Or do you just mean x number of recipients?
Or as I posted, in 2005 from the link in SDA’s original post, define ISP. I run a web server and mail server, do I qualify as an ISP?
Does Joe Blow who hasn’t done a Windows Update in three years and has a spam-bot running on his system qualify as an ISP?
FWIW, I realize that those questions are completely unfair because we haven’t seen anything other than this article to put the questions in context.
Cheers,
lance
Ok, sorry about the kidnapping thing. I wasn’t
actually trying to have my argument trip over
my rhetoric. Please excuse me.
Burden of proof . It’s been going on for years. Government = Canada Revenue Agency = Taxpayer = prove it! I’ll have to go read the Chatterjee decision.
Bitruvius: “and vector for trans-national illegal behaviour.”
Ural: “There are way to many really bad guys to chase … there is no time or resources to deal with the just bad guys.”
Right on both counts. I was ‘victimized’ on Monday when I posted an advert for a home to rent to the ‘secure HTTPS’ Craigslist site.
My advert was literally hijacked by an international fraudster who managed to replace the anonymized e-address with his/her own, as well as a number of other details. From what I’ve been able to gather, they’ve been busy trying to scam deposits from lots of potential renters.
The RCMP weren’t terribly interested, Phone Buster’s says they’ll try to look at it and Craigslist has only sent me an auto-response.
Meanwhile, these guys can be scamming tons of people out of $1K or more each – and there’s very little I or anyone else can do about it.
It’s the wild west all over again.
No Guff = sounds like you got something on your ‘puter logging keystrokes.
I’ve no doubt that violating the “presumed innocent until proved guilty” approach will be used for political repression. I know of two authors, a husband(journalist) and wife(children’s books) who had property, their computers and firearms seized by police, as punishment because the husband wrote a book which was critical of the way the police handled the Bernardo/Homolka murder case.
It took much time and money to get their property returned, including the firearms which the judge said they had legally to protect their livestock as provided by law and for which the police had no legal reason to seize. (note when investigating a possible firearms offense, regardless of if you even possess a firearm or not, the police are authorized to seize any documents, files and computer. (note all political leaders currently endorse this)
Of course the police were not punished for this as citizens in Canada have no legal right to own property nor firearms, therefore there is no legal remedy punishing the police for violating a mere privilege.
Similarly, Bruce Montaque(+family) had the police claim the house, they had built years ago with their own hands, was the proceeds of crime simply because Bruce had the temerity to request a charge under the Firearms Act so that he might thus access the system to launch a legal challenge of those laws.
As up until recent gun law changes and charges, he had done gunsmithing for the police and his wife was a civilian employee of the local detachment for years, police knew the accusation was false. But again there is no legal punishment for agents of the state who lie and violate what is a mere privilege e.i. owning a family home.
Stephen Harper is a smart and capable Economist. He understands the economic implications of policy well but apart from that with both Conservative/Liberal administrations we continue to slide into servitude.
The need to violate the Common Law/Charter Right to be “Presumed Innocent” may be simply due to the lack of credibility that the current RCMP have before Judges/Juries. This is due to such fiascos as the attempted cover-up of the 5 time tasering of the Polish tourist, the shooting of the unarmed Kevin St. Arnaud and Ian Bush, (also the Crown vs. James Buck-The Report).
Note the feds talk a tough game but the prison system is still run for the inmate/”client” and they’ve no monies allocated for new or increased prison space for real criminals!
The way I read the article, the proposed bill will not remove the need for a warrant to get this information; it will simply make it mandatory for ISPs to cooperate with the police provided they have one. We won’t know for sure until the text of the bill is published, but I’d be very suprised (and opposed) if that isn’t the case.
As others have said, what the gov wants to achieve with this bill (in theory) is bringing ISPs under the same requirements as banks, hospitals, and similar institutions – once there’s a warrant, they have to acquiesce to the request. That’s well within the scope of the Rule of Law and is respectful of privacy and property rights, IMO.
Like a few others here, my key concern is with that odious little line about reversing the burden of proof.
Vitruvious. I don’t think a public conversation can be compared to a email or real time chat conversations on the web. Would you be upset if you were passing a note to a friend and a peace officer demanded to see it without warrant to do so? I know enough to curb my speech in public for just that reason; it is public. Emails and private chats are however fully expected to be private. Giving powers to LE to conduct warrantless searches is in my opinion totalitarian.
BTW I have 5 yrs exp in penetration testing. Personal Info and Private Communications (PI&PC) were of paramount concern for every evaluation. A lot of trouble was went through to ensure that PI&PC were at all times protected and not retained.
I’m all for it. I have nothing to hide, so long as they’re only looking for criminal activities. My brother-in-law is a detective, and I know they have a very difficult time with all the regulations and red tape. He sees far too many criminals walk based on technicalities. And maybe the fear that ‘big brother’ is watching will make some people think twice before breaking the law.
continued intrusion by government into the lives of free people. “find out what any people will quietly submit to and you have the exact measure of the injustice and wrong which will be imposed on them” (frederick douglass)
The only option a small-government libertarian has is to vote with their feet and move to a tax haven. There is no small-government party left in the entire western world.
I’m still saving. They don’t let in the average joe so I’ll have to put aside as much as possible. Of course, I’ve been a net saver since I left university.
Vitruvius asks: “Or would rather have the bad guys use the Internet to arrange the kidnapping and trafficking of your daughter, without prevention or detection?”
Vit, what I would like is for “the bad guys” to be so daunted by the very idea of trying to kidnap and “traffic” somebody’s daughter that the idea never even occurs to them. I would like for every dirtbag terrorist to be met with the same fate as the lunatic who attacked the Holocaust Museum in NYC. I would like for teachers at school and parents at home to be empowered and -equipped- to terrify the “bad guys”. I would like organized crime to be reduced to dirtbags running nickel and dime dice games in back rooms, because they are too scared to do anything else.
Individual citizens are the source of polite society Vitruvius, it cannot be imposed from above.
Because as we know from gun control and 30 years of Liberal “justice”, Big Brother is not going to get it done. Big Brother is not getting it done now, with more powers and more money than he’s ever had in HISTORY. Criminals and terrorists are not afraid of Big Brother Vit. They are afraid of YOU AND ME, or they aren’t afraid at all.
Surveillance does not reduce crime. If England’s Labour Party has done one useful thing for the world, proving that criminals don’t care about cameras is it. Surveillance of the internet is no different.
However, surveillance is -great- for cowing a disarmed populace, and you are going to see lots and lots of it popping up in the USA over the next couple of years.
I’m going to make a few inquiries of the CPC and find out why this dangerous idiocy is being suggested. I suggest everyone else do likewise. Maybe if we all turn over some rocks we’ll find some grubs to vote out of office, yes?
We should all fight this. Call and/or write your MP stating your opposition and disdain for this policy.
~~favill~~
So where do we report to get the beast chip?
Seriously, why do these police state ideas seem to assault all the remaining democracies at the same time? And please don’t bore me with theories of coincidence or the misplaced idealism that thinks judicial oversight is any curb on police abuse of an extended power.
Do any of us honestly believe the problems this is presumed to solve are large enough to warrant the intrusion into personal privacy and civil freedom?
Or is this the politicians throwing another of our bones to the newest level of government – the police brass junta.
Vit, sorry I commented before reading the whole thread.
However your point about being an engineer is a strong one. I object to Big Brother surveillance tactics by police not because of some idealistic Utopian get-alongism, but because its not a functional method. Like a piston engine with no crankshaft, it can’t work.
History demonstrates this. Top down central planning does not function in business and it does not function in government. It barely works in the military, and the modern battlefield is moving away from it.
Additionally, if you go looking for an example of fully centralized control in nature you won’t find many. I can’t think of one, off hand.
Ants, bees, termites, lion prides, wolf packs, mountain gorillas, hyenas…all centralized social arrangements.
All I know is that in my litttle part of the world the quality of life continues to deteriorate. Crime is a big part of that and anyone who doesn’t realize that gangs (organized crime) control this are fools. What difference does it make if it is repressive politicans or gangsters who control society. I guess with politicans there is some pretense of civility and due process.
There is principal difference between phone and digital conversations. The phone conversations are rarely recorded and retained indefinitely without knowledge of the persons involved.
On the contrary, the ISPs are storing unregulated information about our digital correspondence, such as full email bodies, http requests, streaming, logs of irc conversations, etc.
Recently I realized that the Voip providers store the voicemails, even deleted by the user.
If that array of information became available, retroactively, to law enforcement, specially without warrant, that would equal to Stazi surveillance.
It’s the same kind of argument as why the founding fathers did not enshrine privacy of conversation in US constitution. Because it was enough to go behind the barn to be private in their age. They had no means of foreseeing that in the future communication will become easily interceptable. If they had, they would most certainly included right to privacy into the constitution.
Speaks volumes about the calibre of today’s rulers compared to the founding fathers.
That is an excellent point Aaron.
[quote]If that array of information became available, retroactively, to law enforcement, specially without warrant, that would equal to Stazi surveillance [/quote]
You are confusing evidence to be used in a Court Of Law, and an investigative tool used to gather intelligence such that a warrant may be justified. The tools used to justify an “official” investigation are seldom reveled, or they would become useless.
The naivety is priceless…
Jawohl, Slap Shot! If you’ve done nothing wrong, you have nothing to hide. Papier, citizen!
Slap Shot: “The naivety is priceless…”
Truly. They are, however, willing to trust a computer operator at an ISP (or a guy repairing their computers, etc.) with their privacy.
I clearly remember when the police needed a reason to pull someone over in their car. Swerving, speeding etc.
Then MADD and the police thought that RIDE programs would help stem the tide of drunk drivers.
Our Ontario Supreme court decided that the rights infringment of the individual was trumped by the rights of the many in order to protect us from drunk driving. It all seemed very common sense, how could anyone disagree with getting drunk drivers off our roads?
Now when you go through a RIDE program it’s a ‘catch all’ for the police.
Unpaid parking tickets,expired insurance, and anything else the police can think of are now the norm at RIDE programs.
Basically the police can pull over cars on a wholesale basis to check for any and all infractions, as long as they claim it’s to check for drunks.
Why can’t the police obtain a warrant for intercepting e-mail again?
Zionist Traitors want to Know Who is Criticizing Them
Another dream bill, straight from the feverish brains of Zionist terror organizations and Harper supporters like the Bnai B’rith and CJC.
The controlled opposition under crypto-J-w Ignatieff will support this, no doubt.
What they want to do is have the power to terrorize and silence those of us who point out the Isr-eli backers of Canadian politicians.
As the repression becomes more blatant, the truth of who and what is running Canada become more obvious, and the backlash will be all the more harsh against these scum.
Zionist Traitors want to Know Who is Criticizing Them: Tory Scum look for greater access to Internet activity, user info
Thanks greatly, Lance, for the prompt update on an important issue. This statement in the press release —
“Police forces and CSIS will continue to require warrants for interception”
— makes all the difference. What would have been a howling outrage, if no warrant was required, is, as it turns out, a mere updating of investigative techniques which will simply allow law enforcement the same level of (warrant-required) access to the computer records of the subjects of criminal investigation as they’ve always had for their phone communications. Granted, the compiled, retroactive nature of ISP records makes it a bit different than phone lines, as Aaron mentioned, but that’s just the nature of the beast; overall, the requirement for a warrant means this is far from the surveillance-state violation it would have been without such a requirement.
I can see how for smaller ISPs in particular the legal requirement to compile such extensive data could amount to a perhaps onerous and arguably unreasonable expenditure; perhaps the government could help out in this regard through tax-breaks or funding.
Overall, not an unreasonable bill.
EBD said “Overall, not an unreasonable bill”.
I agree. Although the Devil could be in the details somewhere. My take is they are not capturing all the information going though their servers, (casting a net so to speak) but turning on the capturing software after receiving a court order and specifically targeting the bad guys.
This seems like a daunting task. It’s not just email we are talking here but file transfers. With things like DropBox, Skype, LogMeIn, Himachi etc in the mix it could almost be impossible to catch these people. Using a laptop and moving around using wireless networks that aren’t locked down really makes it even harder to catch them. None of the bad guys actually has to have Service Provider to do business.
Gord, it is _not_ an onerous task.
The day job has me doing just that for a bastion (somewhat protected but offering services to the Internet) host.
In my case:
-configure the firewall to capture all packets to/from an ethernet hardware MAC address,
-transfer those packets before the buffer fills to a processing server with the the wireshark utilities I mentioned in the updated post,
– voila, I can see each and every packet that went to and from that machine that wasn’t encrypted.
Using wireshark I can filter/sort/group the packets that are related (i.e someone using POP (port 110) to download and send email) and step through them to see in plain text exactly what was sent or received.
Cheers,
lance
How much is a 2Tb hard drive these days?
I bet the small ISPs will go out of their way to make sure they have ALL INFORMATION in case they are asked. It’s not hard like lance pointed out, and gets them off the hook. If they can store all information passing thru their switches, they will. It’s another gun registry and you pray that it does not fall into another Stalin’s hands.
You’d need a hell of a lot more than 2TB to do wholesale continuous capture, Aaron.
On the scenario I mentioned above which has only one purpose and is not accessed daily I avg. about 20M per day. That’s 275M since Jun 1, on one machine.
4 machines == G, 4000 machines = TB in 18 days.
(See this for context)
Cheers,
lance
Lance said “voila, I can see each and every packet that went to and from that machine that wasn’t encrypted.”
I noodle around with Wireshark a bit on my network. But then again it’s my network. If the bad guys are moving around using different networks 5 times a day how do you know which network to scan? Plus if you could mask your mac address so it changes every time you log on to a different network. They aren’t really using Servers or Routers that you can nail down.
I agree if you could find the Service the bad guys were using or find the Server they were using you could have a shot at catching the people connecting to it. But an untraceable laptop is like a throwaway cell phone.
That’s why the bad guys drive around looking for free wireless signals to do their work on. They could park in one place and change Internet Providers 4 times an hour. You throw VMware into the mix and you have 4 or 5 operating systems with different IP Addresses and MAC addresses on one laptop. All running at the same time. A Linux Server in VMware on and XP computer that changes locations hourly would be hard to catch.
The cops have their work cut out for them. I’m not sure how they can get a warrant when the bad guys can move around so much.
Good points all, gord. Changing your MAC address isn’t all that hard either. This is definitely targeting xDSL/satellite/cable modems or end points on the Internet.
It won’t do much good against those who use the limitless unsecured wireless access points out there.
Cheers,
lance
Oh, as an addendum, you don’t need a throw-away laptop, you need a throw-away wireless PCMCIA card.
Cheers,
lance
Exactly. All that’s needed is the key.
Wrong.
You’re gonna make me code for it, aren’t you.
Clue: That code is not doing cryptography.
Vitruvius. I think there’s something wrong with your keyboard. I can’t understand anything you just typed.
🙂