Christopher Parsons, a post-doctoral fellow at the Citizen Lab in the Munk School of Global Affairs, has sent an open letter to leading Canadian phone and internet service providers (ISPs). The letter asks them to disclose the extent of the consumer information they hand over to law enforcement and intelligence agencies.
The letter was released on January 20, though the project had been Parsons’s research as a PhD student for nearly four years. The letter was also signed by 12 academics from universities across Canada. Parsons’s letter was sent to companies such as Bell Canada, Telus, Rogers, and Fido, among others.
A variety of information is requested from ISPs and telecommunications companies by law enforcement — including device geolocations, call detail records, text message content, voice mail, cell tower logs, real time interception of communications, web surfing history, and more.
“This is really an opportunity for Canadian telecommunications companies, which regularly affirm their commitment to Canadians’ privacy, to make it really clear. This is how we protect your privacy, and these are the conditions under which we reveal information, and this is how often we do so,” said Parsons.
Law enforcement and other government agencies’ intrusions on the digital lives of Canadians have seen activists, civil rights groups, and scholars pressing hard for substantive data from telecommunications companies. The full extent of the practice is unknown, despite intense media scrutiny surrounding the United States National Security Agency, and passionate debates in Canadian parliament.
Parsons explained that Canadian legislation limiting the use of telecommunications data has lagged behind that of the United States. Parsons says that this was attributable to a number of factors, including the fact that Canada has had a series of minority governments, which have largely hindered privacy legislation from passing. “It also hasn’t been a terribly sexy, or high-profile series of laws, so the governments of the day have been focusing on other matters,” said Parsons. “That being said, we have seen for the past three or four years, the Federal Privacy Commissioner repeatedly calling for more powers to appropriately do her job,” he added. “This is just an area of law that has unfortunately been left at the wayside, and it’s really showing.”
At present, the Supreme Court is deliberating an appeal from a convicted child pornographer. He claims his right against unreasonable search and seizure was violated when police conducted their investigation of his crime. Using information provided by his ISP, they traced his internet protocol (IP) address after they found it on a file-sharing network used for child pornography. Parsons said that “in this case, police used what is a called a PIPEDA letter [The Personal Information Protection and Electronic Documents Act], which states that the police — without judicial oversight but under their lawful authority — are requesting warrantless access to subscriber data.”
Parsons commented that this practice should only be allowed in specific situations, such as those involving children in danger. However, he added, “In most cases, police should have some kind of judicial oversight before they can start going to companies and asking for our personal information.” “I think the reason this matters is because privacy is fundamental to exercising our other hard won rights and liberties. It’s no one’s damn business when you get together with colleagues or friends, or meeting over a beer with your girlfriend. The same is true of our internet and telecommunications data,” Parsons said.
Telus and Rogers have been the first to speak to media regarding the letters. “We have just received the request, and we are still reviewing it,” Shawn Hall, a spokesperson for Telus, said last Wednesday. He highlighted that: “Telus takes great care to safeguard customer privacy, and will challenge court orders that we think overreach.” Rogers spokesperson Patricia Scott said that her company’s chief privacy officer had yet to receive the letter. She too affirmed her company’s commitment to privacy: “We take privacy matters very seriously, and comply with all regulations. Our policy is that we require a properly executed warrant to disclose customer information.”
The letters ask the companies for a response, or a commitment to respond by March 3, 2014.
The Citizen Lab, where Parsons does his research, is an interdisciplinary research environment that studies the monitoring, censoring and modification of digital information. The institution focuses primarily on the intersection of information and communication technology with policy-making, human rights, and global security.