From spam to copyright, lots of new laws on the way

Posted on December 13, 2010 by David Canton

For the London Free Press – December 13, 2010

Proposed legislation could have major implications for businesses, consumers

Development and innovation of technology inevitably breeds new laws to regulate that technology. For lawyers practising Information Technology law, there is a considerable amount of potential new law to digest.

For example, Bill C-28, the Fighting Internet and Wireless Spam Act, brings in several anti-spam measures. While this is welcome by most people, the language may take in things we may not consider to be spam and affect how typical businesses communicate. Since the penalties are significant, we need to take a close look at this act before it takes effect to understand what it will mean for a typical business or organization.

Bill C-29 would make several changes to the Personal Information Protection and Electronic Documents Act. Most of these were expected – and welcome – because they address issues arising from the current law.

But there are new parts that could use clarification. Language that tries to clarify what constitutes “lawful authority” to release information to law enforcement when requested doesn’t make clear what proof or threshold of proof is required. It also contains language requiring that the privacy commissioner and affected individuals be notified of breaches in some circumstances. The language has threshold tests, which on the surface are not as clear as they might be. If this language stays, it may take a decision by the privacy commissioner and/or a court to clarify the threshold.

Bill C-32, the Copyright Modernization Act, is the latest of several attempts to amend the Copyright Act. Controversial elements include digital lock provisions that would let publishers trump user rights. Much has been written about this, including a book entitled From Radical Extremism to Balanced Copyright: Canadian Copyright and the Digital Agenda, written by several copyright experts.

Bill C-51, which would amend the Criminal Code, Competition Act and Mutual Legal Assistance in Criminal Matters Act a.k.a. Investigative Powers for the 21st Century Act, is the latest effort to give law enforcement more access to electronic communications.

But what proponents call “lawful access” bills, critics deride as “awful access” bills. They question whether making things easier for law enforcement is worth the significant erosion in privacy and extra costs to Internet service providers.

These bills may have far-reaching practical implications, not only for many businesses and organizations, but also for consumers.

Plethora of Pending IT Legislation

Posted on November 3, 2010 by David Canton

That’s the title of my Slaw post for today. It reads as follows.

Those who practice in the IT area have a lot of potential new law to digest. The Federal government has several bills in various stages that will affect many businesses and organizations, and all of us as consumers. These bills have been mentioned on Slaw, but I thought it was worthwhile listing them all in one place.

Bill C-28 Fighting Internet and Wireless Spam Act.

This bill brings in several anti-spam measures. While this is welcome by most people, the language has the possibility to affect how typical businesses communicate. Things that we may not consider to be spam might get caught by the act. Since the penalties are significant, we will have to take a close look at this before it is in force to understand what it means for a typical business or organization.

Bill C-29 An Act to amend the Personal Information Protection and Electronic Documents Act

This would make several amendments to PIPEDA. Most of the amendments were expected, and are welcome as they address issues that have arisen from the current legislation. There are a couple of new parts that could use some clarity, though. Language that attempts to clarify what “lawful authority” is that allows one to release information to law enforcement doesn’t really seem to clarify what the threshold of proof is, or what to ask for. It also contains language that requires notification of breaches in certain circumstances to both the privacy commissioner and the affected individuals. The language has threshold tests – which on the surface are not as clear as they might be. If this language stays, it may take a privacy commissioner decision and/or court decision to clarify the threshold. The best source for more information is David Fraser’s blog

Bill C-32 Copyright Modernization Act.

This is the latest of several attempts over the years to amend the Copyright Act. Controversial elements include digital lock provisions that will allow publishers to trump user rights. There has been a lot written about this, including a book entitled From “Radical Extremism” to “Balanced Copyright”: Canadian Copyright and the Digital Agenda written by several copyright experts. The best source for more information about the bill is Michael Geist’s blog.

Bill C-51 An Act to amend the Criminal Code, the Competition Act and the Mutual Legal Assistance in Criminal Matters Act aka Investigative Powers for the 21st Century Act.

There also appears to be at least one companion bill, C-52. This is the latest incarnation of what has been dubbed a “lawful access” bill. The bill essentially tries to give law enforcement more access to electronic communications. Critics refer to the bills as “awful access”, and point to the erosion of privacy and the costs ISP’s will need to spend. They also question the practical effectiveness of the measures. This bill is hot off the press, and I have not had time to look at it – but in general I fall into the ”awful access” camp. Expect more commentary on this from both Michael and David.

US bills introduced to wiretap the net, and arbitrarily shutdown alleged infringers

Posted on September 28, 2010 by David Canton

We get upset when governments outside of North America insist on being able to monitor internet based communications. But we shouldn’t get too smug about it, as the same thing happens in North America. See these posts that talk about a new attempt to legislate backdoor internet access in the US, why its a problem, and links to other commentary. CircleID Techdirt

The three strikes concept just won’t go away either. Basically it allows or requires sites or internet access to be shut down based on unproven allegations they are used for infringement. A new proposed US bill would do that. See the CircleID link above for their take on that.

Mike Masnick of Techdirt puts that bill in perspective by saying that the same logic used by the proponents of the bill would have in the past banned Hollywood itself, the recording industry, radio, the DVR, and other ubiquitous things.

UPDATE: Also see the EFF take on the backdoor bill.

RIM Blackberry security irks UAE, Saudi Arabia

Posted on August 4, 2010 by David Canton

That’s the title of my Slaw post for today. It reads as follows.

There has been a lot of press over the latest countries that don’t want Blackberries in their country unless they can get access to monitor user communications. See, for example, the Washington Post, Techdirt, Engadget.

RIM designed Blackberry communications so they would be secure, in a way that RIM itself can’t even access them. That’s a great feature that makes privacy advocates, corporate users, and individual users very happy.

But it also makes some governments very unhappy – particularly those who believe they need to spy on communications. Some to the extent that they threaten to ban use in their countries unless they get the access they want. Those countries feel the need to monitor for illegal activity, or for anti-government sentiment that we in North America would consider basic free speech. And the threat to ban irks governments like the US, because it affects US government officials and users that travel to those countries, and offends their views of free speech and individual empowerment. The attitude of most of us in North America is that those governments should just lighten up and stop trying to suppress or control the thoughts and activities of people.

But we can’t forget that this is all a matter of degree. US and Canada ”lawful access” advocates want ways for law enforcement to access electronic communications to fight criminals and terrorists, and have similar concerns about encryption that modern communications technology provides. Law enforcement has always been able to do things like wiretaps with judicial oversight that requires some standard of reasonable cause before it happens. (Although one is often suspicious about what wholesale monitoring is done at the national security level of things.)

We need to think these things through very carefully in terms of what access is truly needed and effective to fight crime, and what is merely security theatre. Also what kind of rules, oversight, checks, and balances must go along with law enforcement access in order to balance that against rights to privacy and confidentiality.

Canadian Lawful Access Bill & US NSA domestic spying

Posted on June 18, 2009 by David Canton

Michael reports that a new “lawful access” bill is about to be introduced that is intended to give authorities easier access to private communications. Also see Cory Doctorow’s take on it . The privacy commissioner and CAIP (Canadian Association of Internet Providers) are not enamoured of the idea either.

At the same time, the EFF reports about a New York times article about the “National Security Agency’s systemic and significant “overcollection” — that is, illegal interception — of Americans’ domestic communications”.

Perhaps requiring a warrant for the interception of communications is not such a bad thing?

Its no wonder we are skeptical/nervous about “lawful access”

Posted on September 14, 2007 by David Canton

Further to yesterday’s post about lawful access policy input (or lack thereof), here are 2 examples of why this kind of thing makes us skeptical about the need and concerned about the dangerous privacy implications.

First, there are reports that the US Director of National Intelligence recently testified that its warrantless evesdropping prevented a recent terrorist plot. Turns out it had nothing to do with it.

Read a Boing Boing report about that

Second, Outlaw.com reports on a judicial suggestion in the UK to put the entire population into a DNA database.

Read the Outlaw.com article

(L)awful access consultation

Posted on September 13, 2007 by David Canton

Michael and David are all over this – but its an important enough issue that I want to mention it as well. Public Safety Canada and Industry Canada have begun a consultation on how law enforcement and national security agencies can gain lawful access to customers’ information. In other words, they want to make is easier for law enforcement to get our phone and Internet records without court orders.

While we should not impede what is necessary to fight crime, carte blanch access to our personal info makes it far too intrusive from a privacy perspective. Michael points out that until this consultation process became publicly known, it was just going to be with a few selected participants. Not a great way to instill public confidence in either the consultation process or the overall fairness of the result.

This issue never really goes away – see “lawful access” in my tag cloud for earlier posts.

Read Michael Geist’s original and second comment

Read David Fraser’s comment

UPDATE: David has posted a good article detailing the background behind this issue

Clean Internet Act

Posted on April 23, 2007 by David Canton

Techdirt has a post entitled Can We Please Have Politicians Understand The Internet Before They Regulate It? that talks about the proposed Canadian private members bill intended to rid the Net of offending stuff. It uses the kill a fly with a sledgehammer approach.

Techdirt pulls no punches, saying that it is: a bizarre bit of proposed legislation that is typical of other “protect the children!” laws that politicians love to propose without actually understanding what they’re talking about. This one is pretty ridiculous…

Michael Geist mentioned it as well. He prefaced some details with: The bill itself includes (and I am not making this up):

Its kind of scary to see this kind of bill being seriously proposed. At least its a private members bill, which rarely go anywhere. I sometimes wonder if these types of proposals are serious – or whether they are intended to anchor our expectations so when the real thing arrives it doesn’t look as outrageous.

Read the Techdirt comments

Read Michael’s post

Hewlett Packard pretexting vs lawful access legislation

Posted on September 15, 2006 by David Canton

Does anyone else see the the irony in this?

The press is all over Hewlett Packard for its pretexting phone record collection (rightly so), and it seems that criminal charges may be laid.

At the same time, the US and Canadian governments are trying to pass “lawful access” legislation that gives them more power to snoop around our communications without warrants or judicial oversight.

So its evil if a corporation spies on its board members and others, to the extent that the government may lay criminal charges – but its OK for the government to spy on its citizens at will?

Read a Silicon Valley.com article about the Hewlett Packard snooping

Read a Techdirt post about the Hewlett Packard scandal

Read a Wired News article about the US National Security Surveillance Act

Read an Ottawa Business Journal article about the proposed Canadian lawful access legislation

Copyright reform & lawful access

Posted on September 6, 2006 by David Canton

We are expecting 2 pieces of federal legislation soon dealing with copyright reform and lawful access. Both will be controversial.

David Fraser has a good comment on the role that private sector service providers should play in the balance between privacy and security – and its not to act as police.

Michael Geist continues with his 30 days of DRM series that deals with copyright reform issues, particularly, what the legislation might say about protecting DRM. He also has a good comment on the questionable thinking contained in an education ministers proposal.

My position on DRM is that is causes more problems than it solves, and defeating it should not be outlawed. Michael has focussed on all the exeptions that shouod be allowed to any provision outlawing defeating DRM. It just reinforces to me that this is getting way too complicated. Far simpler, easier, more certain, and balanced to forget any notion of outlawing tools to defeat DRM, and to expand the definition of fair dealing.

Read David’s comment on service provider roles

Read Michael’s comment on the education minister proposal

David Canton

Technology law blog by a Canadian information technology and intellectual property law lawyer and trade-mark agent dealing with issues including software, copyright, privacy, the Internet, electronic commerce, computers

Tag Archives: lawful access