Spying on Canadians’ online activities will not help anyone win the war on terrorism, a University of Toronto professor told a conference Thursday.
Attendees at the Centre for
Applied Cryptographic Research (CACR) Information Security workshop heard a number of government and academic representatives speak about privacy and security issues. The event, organized for the third year by the Ontario Office of the Information & Privacy Commissioner and University of Waterloo’s CACR, focused on what effects post 9/11 legislation is having on Canadian’s privacy rights.
The fundamental problem facing the Canadian population and the telecommunications industry that serves them is the misguided notion that widespread surveillance of online communication will prevent another tragedy like the New York’s World Trade Center attacks, said University of Toronto professor Janice Stein.
Stein argued that intelligence agencies are suffering from an information overload and don’t have the capacity to analyze the surveillance info they receive already.
“”It’s very easy for a (U.S.) congressional committee to rake the CIA over the coals because of information they missed. In fact they missed maybe 40 messages in a set of 400,000 pages,”” Stein said.
Canadians should take a very critical look at the Anti-terrorism Act and the proposed Public Safety Act, said University of Toronto’s Center for Innovation Law and Policy executive director Richard Owens. The legislation’s language is quite difficult for lawyers to decipher, making it possible to hold ISPs responsible for the activities of their subscribers.
The lack of clarity is of a huge concern, he says, since the vague new laws and amendments to existing ones leave the door open for things like civil protests and dissident Web sites to be considered illegal.
“”Essentially this allows a judge to take content that he finds offensive, order it delivered to court and destroyed,”” he said.
This heavy-handed approach doesn’t make sense, said University of Toronto professor Kent Roach, because the activities the government is using as an excuse for spying on the public are illegal anyway.
“”It already was a crime to take down a hydro tower,”” he said, “”even before September 11th.””
There is a lack of creativity and collaborative work when it comes to ensuring the safety of Canadians, Roach said.
The problem is that we’ve become accustomed in thinking of security and privacy as opposed to each other, Stein added. Legislation like Lawful Access is allowed to show up on the Canadian landscape because the government has been successful in convincing the public that protecting them from harm must come at the expense of their privacy. The federal government recently issued a document that would potentially broaden Lawful Access to require ISPs to keep records of user traffic that could be during a police investigation.
In a white paper written earlier in 2002 Ontario Information and Privacy Commissioner Ann Cavoukian argued the same thing.
“”Many security technologies can be redesigned to remain highly effective, while at the same time minimizing or eliminating their privacy invasive features,”” she wrote.
In the paper, Cavoukian brought up passenger scanners at airports, which display everything under a person’s clothing, including the body itself.
“”There is no need for the equipment operators to view the essentially ‘naked’ bodies of passengers,”” she said. “” 3D holographic imaging using millimeter-wave scanning techniques also reveals any hidden objects but not the subject’s body image itself-security and privacy in one technology.””
The high-tech industry should be consulted much more in our struggle to assure Canadian’s safety, says Roach.
And before sweeping and very invasive legislation that’s likely to be a burden on the private sector is introduced it may be a good idea to figure out if the law is targeting a real or imaginary threat, says Stein.
“”The al Qaeda network is actually not a heavy user of the Internet,”” she says, “”So the heavy, heavy investment in general surveillance is probably not going to be effective. We may well end up in two to three years with compromised privacy, compromised equality and diminished security.””
Comment: [email protected]
