by Nestor E. Arellano 

Proponents of Bill C-30, otherwise known as the Protection Children from Internet Predators Act, say that it will merely bring Canada in line with other countries that have some form of lawful access and data preservation and retention legislation. 

Nestor Arellano

This is precisely why Canadians should be worried if Parliament decides to let the bill pass in its present form.

There is no shortage of research which indicates that implementation of an online surveillance regime in the European Union and the United States have been fraught with flaws, abuse and costs ultimately shouldered by Internet Service Providers tasked by government to essentially snoop on their customers. 

More than 10 years ago the United Kingdom passed the Regulation of Investigatory Powers Act (RIPA) to extend law enforcement agencies’ access to communication systems to help police battle crime and terrorist-related activities. Under a voluntary code of practice, ISPs retain data such as content of email servers, email server logs, IP addresses, SMS messages and others from six to 12 months.  

Reports from the Interception Commissioner, which provides a yearly assessment of interception of communication traffic, indicate that a growing number of “interception errors,” according to a paper written by Christopher Parsonsof the Political Science Department at the University of Victoria. 

In 2007, there were 24 interception errors and breaches found which the Commissioner deemed to be “to high” according to Parsons.  

In 2009, 36 interception errors and breaches attributed to the General Communications Headquarters, the Secret Service, Her Majesty’s Revenue and Customs, the Serious Organized Crime Agency, The Scottish Government, the Metropolitan Police Counter Terrorism Command and the National Technical Assistance Centre. During this year there were a total of 525,130 requests for communications data that resulted in 661 reported errors. 

Lawful access ‘enormous financial burden’ for business  

Furthermore, Parsons found that the requested data was not always used to deter crime. In the instance of one family subjected to excessive surveillance (21 acts in three weeks) data was requested to determine the family’s eligibility to send their children to a local school. 

A report released by the U.K-based civil liberties group Big Brother Watch paints a troubling picture of how law enforcement agents handle data that passes through their hands.  

The organization found that between 2007 and 2010: 

  • 243 police offices and staff received criminal convictions for breaching the country’s Data Protection Act (DPA) 
  • 98 police officers and staff were terminated for breaching DPA 
  • 904 police officers and staff were subjected to internal disciplinary procedures for breaching DPA 

In one notable case, no less than 208 officers and staff received legal caution for viewing computer records related to a high profile crime. In another, a staff member was dismissed for discussing policing information on Facebook. Numerous others were found to have accessed criminal records and personal data for no obvious policing purposes. 

In the United States, the problem is more significant, according to Parsons who says the country “suffers from endemic inappropriate surveillance.” He said the National Security Agency (NSA) reportedly runs a warrantless wiretapping system with the assistance of major telecom providers such as AT&T. A large amount of the surveillance conducted by state and federal agencies go unreported. 

“Without reports, it is challenging to determine if access was appropriate or necessary,” he said. 

Back in 1994, the U.S. enacted the Communications Assistance for Law Enforcement Act (CALEA) which imposed interception capabilities on telecom service providers. Today, The Defence Department continues to call for ISPs to retain data for two years. The department is also developing a system for monitoring Internet traffic and federal law enforcement is requesting the extension of CALEA to include other providers such as Facebook and Skype. 

If we would like to have an idea of how much it might cost Canadian ISPs to retrofit existing networks to facilitate the “snoop and scoop” activities outlined in Bill C-30, we can look to the U.S. as well for an example. 

In addition to data storage CALEA also required providers to make their systems “intercept ready”. Prior to CALEA enactment the industry estimated this would cost them between $3 and $5 billion, the FBI’s estimate was around $500 million to $1 billion. Since then industry has lowered its estimate to $1.3 billion, but Parsons notes that this figure did not include VoIP-based communications.  

In Canada, small ISPs have repeatedly voiced concerns that compliance with to lawful access legislation will be a costly burden. 

But it is not only the financial cost that businesses should be worried about. Requiring providers to render their systems “surveillance ready” will introduce security vulnerabilities to their systems. 

Requiring companies to build a “backdoor” for law enforcement agencies to access their networks and accomplish a data dump creates a single “point of failure” which hackers can exploit, according to John Villasenor, professor of electronics engineering at the University of California. 

It might be argued that a surveillance technology that cannot be penetrated by hackers can be securely built. If Bill C-30 is about trusting those in charge, I’m a bit worried. The current track record of government agencies both here and in the U.S. in protecting their own networks against breaches is not very encouraging. 

In 2011, the Central Intelligence Agency’s own Web site was taken down by the hackers group LulzSec. The same group stole 180 passwords of members of an FBI affiliate. 

That same, hackers believed to be based in China, launched a cyber attack on several Canadian government departmentsto steal classified information. 

Yes, I agree we should look at other nations that have implemented their online surveillance laws. I think if we look closely we’ll probably find more reasons not to rush towards having one.

Share on LinkedIn Share with Google+
  • Annie O’Nimmus

    Canadians will not be critical of our government because they will fear being put on the “watch list”. Many people won’t comment online, petition, rally, demonstrate, or even risk joining the opposition, unless they can be assured of the anonymity that we expect today. If we truly wanted to lead the world toward freedom and democracy, we would be installing onion routers into our infrastructure, not packet inspectors.

  • Annie,

    I hate to burst your buble, but it seems we live in a digital age where privacy is breeched all the time. That does not mean we have to give authorities the capabilities to do it legally.

    And please give Canadians a little more credit. I, for one, will never fear speaking out, and without anonymity, because I might be placed on some watch list. I’d rather take a bullet like those people during the “Arab spring” than live in fear of my government.

    The issue is one of control of the message. Neither governments nor multi-national corporations like it very much that people can now blog, tweet, etc. Why? Average people might learn too much. After all, knowlege is a dangerous thing to some. How do I know this? I am a semi-retired professional journalist who worked for the mainstream.

    Canadians will not stand by and watch this government take away our Charter riights or our internet. This is evedinced by the storm brewing that went into high gear last week. And that is thanks to much hard work done by many good people since the federal election – and mostly over the internet. Both the government and Corporate media bosses have lost control of the message and Canadians are speaking loud and clear on the issues.

  • Jean Coutu

    Bobbie, I hope you’re right, that the Conservatives back off of this bill, but I’m not optimistic. Many of those in Harper’s cabinet were former ministers in the Mike Harris Tory government in Ontario. Harris did the same types of things as Harper, i.e. import failed foreign policies.
    I well remember a man coming up from California, when Harris was about to de-regulate/break-up Ontario Hydro. This man stated that in California, they were promised that de-regulation would bring lower hydro rates. Instead, they doubled. He basically came up here to tell us of their experience, and to ask, “Have you people lost your minds?”

    Harris said that we would do things differently, it wouldn’t end up the same way as it did in California. Well, the hydro rates may not have doubled, but otherwise the experience is the same. We’re seeing a repeat in justice policy with Harper — just as American states are abandoning these ‘tough on crime’ policies, Harper is adopting them. Americans are telling us, “these policies have utterly failed i the U.S.” but Harper steams-on, full speed ahead, oblivious to the looming iceberg.

    There is no question that the police desperately want these new powers; the police also lobbied against the adoption of the Charter of Rights and Freedoms, arguing that it gave too many rights to criminals.

    Once the surveillance apparatus is installed, it will never be removed, as any successive governments will be tempted to use it for themselves. I have no doubt in my mind that it will be used for spying on protesters, environmentalists, anti-nuclear activists, and othe similar enemies of the state. In 10 years time we will be literally astonished at the abuses of this that will have come to light.

  • Bobbie Saga


    One can hope the opposition, both in the HoC and within the public sphere stays in tune with and on top of what’s happening on C-30. My sources say they are! The latest news of the election fraud may, however, may in-fact, overshadow the issue. As to your comment:

    “Once the surveillance apparatus is installed, it will never be removed, as any successive governments will be tempted to use it for themselves. I have no doubt in my mind that it will be used for spying on protesters, environmentalists, anti-nuclear activists, and othe similar enemies of the state. In 10 years time we will be literally astonished at the abuses of this that will have come to light.”

    I fully agree! That is why it is so important to stop it in its tracks.

  • sabrina

    The issue is one of control of the message. Neither governments nor multi-national corporations like it very much that people can now blog, tweet, etc. Why? Average people might learn too much. After all, knowlege is a dangerous thing to some. How do I know this? I am a semi-retired professional journalist who worked for the mainstream.

  • Rwolf

    U.S. Expanding Cross-border Police Integration With Canada & Asset Forfeiture Sharing

    Concurrent with Obama’s proposed law legalizing and expanding cross-border police integration in North America, Canadians earlier this year discovered introduced (Commons Bill C-30 touted to protect children on the Internet—would also give any Canadian police officer—without a warrant—the power to request Internet service providers turn over customers’ information (see section 17 of C-30); allow Canadian police to seek into Canadians’ private computers. C-30 was strongly opposed by Canadians in April 2012. Canadians further discovered Canada had signed with the United States an array of (Asset Forfeiture Sharing Agreements) for Canada to share
    Canadian and Americans assets civilly or criminally confiscated using Asset Forfeiture laws that resulted from U.S. and Canada sharing information gleaned from electronic surveillance of Canadian and American Citizens’ communications, e.g., emails, faxes, Internet actively, phone records.

    Compare: The Obama Government wants the power (without a warrant) to introduce as evidence in U.S. Civil; Criminal and Administrative prosecutions any phone call record, email or Internet activity. Police can take out of context any innocent—hastily written email, fax or phone call record to allege a crime or violation was committed to cause a person’s arrest, fines and or civil asset forfeiture of their property. There are more than 350 laws/violations that can subject property to Government forfeiture that require
    only a civil preponderance of evidence.

    The U.S. “Civil Asset Forfeiture Reform Act of 2000” (effectively eliminated) the “five year statue of limitations” for Government Civil Asset Forfeiture: the statute now runs five
    years (from the date) government or a police agency allege they “learned” an asset became subject to forfeiture. It is foreseeable should (no warrant) government electronic surveillance be allowed; police will relentlessly sift through business and Citizens’ (government retained Internet data), emails and phone communications to discover possible criminal or civil violations. History Repeats: A corrupt or despot U.S. Government/Agency can too easily use no-warrant—(seized emails, Internet data and phone call information) to blackmail Americans, corporations and others in the same manner Hitler used his police state no warrant passed laws to extort support for the Nazi fascist government, including getting members of German parliament to pass Hitler’s
    1933 Discriminatory Decrees that suspended the Constitutional Freedoms of German Citizens. A Nazi Government threat of Asset Forfeiture of an individual or corporation’s assets was usually sufficient to ensure Nazi support.

    Under U.S. federal civil asset forfeiture laws, a person or business need not be charged with a crime for government to forfeit their property. Most U.S. Citizens, property and business owners that defend their assets against Government Civil Asset Forfeiture claim
    an “innocent owner defense.” This defense can become a criminal prosecution trap for both guilty and innocent property owners. Any fresh denial of guilt made to government when questioned about committing a crime “even when you did not do the crime” may (involuntarily waive) a defendant’s right to assert in their defense—the “Criminal Statute of Limitations” past for prosecution; any fresh denial of guilt even 30 years after a crime was committed may allow U.S. Government prosecutors to use old and new evidence, including information discovered during Civil Asset Forfeiture Proceedings to launch a criminal prosecution. For that reason: many innocent Americans, property and business
    owners are reluctant to defend their property and businesses against Government Civil Asset Forfeiture. Annually U.S. Government seizes Billions in assets without filing criminal charges. Increasingly local police are turning their criminal investigations over to Federal Agencies to receive an 80% rebate of forfeited assets. Federal Government is not required to charge anyone with a crime to forfeit property.

    Re: waiving Criminal Statute of Limitations: see USC18, Sec.1001, James Brogan
    V. United States. N0.96-1579. U.S. See paragraph (6) at: