Canada Unveils Internet Surveillance Legislation 272
An anonymous reader writes "Michael Geist is reporting on his blog that the Canadian government today introduced new legislation that would require ISPs to establish new surveillance controls to monitor Internet activity. The bill will also require ISPs to disclose subscriber information without a warrant. The bill may not survive given the state of the government, but this is a sad indicator of things to come."
Re:No right to privacy (Score:5, Informative)
Keep in mind that Canada, like many other countries, has laws forbidding hate speech. I believe it is still illegal to voice skepticism about the holocaust in Canada.
IANAL (Score:5, Informative)
5. IS A WARRANTLESS SEARCH OR SEIZURE ALWAYS UNREASONABLE? [jibc.bc.ca]
Re:From Communism to Communism (Score:1, Informative)
Re:No right to privacy (Score:4, Informative)
That text is pretty awful. Passages like that are what get laws declared unconstitutional in the US. Hate speech certainly does not seem to impede a free and democratic society...
Yes, Canada does have laws against hate speech. The last time I checked, expressing skepticism about the holocaust itself was not hate speech.
Although I don't doubt it has changed, it certainly was a crime at one point. My point stands in response to the OP, that Canada is not the haven of civil liberties it is frequently viewed as.
It will never pass. (Score:3, Informative)
While I'll hate the upcoming election, I'll enjoy this law not being passed.
Chance to have lunch with the Minister Responsible (Score:2, Informative)
Re:No right to privacy (Score:3, Informative)
Perhaps that's true if the Constitution is narrowly interpreted. But, Supreme Court precendents have not taken a narrow interpretation. As described on http://www.law.cornell.edu/wex/index.php/Personal
Re:No right to privacy (Score:3, Informative)
Let's also keep in mind the words of the 9th Amendment:
In other words, just because a right didn't make onto the Top Ten List, that doesn't mean it doesn't exist. The writings of the founding fathers were quite clear on this. Some of them were against having a bill of rights for fear that it would be misconstrued as a complete and inclusive list of the rights of the people. This is something I wish all those conservative jackasses who call themselves "strict constructionalists" would get through their thick skulls. Likewise, the liberal jackasses need to learn the 10th Amd ("If it ain't in the Constitution, the federal gov't can't do it!"), but that's the subject of a different rant...Re:No right to privacy (Score:3, Informative)
The constitution is not-- I repeat-- is not a complete enumeration of the rights of the people. For bog's sake read the damn bill of rights! It's right there, in amendment 9:
There does not need to be an explicit enumeration in the constitution in order for a right to exist!
Europe risks becoming silly too (Score:5, Informative)
If you are a European citizen you can sign a petition against the directive here [dataretent...lution.com].
According to a joint newspaper article by Swedish MEPs Charlotte Cederschiöld (conservative) and Jonas Sjöstedt (socialist) that was published some months ago, the only thing that can stop the directive is feedback to the politicians from the general public on the same scale as the software patents directive generated. I don't know if they are right in their assessment, but signing the petition against the directive is at least a first step.
Personally, I would also like to see the European ISPs becoming more active and start spending some real money on lobbying.
As long as it's only the old dinosaurs with pre-Internet business models that are spending lobbying money in Brussels/Washington/Ottawa/Canberra, we will continue to see bad pieces of legislation getting passed everywhere. It's time for a new generation of businesses to realize that politics don't take care of themselves, and that if you let the bad guys' lobbyists rein unopposed, there is a bill to be paid for it later.
Re:This can all be resisted (Score:3, Informative)
(1) Client opens connection to server
(2) Server sends its public key to client
(4) Client generates session key and encrypts with server's public key
(5) Client sends encrypted session key to server
(6) Server and client communicate using session key for encryption
The only data transferred in cleartext is the server's public key, which is not sensitive information. The shared session key is never transmitted in cleartext, so even someone listening in couldn't decrypt the traffic passing through the connection. The primary danger is a "man in the middle" attack, in which the listener pretends to be the original server to the client and the client to the original server. By sending his own public key to the client he can trick the client into encrypting the data for the attacker and not for the original server. That's why a typical encryption certificate comes signed by the issuing authority and limited to a single domain, which is checked by the SSL library whenever a connection is established.
Intro to non-geeks (Score:3, Informative)
Bill C-74 was introduced November 15th:Whereas a wiretap requires a warrant this new law would force an Internet Service Provider (ISP) to intercept communications from customers and hand over customer lists with a simple letter from a law enforcement official. Any future software deployed by the ISP would have to have a back door, which includes internet telephony.
Alerted by legal scholar Michal Geist's writing on the subject, [michaelgeist.ca] the tech-nerds are calling for resistance including providing end-to-end encryption (see slashdot [slashdot.org]).
The techies realize that criminals will encrypt their communication- at least those most dangerous to national security. Those that remain are the petty criminals and civilians who won't know how to protect their privacy. The public won't be more secure, but we will have more surveillance; the panopticon culture grows.
For new software, any ISP will have to choose the version most suited to increase its snooping capacities, even if they have to acquire additional licenses or communication facilities. To put it plainly: when they start offering VoIP (Voice over Internet protocol) services, ISPs will have to allow tapping without a warrant. Additional costs have to be swallowed by the ISP.
What is perhaps most pernicious in the economic sense isn't that these compliance costs will be passed on- it is that innovation will be stifled. Right now a small VoIP player could get started on ridiculously small amounts of capital. The effect of these regulations will be to protect oligopolies.
Ironically, as the new technologies have be designed for ease of surveillance, crackers (criminal or black-hat hackers) will likely be able to leverage these back doors to their ends. Stalking, industrial espionage and snooping for blackmail or identity theft material all become more likely. Making surveillance easy for the RCMP and CSIS could make it trivial for criminals, even terrorists to get to sensitive information.
Here's to hoping the NDP will firmly trash this nonsense. Or do we trust those that film us at every peace demonstration (and happily send off immigrants back to their countries of origin for questioning) with more surveillance power?
Re:Comparison with wiretap (Score:4, Informative)
CIA does international work.
CSE would be the Canadian equivalent of the CIA
CSIS is the Canadian equivalent of the FBI.
Not many people know about CSE, but they have several buildings in Ottawa.