Forgot your password?
typodupeerror
Canada Spam The Internet Your Rights Online Politics

Proposed Canadian Anti-Spam Rules Restrict Secret ISP Monitoring 24

Posted by timothy
from the shouldn't-they-call-spam-moose? dept.
New submitter Fnordulicious writes "Although Canada's anti-spam legislation is already in place, the rules to implement it have been under development for more than a year. This weekend the proposed rules from the Department of Industry were published in the Canada Gazette. Kady O'Malley reports on the CBC Inside Politics Blog that Canadian ISPs will not be allowed to secretly monitor activity except in the case that the activity is illegal and represents an 'imminent risk to the security of its network.' In addition, consent would be required for monitoring of legal activities 'that are merely unauthorized or suspicious.'"
This discussion has been archived. No new comments can be posted.

Proposed Canadian Anti-Spam Rules Restrict Secret ISP Monitoring

Comments Filter:
  • Yay (Score:5, Interesting)

    by Kinthelt (96845) on Tuesday January 08, 2013 @09:28AM (#42517955) Homepage

    Happy news, for a change!

    Now, if we could only do something about the Copyright Modernization Act...

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      I dunno, they left a loophole you could drive a truck through.

      is illegal and represents an 'imminent risk to the security of its network.' In addition, consent would be required for monitoring of legal activities 'that are merely unauthorized or suspicious.'"

      So, a rubber stamp judge, and a good lawyer to prove that anything that anyone does after a fishing expedition falls into those guidelines.

      I mean, it's a far, far better run at this than the USA, but it seems very, very easy to exploit.

  • encryption
  • Commonsense guidelines on Internet usage are deliberately overdue as everyone knows. From the headline, this sounds like a step in the right direction.

    I worry though that an ISPs contract, or a website EULA, can constitute consent for monitoring.

    Any insights here?

    • by gl4ss (559668)

      probably not.
      the problem is the "illegal and represents an 'imminent risk to the security of its network.' ".

      how do you know without looking though if it's illegal. and anything can be thought of as imminent risk to security.

      • anything can be thought of as imminent risk to security.

        That's exactly what I was thinking. If the ISP is able to make the decision on their own, this won't prevent much other than the general monitoring of all traffic. It would still be very easy for them to see a large amount of traffic to one customer and decide that it might represent an imminent risk for one reason or another.

        • anything can be thought of as imminent risk to security.

          That's exactly what I was thinking. If the ISP is able to make the decision on their own, this won't prevent much other than the general monitoring of all traffic. It would still be very easy for them to see a large amount of traffic to one customer and decide that it might represent an imminent risk for one reason or another.

          ISP decision making in Canada:

          1. Will this cost more money than doing fuck all?

          2. Do fuck all.

          3. Profit.

      • There's probably a more fleshed out definition to "imminent risk to security" they had in mind, although the proposed regulatory text doesn't mention it. As usual, we have to rely on the sanity of judges. (But that's nothing new, now is it?)
      • by Meneth (872868) on Tuesday January 08, 2013 @10:44AM (#42519035)
        Even if the ISP looks, they can't determine if something is illegal or not. A court of law is required for that.
  • by Lieutenant_Dan (583843) on Tuesday January 08, 2013 @09:42AM (#42518151) Homepage Journal


    Limited exemptions for protecting, upgrading and updating computer networks
    The proposed Regulations include an exemption for telecommunications service providers (TSPs) from the requirement to have consent to install a computer program for the limited purposes of preventing illegal activities that present an imminent risk to the security of its network.

    The proposed Regulations also include an exemption for TSPs from the requirement to have consent to install software on devices across an entire network for update and upgrade purposes.

    Does this mean that Rogers/Bell can start pushing agents/SW on their subscribers computers which in turn allow them to control your access?

    This is pretty messed up.

    They should be within their rights to cut off access to the node. I suppose the TSPs need to have a higher level of assurance that the node is no longer compromised.

    • by dskoll (99328) on Tuesday January 08, 2013 @11:50AM (#42520111)

      Does this mean that Rogers/Bell can start pushing agents/SW on their subscribers computers which in turn allow them to control your access?

      It may read that way, but I don't think that's the intent. I think it's meant to allow Bell and Rogers to remotely update the firmware on their modems and routers. My mother uses Bell, but she runs Linux so Bell would have a fairly difficult time installing anything on her computer anyway. (To monitor her, they wouldn't need to... they could just install something on the router they provided.)

  • by Anonymous Coward

    here is door wide open:

    "except in the case that the activity is illegal"

  • by bmo (77928) on Tuesday January 08, 2013 @09:45AM (#42518175)

    This consent will just make its way into subscriber agreements as a sentence in 6 point type on page 34 of the 42 page TOS/Privacy agreement, which nobody ever reads anyway.

    --
    BMO

  • IOW, everything will still be logged because we could be criminals in the future or might already be and we (the criminals) just don't know it yet.

  • There is an existing antispam law that is sufficiently broad as to be difficult for businesses to adhere to. I expect the goal of these changes is to appear to work in the public interest while obtaining lobbying money from spammers to make sure the antispam rules impede normal business, from businesses that don't want to spend money on compliance, and on spammers again once they are free to do as they please. The current Canadian government follows the GWB game plan for fun and personal profit.
  • by mark-t (151149) <markt@ l y n x.bc.ca> on Tuesday January 08, 2013 @10:09AM (#42518541) Journal

    In addition, consent would be required for monitoring of legal activities 'that are merely unauthorized or suspicious.'"

    And I somehow suspect there'd be absolutely nothing to stop them from terminating your service if you don't consent.

    • by davecb (6526)

      There is a duopoly of ISPs in Canada, so anything Bell Telephone or Rogers* Cable does affects a huge number of people, and an attempt to require anything that could be characterized as spyware would cause complaints to the Cabinet**.

      --dave
      * or any of the other local cable monopolies
      ** the Prime Minister and his heads of department

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...