Canadian Law Enforcement Asking For ISP Subscriber Data Every 27 Seconds; Pending Legislation Looking To Up That Number
from the whatever-they-don't-get-will-make-a-stop-in-the-US dept
Canada's image as the The Most Polite Nation In The World would seem to be a front that masks a malignant nastiness under the surface. If these numbers are to be believed, Canada is little more than a criminal organization masquerading as a constitutional monarchy.
Minute after minute, hour after hour, day after day, week after week, month after month. Canadian telecommunications providers, who collect massive amounts of data about their subscribers, are asked to disclose basic subscriber information to Canadian law enforcement agencies every 27 seconds. In 2011, that added up to 1,193,630 requests. Given the volume, most likely do not involve a warrant or court oversight (2010 RCMP data showed 94% of requests involving customer name and address information was provided voluntarily without a warrant)...Every 27 seconds. And that number is two years out of date. If Canada is anything like the USA, these requests have increased at a pace far exceeding the birth rate. And much like the US, most of the information is gathered without a warrant or government oversight.
According to newly released information, three telecom providers alone disclosed information from 785,000 customer accounts in 2011, suggesting that the actual totals were much higher.
Canadian ISPs are "free" to turn down warrantless requests, but turning down law enforcement isn't as easy as some people would make it appear. (These "people" are those that argue for the surveillance state by saying, "X can always challenge the request," as if that were actually a viable option.) No one wants to be facing additional scrutiny from aggrieved entities who were asked to go come back with a signed order.
The correspondence also confirms that the telecom providers were concerned about how the government and law enforcement would react to public disclosures. In one email, Bell says that "we are walking a delicate line between supporting privacy and not antagonizing Public Safety/LEAs [law enforcement agencies], so the materials will be pretty factual, not much commentary."Plus, the ISPs charge a fee to retrieve subscriber information, which probably doesn't generate a ton of income, but doesn't hurt the bottom line either.
As Michael Geist notes, there's been some pushback from ISPs, but that push hasn't made much headway. And proposed legislation will only make things worse. Two bills headed to committee both ask for the same thing: an expansion of warrantless disclosure -- one under the unintentionally ironic title of "Digital Privacy Act."
So, there's already plenty of data being grabbed by local entities. Now, there's also a good chance that peering issues are pushing Canadian data through American pipes -- which would put this right into the hands of the NSA, FBI, etc. A study on Canadian ISP transparency found that a sizable portion of Canadian internet traffic makes a hop across the border.
About routing, the report states: “Fewer than half (8/20) of the ISP privacy policies refer to the location and jurisdiction for the information they store. Only one (Hurricane) gives an indication of where it routes customer data and none make explicit that they may route data via the US where it is subject to NSA surveillance”.Just as disappointing, not a single one of Canada's ISPs scored a passing grade on transparency. The highest score belonged to Teksavvy, which scored 3.5… out of 10. Unsurprisingly, smaller, newer ISPs scored higher than the incumbents, but when the high score doesn't even hit the 50% mark, it's not much of a victory. The authors found that not a single Canadian ISP fully complied with the Personal Information Protection and Electronic Documents Act (PIPEDA). In fact, only slightly more than half had even made a "commitment" to following the act's stipulations.
“Boomerang” routing – where data leaves Canada, traverses US networks (who might choose to ignore PIPEDA) and returns to Canada – accounts for as much as 25 per cent of traffic, the report states. The report claims that traffic traversing the US is “almost certainly subject to NSA surveillance”.
Much like the US, the largest ISPs are overly compliant with national security and law enforcement agencies, often going above what's asked in order to more quickly facilitate requests. Geist notes that one of Canada's largest ISPs, Bell, has assembled a database specifically to give law enforcement instant access to the information of thousands of subscribers. Inbound legislation, if unchanged, will only encourage more cooperation like Bell's, if only to free up company employees from fulfilling thousands of requests. It's the users who remain cut out of this loop, even though it's their data everyone wants.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: canada, customer info, information requests, isps, law enforcement, privacy
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
Re:
Happy now?
[ link to this | view in thread ]
Think about it. The ISP's are charging you for the right to sell-out your own privacy and freedom. (And they likely aren't just selling your private information to government, but also to advertising and analytics companies as well.)
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
another cool story
First off, and key here, is that "telecommunications" means everything from internet to phone, cable, and any other means by which information can flow. So many of these could be nothing more than requests related to harassing phone calls or sales calls against numbers on the do no call lists. A single missing persons inquiry could lead to dozens of sets of basic account information being pulled based on numbers called by the missing person on their cell phone, as an example.
By mixing all of these things together, it gives a mistaken impression of a room full of people just asking for information for the hell of it. It's just not the case.
Without breaking down the requests into some sort of detail, Mr Geist is using truthiness to try to push against what he sees as poor laws. However, in lumping data together and not considering use (or the likelihood of obtain a warrant anyway) he creates a false impression of a pez dispenser of information. There is no indication of the types of requests, so there is no way to know how many of them would show a similar result if a warrant was requested.
Figures don't lie but careful pruning and clumping of data can create almost any bad impression you like.
[ link to this | view in thread ]
These mass surveillance shenanigans would make very little sense without hovering over the conspiracy side. Too often conspiracy theories are being found to be true lately.
[ link to this | view in thread ]
Wrong! The ruling party is little more than a criminal organization.
Bell Canada owns most of the newspapers, most of the TV stations, most of the ISP businesses, most of the telephone system, most of the cable business, most of the cellphone business.
So far the Bell conglomerate has been a benign fungus on the country and the body politic. As long as it can make guaranteed profits, it seems content. Heaven forbid it morph to the virulent killer strain that infects the current ruling party. When Bell starts drawing up enemies lists, look out.
[ link to this | view in thread ]
Re:
More brigands will show up so that you can be properly processed as well.
Get your head out of the dirt.
[ link to this | view in thread ]
They have to request the same thing twice - once in English and once in French.
[ link to this | view in thread ]
Uhh...
Unintentionally ironic? I think you mean Orwellian. It's a name that could have come straight from the Ministry of Truth.
[ link to this | view in thread ]
I was thinking, have Canadian Law Enforcement run an ISP, and then they can have their own TOS.
* SEEN BY: 1:203/XXXX
* ROUTE BY: sonic pengwyn bitches
[ link to this | view in thread ]
Re: Uhh...
The new number is . . .
[ link to this | view in thread ]
Re:
Sure it might sound tin-foil hattish, but honestly, nothing else makes even the slightest sense.
[ link to this | view in thread ]
One easy thing Canadians can do to help
The more people that follow it, the more the service providers will realise that there is a down-side to giving this data up too freely.
And of course let your MP know that you care about this!
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Those numbers don't support even a reasonable speculation for or against.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: another cool story
Oh!
What's that you say?
That is not publicly available information!
So nobody but the CanGov could actually disclose the numbers involved in all these categories - such as how many of the inquiries were about harassing phone calls or no-call-list checks.
But, the CanGov will not release those numbers.
So in truth, nobody mixed all these numbers up to give a bad impression of the problem. This is simply all of the information we presently have on this intrusion into Canadian Privacy by the Canadian Government and no actual details as to the breakdown of inquiry types were made available yet.
Hope this comment cancels your shill-pay for this thread.
[ link to this | view in thread ]