Touring the digital through type

Category: Privacy (Page 1 of 58)

Posts under this category name relate to privacy generally, rather than distinguishing between the various ‘kinds’ of discussing or recognizing privacy.

Review: Top Secret Canada-Understanding the Canadian Intelligence and National Security Community

Canadian students of national security have historically suffered in ways that their British and American colleagues have not. Whereas our Anglo-cousins enjoy a robust literature that, amongst other things, maps out what parts of their governments are involved in what elements of national security, Canadians have not had similar comprehensive maps. The result has been that scholars have been left to depend on personal connections, engagements with government insiders, leaked and redacted government documents, and a raft of supposition and logical inferences. Top Secret Canada: Understanding the Canadian Intelligence and National Security Community aspires to correct some of this asymmetry and is largely successful.

The book is divided into chapters about central agencies, core collection and advisory agencies, operations and enforcement and community engagement agencies, government departments with national security functions, and the evolving national security review landscape. Chapters generally adhere to a structure that describes an agency’s mandate, inter-agency cooperation, the resources possessed and needed by the organization, the challenges facing the agency, and its controversies. This framing gives both the book, and most chapters, a sense of continuity throughout.

The editors of the volume were successful in getting current, as well as former, government bureaucrats and policymakers, as well as academics, to contribute chapters. Part One, which discusses the central agencies, were amongst the most revealing. Fyffe’s discussion of the evolution of the National Security Intelligence Advisor’s role and the roles of the various intelligence secretariats, combined with Lilly’s explanation of the fast-paced and issue-driven focus of political staffers in the Prime Minister’s Office, pulls back the curtain of how Canada’s central agencies intersect with national security and intelligence issues. As useful as these chapters are, they also lay bare the difficulty in structuring the book: whereas Fyffe’s chapter faithfully outlines the Privy Council Office per the structure outlined in the volume’s introduction, Lilly’s adopts a structure that, significantly, outlines what government bureaucrats must do to be more effective in engaging with political staff as well as how political staffers’ skills and knowledge could be used by intelligence and security agencies. This bifurcation in the authors’ respective intents creates a tension in answering ‘who is this book for?’, which carries on in some subsequent chapters. Nonetheless, I found these chapters perhaps the most insightful for the national security-related challenges faced by those closest to the Prime Minister.

Continue reading

On The Non-Consensual Sharing of Intimate Images of Men

dirty sign writing feelings
Photo by Vie Studio on Pexels.com

Canadian parliamentarians in the era of the pandemic have adopted distanced methods of conducting their business. This has seen many Members of Parliament (MPs) use video conferencing platforms so that they can broadcast from their kitchens, living rooms, home offices, and bedrooms. On April 14, 2021 there was an unfortunate situation where a conventionally attractive male MP inadvertently had his conferencing camera on while changing his clothing. Another MP or parliamentary staff member captured an image of his state of undress and subsequently shared it with media organizations. 

This situation raises a question of law and, separately and more broadly, provides an opportunity to highlight the pervasive problems facing Canadian society in terms of addressing sexual violence, the non-consensual sharing of their intimate images (meant in a non-legal sense), and intimate partner abuse.

Facts at Hand

Due to how the parliamentary video system is configured, the only people who could have witnessed this incident were either other MPs or parliamentary staff members on the video conference. This meant that while the meeting was open to the public the actual video stream capturing the MP’s state of undress was (at the time) only visible to a relatively small group of people. At least one member of that small group took a photo of the MP and subsequently shared it. The image has, subsequently, been shared by the press and by individuals on social media, though admittedly with some censorship applied to the image. Unsurprisingly, this led to a number of jokes about the MP, their state of undress, the MP being too transparent, and more. 

Unlike many others, I did not find the non-consensual sharing of the image to be particularly funny. Instead, I quickly and publicly raised the question of whether either the MP or staff member who shared the image, or an offending MP’s party, would be willing to come before the Canadian public and explain why their actions did not contravene Section 162.1 of the Criminal Code of Canada. This part of the Criminal Code makes it a criminal offence for someone to publish an intimate image without consent. I also firmly stated that I was disgusted by the image having been shared and that I thought whomever shared it should be disciplined.

The first question is: did an MP or staffer potentially violate 162.1 in sharing the image, setting aside potential parliamentary privileges that may shield parliamentarians from investigation or charges?

Intimate Images and the Criminal Code of Canada

To potentially be guilty of violating the Criminal Code in sharing this image, the MP’s or parliamentary staffer’s actions must satisfy a set of criteria.

Whomever shared the image certainly knowingly published, distributed, transmitted, or made available “an intimate image of a person knowing that the person depicted in the image did not give their consent to that conduct” (162.2(1)). If the rest of section 162.1 of the Criminal Code is satisfied then that individual is guilty of an offence, which is “liable to imprisonment for a term of not more than five years” (162.1(1)(a)). 

Moving on, per the Code, an intimate image “means a visual recording of a person made by any means including a photographic, film or video recording” (162.1(2)) where the following conditions are met:

(a) in which the person is nude, is exposing his or her genital organs or anal region or her breasts or is engaged in explicit sexual activity; 

(b) in respect of which, at the time of the recording, there were circumstances that gave rise to a reasonable expectation of privacy; and 

(c) in respect of which the person depicted retains a reasonable expectation of privacy at the time the offence is committed.

The MP was certainly nude, satisfying 162.1(2)(a). They were in their own home, which would normally move towards satisfying 162.1(2)(b) but, in this case, the MP was also (unintentionally) broadcasting their image. So, in a sense this may suggest that the MP lacks a reasonable expectation of privacy. However, there are extenuating facts. Members of Parliament are not permitted to take images of screens and, as such, there may be some kind of a reasonable expectation of privacy insofar as MPs can expect that their image will not be captured or shared based on what is broadcast to other MPs but not the public. Attenuating this potential reasonable expectation of privacy is that the MP who’s image was captured was exclusively visible to other MPs and parliamentary staff members, further indicating that this was potentially a kind of a semi-public situation. Canadian courts have tended to take a sympathetic view of what constitutes a reasonable expectation of privacy, though whether they would recognize this situation as meeting the standard would need more substantial assessment than I will provide here.

However, for the sake of the analysis, let’s imagine that 162.1(2) is satisfied. Does the party who shared the image have a defense if that’s the case? I doubt it. 

The Criminal Code states at 162.1(3) that “[n]o person shall be convicted of an offence under this section if the conduct that forms the subject-matter of the charge serves the public good and does not extend beyond what serves the public good.” I cannot imagine a situation where capturing and sharing the image serves the public good. In clarifying 162.1(3), section 162.1(4) lays out that:

(a) it is a question of law whether the conduct serves the public good and whether there is evidence that the conduct alleged goes beyond what serves the public good, but it is a question of fact whether the conduct does or does not extend beyond what serves the public good; and

(b) the motives of an accused are irrelevant.

I would suspect that if a court was convinced that the elements of 162.1(2) were satisfied then 162.1(4) would not save the offending MP’s or staffer’s behaviour.

Broader Non-Criminal Code Analysis

Even if the person who initially shared the image did not violate the Criminal Code either because of the arcane nature of parliamentary rules, because the image doesn’t meet the definition of 162.1(2), or simply because no criminal charge is brought against them, the act of sharing this image has real-world implications. In essence, while there is an understandable attraction to asking whether someone violated the law we need to broaden our mode of analysis to appreciate the harms of sharing these kinds of images. 

First, it’s useful to remind ourselves that the man who’s image was captured and shared almost immediately apologized for his lack of decorum. As someone who inadvertently engaged in a behaviour that (clearly) ran counter to professional standards he owned up to the mistake and committed to being more studiously careful in the future. 

Second, the man is conventionally attractive and because of this status he, as a man, is generally expected by members of society to roll with the comments: it’s embarrassing but there is an expectation that this is ‘funny’. However, imagine that it had been a woman, or someone who is transgender, or someone undergoing a gender transition who’s image had been captured. Were this the case I am certain that, first, there would be much crueler commentary (revealing structural sexism) and, second, that people would broadly leap up and (rightly) insist that the commentary was wrong and inappropriate. Simply because it was a man who was captured on camera does not make it ‘funny’; the very perception that this incident should be treated as funny reifies some of the challenges facing men who are victims or survivors of sexual harassment, assault, and intimate partner violence. 

When members of society make fun of men who have been the subject of sexual violence, the non-consensual sharing of their intimate images (meant in a non-legal sense), and intimate partner abuse then men more broadly learn that they shouldn’t come forward to report or discuss these kinds of harms on the basis that they aren’t ‘harmed’ in the eyes of society. While less discussed, men are indeed victims and survivors of assault, abuse, sexual blackmail, and harassment. As a society we need to get a lot better at appreciating these forms of violence towards men and in creating a culture where they can come forward without an expectation of them being ‘weak’ or ‘not getting the joke’. I say this while recognizing that, proportionally, women, and members of the lesbian, gay, bisexual, transgender, queer or questioning, and two-spirit (LBGTQ2+) communities suffer from these harms more regularly and disproportionately than straight men. Nonetheless, if we are to develop societies that are more inclusive, that encourage men to develop emotional intelligence and sensitivity, and that broadly combat sexism and the pervasive and pernicious ills of sexual violence then it’s important that we take harms towards men as seriously as we do for other members of society who also suffer from sexual violence, non-consensual sharing of intimate images, and intimate partner abuse.. 

Lesson Drawing

So, was a crime committed? That’s a good question, and I’ll ultimately leave it to lawyers to argue about the nuances of how Canadian case law and the depths of our privacy law intersects with Section 162.1 of the Criminal Code. But while the law is an important point of discussion, the discussion cannot stop and end at the law’s edge. More significantly, the idea that someone thought it was appropriate (and, likely, just funny) to share the image of an unclothed male member of parliament underscores the amount of work that Canadian society–inclusive of Canadian elites–has ahead of it in the ongoing efforts to address sexual violence, non-consensual sharing of intimate images, and intimate partner violence. 

I suspect that the MP or parliamentary staffer who shared the image did so without a deep sense of malice in their heart. I half suspect it was a near-thoughtless action. But the very fact that they thought it was appropriate or funny to share this image reveals how sexual harassment and violence structurally pervades Canadian society. Such activities are often legitimized by way of humour and, in doing so, showcase the depths at which these behaviours are normalized. In short, the very sharing of the image serves to remind us of the circumstances of structural sexual violence that we operate in, each and every day. 

How can things ‘move forward’? On the one hand, I hope that the offending MP or staffer comes forward. I would rush to state that I don’t think that this means that the Criminal Code should necessarily be thrown at them! Instead, I think that it’s important for the person to make themselves publicly accountable for censure and take responsibly for their action, as the male MP did for his inappropriate state of dress. I don’t believe that every, or even most, social ills are best solved by turning to the law. 

But more substantively, I think that the best thing that can come from this situation is to hopefully provoke introspection about the biases that we all carry with us concerning sexual violence. Why did we, or our friends or family or colleagues, think that this incident was funny? What does our sense of this being funny reveal about the structural conditions of sexual violence that we operate within? What can we learn from our reactions, and how might we have behaved if we’d applied a bit more introspection? How can we have conversations with other people about sexual violence to better appreciate and understand how pervasive it is in our society, and what roles can and should we assume to combat these kinds of ills?

To be clear, I think that it is the work of each individual to think through these issues either on their own or in conversation with others who express an interest in the conversation. I don’t think that it’s the role of those who have been affected by sexual violence, the non-consensual sharing of their intimate images, and intimate partner abuse to do the labour to educate the rest of the population; they’re obviously free to do so, but cannot and should not be expected to do so.

I truly believe that, on the whole, Canadians really do want to have an inclusive and equitable society. To get closer to this ideal we all have to play a role in opposing, and working to overcome, historical structural and social harms. In part, this means reflecting more seriously on structural sexual harms, inclusive of those directed towards men, and the norms surrounding and often justifying or setting aside these harms. Hopefully this unfortunate parliamentary incident fosters at least some of those conversations and reflections so that something positive can come out of this affair.

Building Trust in Chinese Infrastructure Vendors and Communications Intermediaries

Last week I appeared before the Special Committee on Canada-Chinese Relations to testify about the security challenges posed by Chinese infrastructure vendors and communications intermediaries. . I provided oral comments to the committee which were, substantially, a truncated version of the brief I submitted. If so interested, my oral comments are available to download, and what follows in this post is the actual brief which was submitted.

Introduction

  1. I am a senior research associate at the Citizen Lab, Munk School of Global Affairs & Public Policy at the University of Toronto. My research explores the intersection of law, policy, and technology, and focuses on issues of national security, data security, and data privacy. I submit these comments in a professional capacity representing my views and those of the Citizen Lab.

Background

  1. Successive international efforts to globalize trade and supply chains have led to many products being designed, developed, manufactured, or shipped through China. This has, in part, meant that Chinese companies are regularly involved in the creation and distribution of products that are used in the daily lives of billions of people around the world, including products that are integrated into Canadians’ personal lives and the critical infrastructures on which they depend. The Chinese government’s increasing assertiveness on the international stage and its belligerent behaviours, in tandem with opaque national security laws, have led to questioning in many Western countries of the extent to which products which come from China can be trusted. In particular, two questions are regularly raised: might supply chains be used as diplomatic or trade leverage or, alternately, will products produced in, transited through, or operated from China be used to facilitate government intelligence, attack, or influence operations?
  2. For decades there have been constant concerns about managing technology products’ supply chains.[1] In recent years, they have focused on telecommunications equipment, such as that produced by ZTE and Huawei,[2] as well as the ways that social media platforms such as WeChat or TikTok could be surreptitiously used to advance the Chinese government’s interests. As a result of these concerns some of Canada’s allies have formally or informally blocked Chinese telecommunications vendors’ equipment from critical infrastructure. In the United States, military personnel are restricted in which mobile devices they can buy on base and they are advised to not use applications like TikTok, and the Trump administration aggressively sought to modify the terms under which Chinese social media platforms were available in the United States marketplace.
  3. Legislators and some security professionals have worried that ZTE or Huawei products might be deliberately modified to facilitate Chinese intelligence or attack operations, or be drawn into bilateral negotiations or conflicts that could arise with the Chinese government. Further, social media platforms might be used to facilitate surveillance of international users of the applications, or the platforms’ algorithms could be configured to censor content or to conduct imperceptible influence operations.
  4. Just as there are generalized concerns about supply chains there are also profound worries about the state of computer (in)security. Serious computer vulnerabilities are exposed and exploited on a daily basis. State operators take advantage of vulnerabilities in hardware and software alike to facilitate computer network discovery, exploitation, and attack operations, with operations often divided between formal national security organs, branches of national militaries, and informal state-adjacent (and often criminal) operators. Criminal organizations, similarly, discover and take advantage of vulnerabilities in digital systems to conduct identity theft, steal intellectual property for clients or to sell on black markets, use and monetize vulnerabilities in ransomware campaigns, and otherwise engage in socially deleterious activities.
  5. In aggregate, issues of supply chain management and computer insecurity raise baseline questions of trust: how can we trust that equipment or platforms have not been deliberately modified or exploited to the detriment of Canadian interests? And given the state of computer insecurity, how can we rely on technologies with distributed and international development and production teams? In the rest of this submission, I expand on specific trust-related concerns and identify ways to engender trust or, at the very least, make it easier to identify when we should in fact be less trusting of equipment or services which are available to Canadians and Canadian organizations.
Continue reading

We Chat, They Watch: How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus

(Photo by Maxim Hopman on Unsplash)

Over the past several months I’ve had the distinct honour to work with, and learn from, a number of close colleagues and friends on the topic of surveillance and censorship that takes place on WeChat. We have published a report with the Citizen Lab entitled, “We Chat, They Watch: How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus.” The report undertook a mixed methods approach to understand how non-China registered WeChat accounts were subjected to surveillance which was, then, used to develop a censorship list that is applied to users who have registered their accounts in China. Specifically, the report:

  • Presents results from technical experiments which reveal that WeChat communications conducted entirely among non-China-registered accounts are subject to pervasive content surveillance that was previously thought to be exclusively reserved for China-registered accounts.
  • Documents and images transmitted entirely among non-China-registered accounts undergo content surveillance wherein these files are analyzed for content that is politically sensitive in China.
  • Upon analysis, files deemed politically sensitive are used to invisibly train and build up WeChat’s Chinese political censorship system.
  • From public information, it is unclear how Tencent uses non-Chinese-registered users’ data to enable content blocking or which policy rationale permits the sharing of data used for blocking between international and China regions of WeChat.
  • Tencent’s responses to data access requests failed to clarify how data from international users is used to enable political censorship of the platform in China.

You can download the report as a pdf, or read it on the Web in its entirety at the Citizen Lab’s website. There is also a corresponding FAQ to quickly answer questions that you may have about the report.

« Older posts