Last year the British Columbia Civil Liberties Association (BCCLA) approached me to prepare a report around forthcoming lawful access legislation. Specifically, I was to look outside of Canada to understand how lawful access powers had been developed and used in foreign jurisdictions. An early version of that research report was provided to the BCCLA mid-last year and was used to support their recent, formal, report on lawful access legislation. The BCCLA’s formal report, “Moving Towards a Surveillance Society: Proposals to Expand “Lawful Access” in Canada” (.pdf) provides an excellent, in-depth, analysis of lawful access that accounts for some of the technical, social, and legal problems associated with the legislation.
Today I am releasing my report for the BCCLA, titled “Lawful Access and Data Preservation/Retention: Present Practices, Ongoing Harm, and Future Canadian Policies” (.pdf link). I would hasten to note that all research and proposals in my report should be attributed to me, and do not necessarily reflect the BCCLA’s own positions. Nothing in my report has been changed at the suggestion or insistence of the BCCLA; it is presented to you as it was to the BCCLA, though with slight updates to reflect the status of the current majority government.
In the report, I look to the United Kingdom and United States to understand how they have instantiated lawful access-style powers, the regularity of the powers’ usage, and how the powers have been abused. I ultimately conclude by providing a series of proposals to rein in the worst of lawful access legislation, which includes process-based suggestions (e.g. Parliamentary hearings on the legislation) and more gritty auditing requirements (e.g. a specific series of data points that should be collected and made public on a yearly basis). It’s my hope that this document will elucidate some of the harms that are often bandied about when speaking of lawful access-powers. To this end, there are specific examples of harms throughout the document, all of which are referenced, with the conclusion being that citizens are not necessarily safer as a result of expanded security and intelligence powers that come at the cost of basic charter, constitutional, and human rights.
Download .pdf version of “Lawful Access and Data Preservation/Retention: Present Practices, Ongoing Harm, and Future Canadian Policies“
Security, surveillance, and privacy researchers alike have been watching how authorities exploit cellular communications devices – often in secret, or absent sufficient oversight – for years. Research to-date has been performed by security researchers and hackers, social scientists, advocates, activists, and the curious, with contributions spanning hundreds of discreet investigations into technical capabilities and their social implications. Of late, a considerable amount of attention has been devoted to IMSI Catchers, which are devices that establish false mobile phone towers for the purpose of monitoring and tracking mobile phones without their users’ awareness.
Given the use of IMSI catchers by American authorities, a group of researchers and academics submitted an Amici Curiae (in their individual capacities) January 17, 2012 concerning the catchers. Specifically, the brief is in support of a defendant’s motion for disclosure of all relevant and helpful evidence withheld by the government based on a claim of privilege. The government, in this particular case, has admitted that the surveillance technologies used simulated a cell site but have refused to provide specific details of how this surveillance was conducted. We argue that a substantial amount of information surrounding IMSI catchers is already public and that, as a result, the secrets that the government is attempting to protect are already in the public domain. Moreover, the public interest is best served by “greater public discussion regarding these tracking technologies and the security flaws in the mobile phone networks that they exploit, not less.”
Christena Nippert-Eng’s Islands of Privacy is an interview-intensive book that grapples with how her sample group of Chicago residents attempt to achieve privacy, and the regular issues they face in maintaining privacy on a day-to-day basis. She finds a strong correlation between those who have had their privacy violated and those who want to secure and defend privacy as a concept and important element of their lived experience. 74 interviews were conducted with residents of Chicago and she makes very clear that her findings and conclusions are consequently highly contingent: other populations across America and the world would likely result in very different understandings of what constitutes privacy and a violation.
Privacy is defined quite early as “about nothing less than trying to live both as a member of social units – as part of a number of larger wholes – and as an individual – a unique, individuated self” (6). Further, privacy is identified as something to be managed: it exists by managing public information. Information is seen by participants as inherently public, with effort required to make it private, though interviewed subjects do not necessarily stick to this understanding of privacy throughout their interviews. On the whole, the approach to privacy remains wrapped up in the language on control, seclusion, and selective sharing of information; in this sense, Nippert-Eng’s work can be seen as a fusion of Westin’s Privacy and Freedom and key tenets of Nissembaum’s work in Privacy in Context: Technology, Policy, and the Integrity of Social Life.
There are ongoing concerns in Canada about the CRTC’s capacity to gauge and evaluate the quality of Internet service that Canadians receive. This was most recently brought to the fore when the CRTC announced that Canada ranked second to Japan in broadband access speeds. Such a stance is PR spin and, as noted by Peter Nowak, “[o]nly in the halcyon world of the CRTC, where the sky is purple and pigs can fly, could that claim possibly be true.” This head-in-the-sands approach to understanding the Canadian broadband environment, unfortunately, is similarly reflective in the lack of a federal digital strategy and absolutely inadequate funding for even the most basic governmental cyber-security.
To return the CRTC from the halcyon world it is presently stuck within, and establish firm empirical data to guide a digital economic strategy, the Government of Canada should establish a framework to audit ISPs’ infrastructure and network practices. Ideally this would result in an independent body that could examine the quality and speed of broadband throughout Canada. Their methodology and results would be publicly published and could assure all parties – businesses, citizens, and consumers – that they could trust or rely upon ISPs’ infrastructure. Importantly, having an independent body research and publish data concerning Canadian broadband would relieve companies and consumers from having to assume this role, freeing them to use the Internet for productive (rather than watchdog-related) purposes.
The Offensive Internet: Speech, Privacy, and Reputation is an essential addition to academic, legal, and professional literatures on the prospective harms raised by Web 2.0 and social networking sites more specifically. Levmore and Nussbaum (eds.) have drawn together high profile legal scholars, philosophers, and lawyers to trace the dimensions of how the Internet can cause harm, with a focus on the United States’ legal code to understand what enables harm and how to mitigate harm in the future. The editors have divided the book into four sections – ‘The Internet and Its Problems’, ‘Reputation’, ‘Speech’, and ‘Privacy’ – and included a total of thirteen contributions. On the whole, the collection is strong (even if I happen to disagree with many of the policy and legal changes that many authors call for).
In this review I want to cover the particularly notable elements of the book and then move to a meta-critique of the book. Specifically, I critique how some authors perceive the Internet as an ‘extra’ that lacks significant difference from earlier modes of disseminating information, as well as the position that the Internet is a somehow a less real/authentic environment for people to work, play, and communicate within. If you read no further, leave with this: this is an excellent, well crafted, edited volume and I highly recommend it.
I spend an exorbitant amount of time reading about the legacies of today’s telecommunications networks. This serves to historically ground my analyses of today’s telecommunications ecosystem; why have certain laws, policies, and politics developed as they have, how do contemporary actions break from (or conform with) past events, and what cycles are detectable in telecommunications discussions. After reading hosts of accounts detailing the telegraph and telephone, I’m certain that John’s Network Nation: Inventing American Telecommunications is the most accessible and thorough discussion of these communications systems that I’ve come across to date.
Eschewing an anachronistic view of the telegraph and telephone – seeing neither through the lens that they are simply precursors to contemporary digital communications systems – John offers a granular account of how both technologies developed in the US. His analysis is decidedly neutral towards the technologies and technical developments themselves, instead attending to the role(s) of political economy in shaping how the telegraph and telephone grew as services, political objects, and zones of popular contention. He has carefully poured through original source documents and so can offer insights into the actual machinations of politicians, investors, municipal aldermen, and communications companies’ CEOs and engineers to weave a comprehensive account of the telegraph and telephone industries. Importantly, John focuses on the importance of civic ideals and governmental institutions in shaping technical innovations; contrary to most popular understandings that see government as ‘catching up’ to technicians post-WW I, the technicians have long locked their horns with those of government.