1 / 14

Waiting for the “Access” Axe to Fall: New I nvestigatory Assistance Legislation for Canada

Waiting for the “Access” Axe to Fall: New I nvestigatory Assistance Legislation for Canada. PST-2005 St Andrews, NB David A Townsend UNB-Law & NRC-IIT 12 October 2005. Overview:. Parliament – to introduce lawful access Bill

deron
Télécharger la présentation

Waiting for the “Access” Axe to Fall: New I nvestigatory Assistance Legislation for Canada

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Waiting for the “Access” Axe to Fall: New Investigatory Assistance Legislation for Canada PST-2005 St Andrews, NB David A Townsend UNB-Law & NRC-IIT 12 October 2005

  2. Overview: • Parliament – to introduce lawful access Bill • Design, operation and costing of almost all ‘public’ networks will be impacted (wire-line, wireless and Internet) • Future - network architecture, applications and services must be ‘access compliant’ • “Access” = handover by Telecom. Service Provider (TSP) of specified Subscriber-related data to Law Enforcement Agencies (LEAs) upon lawful demand

  3. Many challenges: • Technical, Legal and Social challenges: • Done lawfully(Charter, Crim. Code, evidence law, privacy law and international obligations) • Does not undermine public trust(appropriate judicial oversight and public accountability) 3) Does not inhibit public networks(competitive forces, cost structures, rollout of new technologies and services, cust. relationship) 4) Done in technology-neutral manner (strive for uniform ‘expectation of privacy’ for all e-communication – inc. e-mail and SMS) 5) Need laws based upon first principles and not a legislative extension from common carrier era 6) Significant period for training and adjustment

  4. Current Legislation: • 1974 Crim. Code wiretaps (Protect Privacy) • 1993 Code amended (s21 of CSIS in 1984) • Search warrants s.487. (1) • General investigative warrants s.487.01 • Suspect tracking warrants s.492.1 • Dig. Number Recorder (DNR) warrants s.492.2 • Production of telephone records s.492.2(2) • Interception (wiretap) warrants s.186 and ss. 184.2(3), 184.3(6) and 188.(2)

  5. Current Leg. Con’t. • Assistance Orders (for all 6 warrants) s.487.02 • 2004 – 2 new Production Orders s. 487.012 & 487.013 (general and specific info.) • Code attempted to match intrusiveness with quantum of evidence necessary for judge • Charter case law of 1990s offered good check on state surveillance powers & activities • But, Code is 13 ‘telecom years’ out of date ! • And, Code not address methodology, cost recovery or lack of network capacity

  6. Network Capacity & Methodology for Cellular • Analog cellular introduced 1985 • Fairly easy to intercept (scanners, UHF tuners) • Gov’t had low expectations of privacy • Digital (PCS) cellular introduced 1995 • Interception difficult - encoding and encryption • FBI pressed Canada to add intercept requirements • 23 distinct requirements added as licence conditions under Radiocommunication Act (done quietly) • Similar conditions in USA, New Zealand & Australia

  7. What do LEAs want ? • General investigatory information: • Subcriber name, address, phone number, local service provider (LSPID) • LEAs pressed for national database, paid for by subscribers, available to LEAs w/o a warrant • Targeted investigations: • Subcriber name, address, phone number, device number (e.g. ESN), service provider (LSPID), dynamic IP addr. • Best available location-based information • Detailed network transaction data • For wiretap – 100% of transaction data, location data and communication content • Immediate preservation of specified data

  8. Implications of Subscriber DB • National Subscriber Data Base • very onerous and expensive for telecom industry • Thwart anonymous use of telcom. (pay-as-you-go, calling cards, anonymous e-mail, blogging) • Warrantless access by LEAs undermines current privacy protections for subscriber info. • Subscriber Data Base facilitates data-matching and data mining (including profiling)

  9. Location Implications: • Location-based Information: • Location data will become increasingly precise (tracking in real time or historic track) • Precision tells much about what target is doing • Technology no longer an assist to physical surveillance • What evidential burden must be met to secure relevant tracking warrant from a judge? • What use in civil cases?

  10. IP Data Challenges: • Many IP data challenges: • For 100% of transaction, location and content data the Service Provider must isolate, preserve and hand-over mass quantities of targeted data • Isolation, processing and preservation by TSPs raises significant forensic evidence issues • Intercept warrants often sought against number of targets = storage capacity challenges for TSP

  11. IP Data Challenges – con’t: • Warrants for Transaction Data (only): • No parallel to historic ‘DNR Order’ • IP transactional data may include: the dialling, routing, addressing, signaling information that may provide the origin, direction, timing, duration, type and size of a e-communication. • For e-mail and web surfing the transactional data may provide everything but the content • But…the content may be unnecessary • What evidential burden must be met by LEAs?

  12. Path to ‘Access’ Legislation: • Federal gov’t commissioned background studies in 2000-2001 • August 2002 - release of “Lawful Access Consultation Document” • Significant criticism = lack of justification and specifics, failure to understand technology • Comment period extended to mid December 2002 • Over 300 submissions tendered

  13. On the Path in 2003-04 • Series of public and private consultations followed • Spring 2003 gov’t introduced Bill C-46 (now Bill C-13). (s.487.012 and s.487.013) • Bill C-13 (passed March 22.04) added a general and specific data ‘production order’ to Crim. Code for investigation of serious corporate fraud. Came into force in September 2004. • Also in Spring 2003 gov’t introduced Bill C-32 (now Bill C-14).) • Bill C-14 (passed April 21.04) provided a new exception in Code to unlawful interception for managers of computer systems who intercept to protect their networks

  14. The Path ends in November? • August 2003 DOJ released summary of consultations • New rounds of selective consultations held in 2003-04 • Drafts of policy package shared quietly with key stakeholders in Spring 2005 • Commitment to introduce Bill in Fall 2005

More Related