Bill C-30

The Road To Hell Is Paved With Good Intentions

Today you will notice many sites have gone dark in opposition to a law proposed in the United States House Of Representatives called CISPA.

The Cyber Intelligence Sharing and Protection Act enables private companies and the United States government to exchange information related to internet security issues including private information to prevent cyberattacks, without public disclosure or the need for warrants. And this is of course where the idiom in the subject line of this post comes in.

In order to prevent cyberattacks and attacks against the national security of the United States everyone’s information would be exchanged and stored on multiple computers for analysis, opening this information up to misuse, abuse or theft.

This bill enables the distribution of information that you don’t want made public, from private posts and email to your internet browsing information, without your knowledge or consent. And it also contains an exemption from liability, reducing an individual’s ability to sue if something were to go wrong during this exchange of information.

The proponents of the bill are also relying on people’s inability to understand that the definitions used in this bill may extend the coverage of this bill beyond “cyber attacks”, the term “national security of the United States” having been linked to that country’s commercial interests in past legislation.

Your choice to purchase something outside of the United States could cause your information to be taken under the premise that the purchase was a threat to the American intellectual property owners because the product might not be authentic or authorized by an American company.

Having unfortunately been subjected to counterfeit DVDs in the past via eBay, my personal, private information could be collected and distributed. And because of this, an act beyond my control, I could face further victimization without legal recourse to prevent it.

Yes, some intellectual property provisions have been removed from the bill but what’s to stop them from re-introducing them ? They have no qualms re-introducing warrantless searches, over and over again and warrants do not significantly impede their current efforts to stop crime on the internet. And I have yet to see and evidence substantiating the claim that privacy is a hindrance to law enforcement, so why are these sentiments remaining in Government ?

I suspect internet security firms want to be funded by the public and are doing their best to present these bills as solutions to politicians that have no idea of what is involved.

Vic Toews, for example, is proof positive that politicians can be severely illiterate when it comes to technology.

In February 2012 this Canadian politician had introduced a bill in Parliament that he had not read in its entirety, claiming that it would address child pornography. And he had been so well convinced that it would that he actually accused opponents of this legislation of standing with child pornographers, in the House of Commons of all places.

Even joint statements from the Privacy Commissioner of Canada and her provincial counterparts had failed to convince him that there were serious issues with the bill and it took a severe public backlash to get him to actually review what he was proposing.

This isn’t the time for half-baked, open ended legislation that can be exploited by the very criminals that these bills are trying to address. And it is rather stupid to believe criminals would not use arguments about the constitutionality of these laws in their defense.

Opposition has been strong within the United States and a White House petition has apparently convinced the President to threaten to veto the bill, “as currently crafted” in a April 16th, 2013 statement (pdf).

Another petition for Americans and non American alike is also available at Avaaz. There are currently over 800,000 signatories on this petition.

Bill C-30 Killed – Replacement On The Way

Justice Minister Rob Nicholson has stated that Bill C-30 will not proceed in Parliament in response to the concerns brought up by the Privacy Commissioner of Canada and members of the public.

This bill would have enabled police to access internet traffic without a warrant and would have required the installation and maintenance of extra equipment by internet providers, who would have passed the associated expenditures down to the consumer.

Canadians would not only have lost rights in regards to privacy but could have also been subjected to security breaches via the new aforementioned online spying equipment had this bill gone through.

A new bill will be unveiled shortly in Parliament so additional information will be posted to this blog a.s.a.p.

Major Blunder On Lawful Access

Apparently Minister of Public Safety Vic Towes introduced Bill C-30 in the House Of Commons without full knowledge of the content of this bill.

When questioned about Section 17 of this bill on CBC Radio program The House today, the Minister was surprised by the provisions included in that section.

“This is the first time that I’m hearing this somehow extends ordinary police emergency powers [to telecommunications]. In my opinion, it doesn’t. And it shouldn’t.”

In response to this interview New Democrat leadership candidate Paul Dewar has issued a statement asking Vic Toews to resign :

“First he introduced Bill C-30 which undermines Canadians’ online privacy. Then he accused Canadians who raised privacy concerns of supporting child pornography. Today we learned that he had not even reviewed the most intrusive provisions of the bill before introducing it in the House of Commons.”

Bill C-30 is currently in committee.

“We Will Entertain Amendments”

In response to concerns about privacy and judicial oversight, the Conservative government has stated that they would be open to amendments to Bill C-30 in committee.

Cited as the Investigating and Preventing Criminal Electronic Communications Act, this bill enables the RCMP, Canadian Security Intelligence Service, Commissioner of Competition and police services through-out Canada access to subscriber information without warrants whilst investigating offenses under their mandate.

On March 9th, 2011, a joint statement by the federal and provincial privacy commissioners of Canada was issued in response to the previous proposed legislation. And the concerns listed in that statement and in the October 26th, 2011 statement issued by the Office of The Privacy Commissioner of Canada remain with Bill C-30.

Unfortunately there is also some concern in regards to the interpretation of evidence and preconceptions related to certain activities, like the use of peer to peer services or file services like Megaupload.

Yes, peer to peer programs are being used for illegal activities, as did Megaupload. But does it mean that all activity on these services are suspicious, requiring the collection of information from the users of these services ?

Section 16, subsection (2)(b) may also enable foreign police services to access this information, which could then be subject to their local laws and their inherent weaknesses.

Groups like Anonymous have been able to hack into many of the aforementioned police services so how secure will the information be ? And what’s to stop criminals from abusing section 17, which compels internet and cell phone providers to give private information to any police officer upon receipt of an oral request ?

Hopefully these issues will be addressed with much more than the false dichotomy Canadians have been subjected to lately.