I would like to introduce to my readers my new political blog called: “Mind Bending Politics”. When I was in school for journalism, I had one professor that everyone loved, that took me under his wing. He was a great guy, and got me very much interested in current events and politics. One of the things I remember my journalism prof said, is that politics is the “soap opera” of journalists. What came after that statement was one of ethics and responsibilities journalists hold within our democratic society to ensure accountability within government. As a result of my education around journalism I watch maybe 3 Canadian political shows daily, and 4 news casts per night before I go to bed, and read a lot during the day thanks to my professor on getting me addicted to politics and current events. I’ve been doing this since 1996. I also used to cover local politics, and pretty much ran the newsroom in my college years. I’m well informed as a result.
I’ve been politically active for a while now on twitter and on this blog regarding digital rights issues. I’ve been a long standing advocate not just on digital rights issues, but on government policy, civil liberties and the need to bring more oversight and accountability in our bureaucracy, and within our elected officials and system of government as well. I’m hoping to move that forward as an independent political pundit with my new blog, and offer up commentary on issues I feel are important for Canadians to learn about to stay informed politically.
If you’ve enjoyed this blog, you will love my Mind Bending Politics blog. I will be posting on that blog almost daily on issues and events. I will still be posting on this blog regarding digital policy issues, but not as often as I have in the past.
Last week, information became available through access to information requests which threw the spotlight on exactly what Canadian telecommunications companies (one would suspect independent providers who apparently support the “pro-internet” community and have remained for the most part completely silent on this issue) are doing with respect to subscribers information and data requests by law enforcement.
Our telecommunications companies are handing over data of thousands of subscribers per year without a warrant to law enforcement. Apparently this is all “legal” due to an exemption in our privacy laws. Michael Geist explains:
The absence of court oversight may surprise many Canadians, but the government actively supports the warrantless disclosure model. In 2007, it told the Privacy Commissioner of Canada that an exception found in the private sector privacy law to allow for warrantless disclosure was “designed to allow organizations to collaborate with law enforcement and national security agencies without a subpoena, warrant or court order.”
Last week, the EU and US submitted a joint statement after the EU threatened the US to veto trade agreements starting with immediate suspension of the EU safe harbor provisions to US companies. The joint statement released last week, seems to suggest that court oversight on subscribers information is a big sticking point for US and EU trade relationship. The statement stated that both the US and EU agree to stronger private sector judicial oversight:
We are committed to expedite negotiations of a meaningful and comprehensive data protection umbrella agreement for data exchanges in the field of police and judicial cooperation in criminal matters, including terrorism. We reaffirm our commitment in these negotiations to work to resolve the remaining issues, including judicial redress. By ensuring a high level of protection of personal data for citizens on both sides of the Atlantic, this agreement will facilitate transfers of data in this area.
Viviane Reding, European Commissioner for Justice, Fundamental Rights & Citizenship, has given the US until this summer to shape up, with very strong language suggesting that if this doesn’t happen, immediate suspension of safe harbour provisions will most likely go through, and veto’s on US trade deals will be possible by the new year as a new parliament sets to fully address this issue. Reding gave her US counter parts a 13 point “to do list”. Reding’s office has not been available to further explain exactly what that 13 point list details, however judicial oversight looks to be on that list from the joint statement. From the sounds of it, the US seems to be committed to working with the EU on the issue of data privacy.
In light of all of the developments in the EU the United Stated Trade Representative (USTR) has just piped up in regards to branches of Canadian government that have taken the approach of stopping data transfers to the US.
The strong growth of cross-border data flows resulting from widespread adoption of broadband-based services in Canada and the United States has refocused attention on the restrictive effects of privacy rules in two Canadian provinces, British Columbia, and Nova Scotia. These provinces mandate that personal information in the custody of a public body must be stored and accessed only in Canada unless one of a few limited exceptions applies. These laws prevent public bodies such as primary and secondary schools, universities, hospitals, government-owned utilities, and public agencies from using U.S. services when personal information could be accessed from or stored in the United States.
The Canadian federal government is consolidating information technology services across 63 email systems under a single platform. The request for proposals for this project includes a national security exemption which prohibits the contracted company from allowing data to go outside of Canada. This policy precludes some new technologies such as “cloud” computing providers from participating in the procurement process. The public sector represents approximately one-third of the Canadian economy, and is a major consumer of U.S. services. In today’s information-based economy, particularly where a broad range of services are moving to “cloud” based delivery where U.S. firms are market leaders; this law hinders U.S. exports of a wide array of products and services.
Rather than taking this as a diplomatic threat to Canada by the USTR, it’s representative on how weak the US tech sector has become economically on the issues of privacy protections, when the USTR is coming out with statements like this.
This should serve as an example of a potential downfall in the Canadian tech sector, should the Government continue with it’s approach towards lawful access legislation in the cyber bullying legislation, and not get in front of all of this, to strengthen our privacy laws. I think it could be devastating to Canadian tech companies when eventually the EU comes knocking looking for change in our laws, and forcing that change, rather than implementing that change before it’s forced upon us, at a time when our democracy is currently under the microscope internationally due to the Government’s Election Reform Act.
While the two most powerful economic bodies are working on solutions to enhance data privacy protections for citizens, the Canadian government doesn’t seem to want to let go of the idea of warrentless wiretapping. Even though it’s legal in Canada already, the point continues to be made clear with Harper’s cyber bullying bill, which reaffirms the stance of the Canadian government that it is extremely reluctant (even after all of the diplomatic dance between the EU and US on data privacy) to recognize that this provision can and most likely will cost Canadian jobs if they don’t change it.
Do Internet providers profit from disclosure of subscribers information? It shouldn’t cost very much to get a low wage data admin to search a database full of IP addresses and correlate those assigned IP addresses to a subscriber. Being a qualified database admin myself, setting up such a system would be relatively easy, and extremely cost effective. Most ISP’s should already have a system like this in place to ensure the normal day to day operations, so essentially all that would be needed would be to have someone search a database of the IP addresses to find assigned subscribers. Let’s take Teksavvy for instance.
2000 IP addresses were searched through this database to find the matching subscribers. Manually inputting the IP addresses shouldn’t take more than a few hours, however getting a digital list of IP addresses, and running an SQL script to automatically search the database should take no more than 15 minutes for the development of the script (assuming you’re not using MS SQL and manually inputting the script and running test searches). It should only take a few seconds once the script is run to query the database and come up with subscribers tied to those IP addresses.
I’ll be conservative here with the numbers. This can easily be done with 2000 records manually within one 8 hour working day. At $20/hour x 8 hours = $160. This cost gets even lower when the database system gets automated. An estimated initial cost of maybe $500 would be required to automate this type of database search, secure the database, and send e-mails out automatically. After that, it should take maybe less then 10 minutes from receiving IPs in digital form to send notices out to customers. I’ve actually developed this type of database system for a small business client over a decade ago to handle his account receivables on payment due and automatically notify his clients through e-mails and texts of past due accounts (by using businesses records not IP addresses). This can be easily adapted to the copyright notice to notice regime, in fact most businesses, let alone telecommunication companies are already using this type of system.
What exactly are the legitimate expenses incurred by an ISP when having to search through their databases to identify subscribers? This question should be kept in minds of Canadians when looking at the current situation within copyright law, and mass surveillance. Torrentfreak did an excellent article today regarding getting a system like this in place for copyright in Canada, which will allow for copyright trolling, as long as the internet providers are paid a good profit out of the deal:
“The notice-and-notice law permits the government to set a fee for sending a notice that an ISP can charge. At the moment, it does not look like the government will establish a fee, preferring to wait to see how the system develops. Were this [business model] to come to Canada, the government might face increased pressure from ISPs to allow them to charge for their participation in the process,” Geist concludes.
Things get even scarier when looking at Telus’s response to the Teksavvy vs Voltage decision, comparing this with the prospect of future lawful access legislation:
“We respect our customers’ privacy and would not voluntarily provide such information,” said Telus spokesman Shawn Hall. ”That said, we fully support law enforcement’s need to access information to conduct investigations, and would comply with proper court-ordered warrants or any changes in privacy legislation.”
In my opinion, upping the costs associated with identifying subscribers will not deter abuse of privacy rights of Canadians, in fact what we’ve learned with the NSA disclosures, is that technology companies seem to be looking the other way regarding net citizens privacy. At least in Canada it comes with a cost, however what would be way more effective, would be to strengthen our privacy legislation to deter abuse, and profitability of that abuse of subscribers rights and allow for more targeted investigations by law enforcement.
Profiting from the abuse of the legal system, and abuse of users rights should be the last thing on the minds of our telecommunications providers. As Edward Snowden suggested yesterday in his presentation, it erodes trust within our digital communications network, and makes us less secure when those who would profit on such activities, are thinking more about their bottom line than actively participating in the democratic values of the society they serve. In order to build that trust back, those telecommunications and technology providers have to step up to the plate. Many already have from Microsoft to Yahoo, however Canadians need to be comfortable this is not going to happen within our telecommunications companies considering their position within copyright laws, let alone positions they have taken regarding government surveillance.
The equilibrium will be established through emerging technology currently in development. Technology innovation cycles are around 18 months, and we are now in the 10th month of the NSA disclosures. This means that tools being developed to secure communications due to the failure of the communications industry to date, will be soon available with ease of use to the regular net citizen. These tools will essentially force an end to mass surveillance used by governments and the copyright lobby. Not even you’re ISP will know what you are doing. The only way to route around that would be through installed spyware or malware, making it extremely hard to mass surveil anyone, and force law enforcement and government towards targeted investigations.
As a technology developer myself, I cannot wrap my head around technology companies not thinking about securing their customers information from abuse, let alone making a profit from such abuse. That to me is a breach of the fundamental trust of the principles most developers and service providers are taught. It’s made us less secure, and a huge uphill battle to regain that trust, when profitability and the bottom line comes first above everything else.
In August last year I wrote a post regarding the Lack of Privacy Is A Matter Of National Security . A lot of Snowden’s presentation does touch up on that subject regarding mass surveillance making our communications systems less secure. You can also view Snowden’s written testimony to the EU Parliament here. The EU will be voting on a resolution on Wednesday to delay trade agreements with the US over mass surveillance, and stripping US companies from immunity over legal liability over EU citizens privacy. It’s worthy to note, that the EU also has Canada’s privacy laws in it’s sights as well.
Snowden’s SXSW presentation is about an hour long presentation, however a must see for those of you in the tech development fields. An earlier copy of Snowden’s presentation today released by the ACLU was very hard to understand due to the audio eco’s. Here is a more cleaned up copy of Snowden’s SXSW presentation. Enjoy:
Industry Canada has released it’s priorities for 2014 – 2015. These priorities seem to suggest the government is extremely concerned about barriers put up by telecom sector to the use of e-commerce. It also suggests that days before the EU starts slapping the US around on privacy concerns, the Canadian government has sent a message that it’s willing to co-operate with the EU on changes to our privacy laws after a threat from the EU to review our privacy laws and possibly put the newly signed CETA trade agreement at risk as a result.
A few points worth highlighting regarding telecommunications policy:
This program develops legal and policy frameworks in the areas of spectrum, telecommunications, privacy protection and online security. It promotes the efficiency and adaptability of the Canadian digital economy by regulating commercial conduct and discouraging misconduct in the use of electronic means to carry out commercial activities and by working with the private sector to remove barriers to the use of e-commerce.
The above sounds like an attack on the use of bandwidth caps to me, considering governments previous language on the issue of usage based billing. If I was CRTC Chair Jean-Pierre Blais right now, I’d be very careful on how he moves forward on the bandwidth cap issue. It seems to me from the language displayed here, that Industry Canada is watching these “Let’s Talk” proceedings with a keen interest on the wider digital economy.
The below regarding telecommunications policy seems like the government got the message from the EU regarding our privacy laws:
Other elements will include: modernizing the privacy regime to better protect consumer privacy online; monitoring the implementation of Canada’s anti-spam legislation; and deepening analysis of Canada’s communications infrastructure.
Industry Canada will develop a multi-year work plan to fulfill its mandate within the Cyber Security and the Critical Infrastructure Protection strategies. The Department will also work internationally to develop standards that address cyber security and privacy concerns.
On March 12th, 2014 the EU Parliament is expected to raise it’s voice big time over the US’s NSA spying on EU Citizens. The threats thus far from the EU have been related to putting trade agreements on hold, and suspending the US’s safe harbor for EU data. The EU has even threatened Canada with a review of our privacy laws to see if they are adequate enough to protect EU citizens from unwarranted interception, which could put the newly signed CETA trade agreement between the EU and Canada at risk.
Will the language on privacy thwart a review of Canadian privacy law by the EU? I would suspect not, as the EU is extremely upset over the NSA spying, and those that have helped the US in this regard including Canada. What the language will provide however, is talking points for Industry Minister Moore should the EU have Canadian privacy laws in it’s sights.
On the surface the priorities of Industry Canada regarding telecom and privacy seem to be in-line with Canadians on these issues, however the devil will be in the details regarding future legislation to bring these priorities into law. Considering pressure from the EU on the privacy front, I’m hopeful that meaningful changes in our privacy laws are about to occur.
A few weeks ago I wrote an open letter CRTC Chair Jean-Pierre Blais regarding usage based billing. I received a response today that reads the following:
I am writing in response to your Wednesday February 19, 2014 correspondence to the Chairman of the CRTC, Jean-Pierre Blais. In your letter you seek to discuss an issue that has been raised as part of the Let’s Talk TV consultation. At this time it is not possible for Mr. Blais to address any questions on topics that have been raised as part of the Let’s Talk TV process outside of the pre-established consultation processes. Of course, phase 2 of Let’s Talk TV has begun and you are invited to provide your input by filling out the Let’s Talk TV: Choicebook.
I would also note that the Chair has indicated that the Commission intends to hold a public hearing as part of the Let’s Talk TV process in September of this year, in which interested parties may participate.
Conseiller juridique/ Legal Counsel
Important to note that Mr. Blais took to twitter a few weeks ago to answer questions which got some very interesting responses, and yet when it comes to the economic impact bandwidth caps may actually have on the wider digital economy, he chooses not to answer any questions, and points to a public hearing in which will mostly be packed with telecom industry lobbyists. I thought the culture changed at the CRTC to include more openness with Canadian consumers. I guess I was wrong with that assumption.
Back over a decade ago, I was having problems with Bell basically double billing my account for Sympatico internet services. Like many in tech I took to customer forums to complain and was introduced to the Resident Broadband Users Association (RBUA). I got to know these people pretty well. They were made up of a lot of tech like minded people, some of which had worked in tech support for various ISPs. I believe the founder of this organization worked with Rogers at one point, and formed this group to bring concerns of the tech community up directly with Rogers.
I got to learn over a few months what was then the early days of what’s currently being coined as “The Pro-Internet” community. Basically what this meant back then was “tech friendly”. One of the biggest achievements for the tech community I was told the RBUA had accomplished, was a successful push back against Rogers when the company was looking to abolish and block personal FTP servers. For the tech community we often bring our work home, so we needed quick access to files when we needed them when we were on and off site.
At the time I met these guys, they didn’t have a working relationship with Bell Canada. I was invited to become a senior writer for this organization, and would have been in charge in trying to set up a working relationship with Bell. At the time I couldn’t commit to the amount of time needed to fulfill this role and attend staff meetings, since I was in school full time learning computer sciences. I kept in contact with the group sporadically over the span of a few years. When trying to get back in contact with this group due to Rogers throttling in 2007, I was told the association had folded due to various reasons and was given contact info for the newly formed Canadian Internet Policy and Public Interest Clinic (CIPPIC).
Traditionally the independent internet providers have often sided with the tech community. From working in business at one of Ontario’s many independent ISPs in the mid-90s, I’d often worked with business IT professionals selling the idea that our companies were smaller, so we’d be more receptive to the needs of IT with our business clientele, and could adapt to individual needs.
During the Fair Copyright for Canada movement in which I was also very much a part of, the public for the first time got an education around things the tech community had been concerned about regarding things such as “Net Neutrality” and especially techs most hated topic, “copyright” and the effects “copyright” could have on net neutrality. This was also during the heat of the battle against Rogers throttling when the public woke up on the tech community’s concerns.
In 2010 a new “advocacy” group popped up called “Openmedia” over public anger over the use of bandwidth caps. This is where things seem to stray with respect to the traditional “pro-internet” community. Openmedia essentially used concerns over bandwidth caps Canadian consumers had, and turned it into a lobbying issue with respect to the independent internet providers at the CRTC.
I’ve spoken with Steve Anderson several times. He’s a very nice guy, has genuine concerns, however doesn’t seem to completely grasp the technical side of things, and seems more concerned about the politics of telecom policy than pushing the concerns most have in the traditional “pro-internet” community forward to the CRTC. His primary post secondary study was in film not tech.
There’s no doubt that being seen as “pro-internet” these days is good for the corporate bottom line, however today we’re at a very interesting cross roads. The identity of the “pro-internet” community seems to be more and more dictated by two entities here. One would be Micheal Geist (who’s personal ideologies sometimes stray that of the traditional crowd due to his pro-copyright stances), to Openmedia who from my past working relationship with them are more worried about the PR and how that can benefit their corporate donors.
Don’t get me wrong, Openmedia is doing good work on “occasion”, however their successes have largely been built around a very misleading move regarding usage based billing, which should have not been used to influence its corporate donors market position. Often times they lead from behind. As a result, the foundation isn’t strong enough to be sustainable for this group to last very long in my opinion if this group continues to stray and damage a lot of the ideology it’s supposed to be supporting. Look at the issue of usage base billing now. Are we better off as a result of Openmedia’s UBB campaign, not even in the slightest.
One of the things I’ve learned in over a decade of fighting for pro-internet (or pro-tech) ideology is dictation of the message from corporate influences on tech policy is exactly what they often fight against. Our army is strong and growing by the day. One thing I’ve learned, is that the traditional pro-internet community are not “zombies”. Over this past week, I’ve often wondered, how many bricks is it going to take, before the traditional pro-internet community has had enough, and breaks down this wall of corporate influence, not just with Openmedia, but how the term “pro-internet” is now being improperly used to garner support for being unfriendly to consumers, and the tech community on a whole. I don’t even have to cite any examples here. I think those in the traditional wing of this community who have been disillusioned by recent events, and following this blog for some time know exactly what I mean.
Coming from the grass roots of the pro-internet community myself, I think those that have strayed away from it don’t realize that every time the words pro-consumer or pro-internet are used out of context, to defend and sell very anti-consumer and unfriendly positions of those who formally supported this community in business in the past, puts yet another brick on the wall.