Obituary: The Conservative government abandons Internet surveillance bill (Bill C-30)
Almost a year after the bill's introduction on Valentine's Day in 2012 by Canada's public safety minister, Vic Toews, the Conservative government abandoned its attempt to modernize the Criminal Code through Bill C-30. The purpose of the proposed legislation was to provide law enforcement with a facilitated mechanism to track the digital activities of suspects. However, over its twelve month existence, the bill garnered more than its fair share of public criticism.
Even the title of the legislation was scrutinized. The official title was An Act to enact the Investigating and Preventing Criminal Electronic Communications Act and to amend the Criminal Code and other Acts – quite a mouthful. The bill was originally tabled as the Lawful Access Act but was supposedly withdrawn an hour later and resubmitted with a new short title, The Protecting Children from Internet Predators Act. However, this title was a bit of a misnomer as the legislation was not aimed specifically at the prevention of child pornography, but rather the prevention of organized crime, money laundering, anti-competitive behaviour, and terrorism. This led critics to believe that the title existed solely to sell the bill to the public.
Bill C-30 was the latest in a series of attempts to pass similar "lawful access" legislation in Canada. In 1999, the Liberals proposed the institution of Internet surveillance technologies and powers to access subscriber information. The bill never made it to Committee. In 2005, the Liberals proposed Bill C-74, the Modernization of Investigative Techniques Act which would have required telephone and Internet service providers to implement interception capabilities into their networks and would have allowed law enforcement access to subscriber information without a warrant. More recently, three attempts (Bills C-50, C-51, and C-52) were abandoned in 2011 when Parliament dissolved for the federal election.
The Proposed Scheme
Bill C-30 would have granted police, security, and anti-competition authorities various powers to monitor and track the digital activities of Canadian digital users in real-time. It required service providers to log identifying information about their customers' digital activities and install equipment to enable the real-time monitoring of the digital activities of customers. Surveillance measures were to extend to both Internet and mobile data and enforcement authorities would not have needed a warrant to access the customer's information, including the customer's telephone number, email address, and IP address. Notably, information could be collected both in relation to the suspect and the victim (or intended victim). Capturing further information, such as the actual content of communications, would still have required a warrant, though information collected without a warrant could have itself been used to help justify obtaining the warrant.
Using a mechanism already included in PIPEDA, the bill included a gag order which prevented a service provider from even acknowledging that it had participated in an enforcement request for the user's information. In effect, the measures under the bill would have provided an exception to an individual's reasonable expectation of privacy.
From the outset, the Tories came under heavy pressure to amend or withdraw the bill. The principal criticism was that the legislation provided powers that vastly overstepped their purpose. There was a worry that authorities could eventually use the surveillance mechanisms to pry on the activities of protestors, activists, and other types of parties that were not originally contemplated during the bill's conception. The proposal did not set out real limitations on who the authorities could listen in on and who they could not. The legislation could have potentially impacted any Canadian citizen.
There were dangers in collecting such information about private citizens. Dr. Ann Cavoukian, Ontario's Information and Privacy Commissioner, warned that such a repository of private information would be attractive (in her words, "a gold mine") to hackers and cyber criminals.
Further, the equipment required to allow monitoring at the ISP level is expensive and there were no mechanisms in place to help ISPs pay for such surveillance systems.
Furthermore, the lack of accountability threatened the validity of the bill. In April 2012, the Supreme Court of Canada (in R. v. Tse) declared warrantless wiretapping unconstitutional where no judicial oversight mechanisms were in place. Bill C-30 only provided for basic auditing measures and little judicial oversight. An eventual constitutional challenge was all but certain.
As a result of public backlash, two days after the bill was introduced, the government had announced that the bill would be returned to committee for amendments. And now, a year later, Bill C-30 has been abandoned. However, considering the numerous attempts at passing Internet surveillance legislation in the recent past and increasing pressures by the police and security agencies in an effort to battle an increasing amount of criminal activity transpiring over digital networks, it would be reasonable to expect the introduction of a modified version of Bill C-30 in the not too distant future.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.