The gubmint has some ideas about the way the internet should work in Canada: "Before supporting this initiative, however, Canadians ought to ask some tough questions."
Well, d'uh. He then asks:
- Are all these new powers necessary? Given the high price, it should fall to law enforcement to make the case that their existing powers are inadequate. They have thus far failed to do so, neglecting to point to a single case where current Canadian law ultimately resulted in a botched investigation or failed prosecution.
- Do the new powers contain sufficient judicial oversight? The answer to this question appears to be an obvious no. In order to preserve the privacy and security balance, greater safeguards should accompany the increase in network surveillance. Instead, the proposal contemplates the opposite approach with greater surveillance and fewer safeguards.
- Are the lawful access provisions constitutional? There is considerable uncertainty on this issue since the lack of judicial oversight and the potential for access to information without judicial warrants suggest that the provisions will, at a minimum, face constitutional challenge and tough scrutiny from the Canadian courts. A less usefull question as it can be addressed by the courts. &emdash; me.
- Is lawful access strictly designed to address the threat of terrorism? Once again, the answer appears to be no. While the genesis of the initiative dates back to the post 9/11 environment and the desire to address terror concerns, lawful access is now envisioned as a catch-all for Internet-related issues including child pornography, identity theft, phishing, and spam. It is certainly important to address these issues, yet many would question why we must sacrifice our privacy in order to protect it.
- Will lawful access actually prove successful in battling Canadian terror? While no one knows the answer to that question, there is reason to doubt it will. Encryption technologies are left largely untouched by this proposal, which may allow some groups to communicate without fear of surveillance. Moreover, with smaller ISPs exempt from the new surveillance requirements due to cost considerations, evading the surveillance may require little more than subscribing to exempt providers.
It is important that new legislation should be shown beforehand to help solve the problem that it was created to address. How and where exactly this requirement is to be codified is an excercise that I leave to the reader.