Canada’s national security consultations get negative reviews from just about everyone

An ambitious plan to launch a nationwide consultation on Canada’s national security regime didn’t go over well, according to internal reports prepared by the federal government.

Academics, experts, and businesses confided to Ottawa “discontent with how the questions are framed” and consistently expressed “skepticism of the need for new investigatory powers,” according to documents obtained by VICE News under the Access to Information Act.

While those who were consulted did tell the federal government they appreciated being asked, they were not very fond of the topics that came up. When it came to everything from giving police the power to force suspects to decrypt or unlock their cell phone or computer, to requiring companies to hang on to Canadians’ data for prolonged periods of time, the stakeholder responses were less than receptive.

On Friday, the federal government also released an 18-page report on those consultations — which included summaries of roundtables, online consultations, and email submissions — that showed the public was no more fond of the new proposals.

The draft summaries of the “notable submissions” obtained by VICE News include responses from “law enforcement, civil society, academic, and communications services provider sectors,” as well as privacy commissioners from across the country.

“Across all themes, stakeholders believed it was unclear why existing statutory powers were inadequate for the needs of investigators,” the summary reads. Dozens of pages relating to the request were withheld by Public Safety Canada, citing exemptions in the Access to Information Act.

The consultations also highlighted fronts on which the government was notably quiet.

Multiple stakeholders suggested addressing IMSI catchers — devices also known as Stingrays, which can track cellphones and which have become a favored tool by Canadian police. Privacy commissioners from across the country suggested new safeguards on how the Communication Security Establishment collects and uses metadata. One stakeholder recommended better internet infrastructure to “protect Canadian traffic from perceived US surveillance.”

Those suggestions appeared nowhere in the final report published by Public Safety Canada.

The consultations were launched last year to get direction from the public on overhauling Canada’s anti-terrorism, surveillance, and espionage laws. While the reforms were initially billed as a plan to roll back certain powers afforded to law enforcement and spy agencies under bill C-51, a green paper released as part of the public consultation made the case for expanded powers on a variety of fronts.

VICE News prepared a primer on those consultations last December.

Soon after the consultation was launched, many civil society groups and academics took issue with language in the consultation documents that appeared leading or suggestive.

The B.C. Civil Liberties Association blasted the green paper, writing: “It reads like it was drafted by a public relations firm tasked with selling the current state of extraordinary, unaccountable powers.”

The Canadian Bar Association wrote in its submission that “the scenarios in the green paper seem to favour implementation of the most controversial sections of bill C-51, despite the government’s commitment to carefully reconsider that bill.”

Not long after the green paper went out, the government was quick to note that the document was merely a discussion-starter, not the basis for future legislation. However, behind the scenes, the government was already beginning to mock up what legislation could look like.

In March, VICE News reported that the federal government moved forward on outlining legislation that would allow investigators to obtain Canadians’ personal information from telecommunications companies without a warrant, even before the national security consultations wrapped. A few days later, those plans were criticized and picked apart by experts at a roundtable in Toronto.

Below, we compiled summaries of what everyone is saying on the government’s national security proposals.

Until a few years ago, police were able to request Canadians personal information from a variety of companies without a warrant. This could include your name, address, phone, number, and IP address, amongst other things, from your cellphone and internet providers, or your bank. In 2014, the Supreme Court declared that process unconstitutional.

Green paper

“If the Government developed legislation to respond to this problem, under what circumstances should BSI (such as name, address, telephone number and email address) be available to these agencies?”

Consultations

“Most stakeholders — spanning the civil society, academic, and [communication service provider] sectors — believed that investigators should require judicial authorization in order to access [basic subscriber information].”

Public Response

“Seven in 10 responses consider their basic subscriber information (BSI) – such as their name, home address, phone number and email address – to be as private as the actual contents of their emails, personal diary and their medical and financial records. Almost half (48%) said BSI should only be provided in ‘limited circumstances’ and with judicial approval.”

Most communication companies have built-in hardware and software that allow them to intercept communications on their networks on behalf of police. However, not all companies have built up that capacity.

Green paper

“Should Canada’s laws help to ensure that consistent interception capabilities are available through domestic communications service provider networks when a court order authorizing interception is granted by the courts?”

Consultations

“[Communication service provider] stakeholders recommended that, should intercept capability requirements be introduced, this must be accompanied by measures to ensure that new obligations do not interfere with business operations or competitiveness … [Some civil society organizations] opposed the introduced of any intercept capability requirements. Only law enforcement stakeholders expressed unqualified support.”

Public response

“Nearly eight in 10 (78%) oppose interception capability legislation and seven in 10 (69%) say there should be no consistent interception capabilities through domestic communication service providers, even if authorized by a court.”

Police have warned for years that encryption is frustrating their attempts to catch bad guys, but civil liberties organizations have warned against any attempt to weaken encryption standards — either by requiring big technology companies build backdoors for police, or by creating a new warrant to force someone to decrypt their own information.

Green paper

“If the government were to consider options to address the challenges encryption poses in law enforcement and national security investigations, in what circumstances, if any, should investigators have the ability to compel individuals or companies to assist with decryption?”

Consultations

“Stakeholders broadly opposed ‘exceptional access’ measures … given the significant security and privacy risks associated with such measures … Many civil society and academic stakeholders opposed any proposal to compel individuals to disclose their passwords, noting that constitutional risks this would involve.”

Public response

“Views were equally strong against giving investigators the ability to compel individuals or companies to assist with decryption.”

Under bill C-51, police now have the power to request that companies keep customers’ data for prolonged periods of time. It has been suggested, however, that companies should be required to preserve data automatically, for prescribed periods.

Green paper

“Should the law require Canadian service providers to keep telecommunications data for a certain period to ensure that it is available if law enforcement and national security agencies need it for their investigations and a court authorizes access?”

Consultations

“While law enforcement stakeholders supported introducing mandatory minimum data retention periods, many civil society and academic stakeholders opposed any such proposal. [Communication service providers] and civil society stakeholders which did not express outright opposition to data retention still noted serious concerns regarding the potential impact of such measures on the privacy of Canadians and on the security of their data.”

Public response

“Most online responses (68%) opposed imposing a legal requirement on domestic communications service providers to keep telecommunications data for a specific period so it can be made available (with court authorization) to law enforcement and national security agencies.”

Read the full summaries of the national security consultations: