Last month, the Supreme Court of Canada made clear that the centuries-old search-warrant principle continues to apply in the electronic age. And now, Canada’s telecommunications companies, which had previously felt obligated to give the government and police warrantless access to customer records, are starting to change their practices. Good.
The decision in R. v. Spencer said that customers of an Internet service provider – in this instance, Shaw Communications Inc. – are entitled to a reasonable expectation that their IP addresses will be kept private, unless the police get authorization from a judge to obtain it.
The court’s judgment has contributed substantially to the Canadian public’s growing awareness that wireless carriers and ISPs have frequently acted as if the police simply had a right to get whatever access they wanted to a customer’s account.
The Supreme Court’s ruling has clearly had an impact. Last week, the chief privacy officer of Rogers Communications Inc. said the judgment, along with numerous customer complaints, has led the company to stop routinely giving access to the police. Telus Corp. and the ISP TekSavvy have made similar announcements.
Quite properly, life-and-death situations and other genuine emergencies still justify making a few exceptions to the search-warrant requirement. But most of these access requests aren’t emergencies. A judge can review them, and must.
Understandably, the companies’ written privacy policies have not yet been amended. For example, Rogers’ policy still says that it “will not release your personal information with these exceptions...,” including “when we believe that the law requires it.” Presumably this wording will soon be changed to give a more rigorous, less subjective-sounding principle. Telus is briefer – “when required by law” – as is Bell Mobility – “where ... disclosure is required by law.” (BCE Inc. has a 15-per-cent interest in The Globe and Mail.)
Of course, telcos should do nothing more than follow the law. And thanks to the Supreme Court, we know where the line is drawn, between legal government access to your information – and access that is not legal.