Canada’s privacy watchdog is urging Ottawa to rein in surveillance powers of the country’s spy agencies by rewriting outdated laws to limit snooping powers online.
The recommendations Interim Privacy Commissioner Chantal Bernier made on Tuesday broadly call for more surveillance disclosure and less unauthorized access to Canadians’ personal information.
While some privacy and security experts applauded the special report, the independent commissioner’s recommendations are non-binding, leaving the issue in the hands of Stephen Harper’s government, which paid it little attention on Tuesday. Two cabinet ministers overseeing security agencies declined comment, while Canada’s Communications Security Establishment (CSE) said it is already “taking steps to better inform Canadians about our activities, including publishing new fact sheets on our website.”
But the status quo is not enough, Ms. Bernier said in an interview.
“It’s a call to action for greater transparency, to then have greater accountability. When you look at our recommendations, quite a few are low-hanging fruit. Quite a few could be implemented immediately,” she said.
Among the recommendations, she said, is that the CSE be required to disclose more statistics and produce an annual report for parliament without jeopardizing security work. “Even within that very legitimate constraint, they could be more transparent,” she said.
Security agencies should be forced to update the public on what past recommendations they have implemented or ignored, the report said, and government should require a privacy impact assessment of any new program. The report also called for more power for watchdogs, including Ms. Bernier’s own office, and for federal privacy laws – the Privacy Act and the Personal Information Protection and Electronic Documents Act – to be updated to “curb over-collection” of data.
“In our view, the current Canadian system of intelligence oversight would operate better if fine-tuned to new operational realities,” the report says.
Ms. Bernier also said federal officials should not monitor social media, saying that information “is often shared with an expectation of privacy, whether that is reasonable to expect or not,” and adding the information should not be viewed unless it is “legitimate government business.”
“We do not consider that personal information on a social networking site loses its character as personal information,” Ms. Bernier said in an interview.
Others disagree. Among law enforcement officials, “everybody accepts that if you publish something on a blog or tweet something, it’s publicly available information,” said Ray Boisvert, a security consultant and retired assistant director of intelligence at the Canadian Security Intelligence Service (CSIS).
Mr. Boisvert contributed to the report, and said he supports 90 per cent of its recommendations, but is concerned by anything that would “throw impediments in front of organizations [looking] to exploit social media.”
The report comes in the aftermath of former U.S. contractor Edward Snowden’s revelations about global surveillance activities. “The extent of access to personal information is much more intrusive than we had feared even before,” said Sukanya Pillay, acting executive director of the Canadian Civil Liberties Association, which contributed to the report and welcomed its recommendations.
Defence Minister Rob Nicholson, whose department oversees the CSE, and Public Safety Minister Steven Blaney, whose file includes CSIS, declined comment on Tuesday, as did CSIS itself. In its statement, CSE said it “follows the letter and the spirit of that law,” although it has previously acknowledged it “incidentally” intercepts Canadian messages.
“It’s time to modernize our laws with respect to privacy in light of the technological changes. We want to see government take this seriously,” NDP National Defence Critic Jack Harris said.
Liberal Public Safety Critic Wayne Easter called on government to adopt his private member’s bill, C-551, to create a National Security Committee of Parliamentarians to oversee Canadian security efforts. He rejected one of the recommendations – a global study of security oversight to compare to that in Canada. “Take legislation that’s available right now, use it as a framework and get on with it,” he said.
Canada’s current privacy laws are indeed “deficient” but can be built on, said Christopher Parsons, a postdoctoral fellow at the Munk School of Global Affairs’ Citizen Lab, who studies state access to telecommunications data and welcomed the recommendations.
“In some respects, some of these are almost no-brainers,” he said. “…If they got everything they want, I think they’d be ecstatic. I have a suspicion that these are presented as what we’d want to have, but politics is really about the odds.”