Skip to main content
The Globe and Mail
Support Quality Journalism.
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); } //

Gerald Chan and Stephen Aylward are lawyers at Stockwoods LLP in Toronto.

Apple Inc. CEO Tim Cook has recently grabbed headlines for his company's strong stance on digital privacy. The U.S. Federal Bureau of Investigation obtained a court order requiring Apple to bypass the security lock features on an iPhone belonging to one of the shooters in the San Bernardino terrorist attack, and Apple is appealing the order.

Canadian iPhone users following this legal skirmish may not be aware that the same issue has already arisen on this side of the border. The scope of our privacy protections, however, remains uncertain even as police become increasingly reliant on technology companies for assistance. Canada needs clearer and stronger limits on when law enforcement can compel private companies to undermine the digital security of their users.

Story continues below advertisement

After rumours surfaced in 2013 of a video showing former mayor Rob Ford smoking crack cocaine, Toronto police began investigating Mr. Ford and his driver, Alexander Lisi. Police obtained a search warrant for Mr. Lisi's iPhone, which they believed would contain evidence linking Mr. Ford or Mr. Lisi to criminal activity.

When they discovered that it was locked with a passcode, they returned to court for an "assistance order" requiring Apple to provide "reasonable technical assistance" to bypass the code. An Ontario judge granted the order. Because Apple did not contest the order, however, the judge gave no reasons explaining his decision.

Apple has now begun to push back against similar orders in the United States. The Lisi order is virtually identical to an order that Apple successfully opposed in a New York court case decided last month. The San Bernardino order is also similar, although it goes one step further – it requires Apple to create new software to bypass the passcode lock because the iPhone model has more advanced security features.

Until recently, "assistance orders" such as the one in the Lisi case, have played a minor supporting role in criminal investigations. They have been used to allow police access to a building or to make copies of documents. In a case involving Telus last year, however, assistance orders were given more muscle.

Telus challenged an assistance order requiring it to disclose customer name and address information to police as being overly intrusive. In a setback for technology companies, an Ontario court ruled that assistance orders can go further than connecting wires and flipping switches. They can require a company to do what is necessary to help a warrant "succeed at its intended objective."

Police may also resort to the "production order" power in the Criminal Code, which allows them to require a company to produce data within its control. This, however, may be a more challenging route. It is arguable that the data in the iPhone is not within Apple's "control" if it has to create new software in order to access it. Even if it is, a company can resist a production order on the basis that it would be "unreasonable in the circumstances" (i.e., too onerous).

Canadian companies have had some success challenging production orders. Earlier this year, Rogers and Telus successfully challenged a set of "tower dump" production orders that would have required them to produce call records of more than 40,000 customers (capturing anyone who happened to be near specified cellular towers). The court found that the requested orders went too far because they were not "minimally intrusive" of customer privacy.

Story continues below advertisement

Finally, if neither the "assistance order" or "production order" power suffices, police may try to obtain a "general warrant." This is the residual, catch-all power in the Criminal Code that allows police to "use any device or investigative technique or procedure or do any thing described in the warrant" that is not authorized elsewhere in the code.

Most notably, general warrants have been used to authorize police to do "sneak and peek" searches (covert entries into homes and other properties) in drug cases. Whether the "general warrant" can go so far as to require a company like Apple to create software to bypass its own security features remains to be seen.

In the digital age, the keys to our privacy are held by companies like Telus, Rogers and Apple. We rely on these companies to protect our data, defend our privacy and guard against hackers. But until the law catches up with technology, Canadians cannot be sure how their personal information will be protected when law enforcement comes knocking. This situation does not serve either the privacy or the security of Canadians.

Report an error
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies