Feeds

Canadian bill forces personal data from ISPs sans warrant

Requires police intercept hardware

Next gen security for virtualised datacentres

Canada is considering legislation allowing the country's police and national security agency to readily access the online communications and the personal information of ISP subscribers.

"We must ensure that law enforcement has the necessary tools to catch up to the bad guys and ultimately bring them to justice. Twenty-first century technology calls for 21st-century tools," Justice Minister Rob Nicholson said in announcing two new bills at a press conference in Ottawa, the CBC has reported.

The Technical Assistance for Law Enforcement in the 21st Century Act would require ISPs to install "intercept-capable" equipment on their networks and provide police with "timely access" to subscribers' personal information, including names, street addresses, and IP addresses.

According to the Government of Canada, the new law would not provide police or the Canadian Security Intelligence Service (CSIS) with additional intercept powers. Police forces and the CSIS will still require warrants for communication interception, the government says.

But they will not need a warrant when requesting a subscriber's personal information. At the news conference, Public Safety Peter Van Loan said that currently some ISPs are unwilling to provide personal info without a warrant and that this slows down investigations into crimes like child sexual exploitation or online theft.

We're not surprised he played the child sexual exploitation card.

Van Loan also said that ISPs will have to pay for the new intercept equipment but that the Canadian government may provide "reasonable compensation" if a service provider is forced to retrofit existing hardware.

ISPs would have 18 months to make the changes, but the law would provide a three-year exemption for companies with less than 100,000 subscribers.

The government is also proposing amendments to the Criminal Code, the Mutual Legal Assistance in Criminal Matters Act (MLACMA), and the Competition Act. These amendments would allow police to obtain both telephone and internet transmissions with a warrant (for live data) or a production order (for historical data), force telcos to retain data related to particular investigations, and allow law enforcement to remotely activate existing tracking devices in cell phones and other devices.

Oh, and it would make it a criminal offense for two or more people to agree to or arrange child sexual exploitation via telecommunications. ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New twist as rogue antivirus enters death throes
That's not the website you're looking for
ISIS terror fanatics invade Diaspora after Twitter blockade
Nothing we can do to stop them, says decentralized network
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.