News - All

  • – 2015-07-16 –

    Canada's federal, provincial and territorial Information and Privacy Commissioners are calling for nominations for the Grace-Pépin Access to Information Award, which will honour and recognize the efforts of individuals or groups who have demonstrated an exceptional contribution to Access to Information rights in Canada. Nominees are judged based on the significance, implementation and impact of their work on the Canadian Access to Information right. The award could not be more timely, as Canada's aging Access to Information regime (which has not been substantially reformed since its introduction over 30 years ago) is in dire need of reform to bring it into the digital age. 

    The award also honours and commemorates its eponymous Commissioners, John Grace, former Information Commissioner of Canada, and Marcel Pépin, president and founder of the Commission d'accèss à l'information du Québec. It is typically presented during Right to Know week, celebrated each year in September. Nominations are due August 31, 2015​. More details on the nomination process and requirements are available here (FR). To submit a nominee, fill out this form here (FR).

  • – 2015-06-05 –

    Monday, June 15, at 6pm CIPPIC, Amnesty International Canada & the Ottawa Public Library will host a free public screening of CitizenFour. The documentary explores how former National Security Agency contractor Edward Snowden approached reporters Laura Poitras (who also directed the Academy Award winning documentary), Glenn Greenwald and others with a treasure trove of classified documents exposing the shear unprecedented scope and magnitude of the NSA's monitoring of the world's digital activities. This, in turn, launched an international debate about the protection of privacy in the digital age and the appropriate role of our foreign intelligence agencies.

    Today marks the two year anniversary of the day the Guardian first reported on an NSA program that mandated Verizon and other US-based telecommunications companies to hand over metadata on all phone calls (domestic and foreign) on a regular basis in order to populate a metadata base that it could data-mine at will as part of its foreign intelligence program. The story sent ripples around the globe, and last week the US congress greatly restricted it by limiting the NSA's surveillance powers for the first time in decades. But the expansive metadata program, it turned out, was just the tip of the iceberg as a string of revelations from Snowden's files followed, each more staggering than its predecessor and confirming privacy advocate's worst predictions (CJFE hosts a searchable archive of these). We have also learned much about Canada's complicity (by its participation in the Five Eyes intelligence partnership with the US, UK, Australia & New Zealand) in creating this global web of surveillance. The film is a must-see for any privacy advocate, as well as for anyone who wants to learn about Snowden's experience or how our communications networks are monitored. Join us June 15! More details after the jump or download the event flyer

  • – 2015-05-20 –

    The Federal Court of Appeal issued its ruling in Bell Canada v. Amtelecom, 2015 FCA 126, which challenged the implementation of the CRTC's wireless consumer protection code. The Code was put in place by the CRTC out of recognition that Canadian customers of mobile services were not adequately protected by the existing regime. It sought to improve the state of affairs by granting customers comprehensive rights, overseen by the CCTS, including an important provision that limited service providers from locking Canadians out of the wireless market for three years at a time and thereby hindering competition. The protections in the Code were to apply to all customers two years from the day the Code was issued, including to those customers who were still locked in to pre-existing three year contracts. However, a number of providers appealed the decision, arguing that the CRTC lacked the power to protect customers until their existing contractual terms expired. Specifically, these Appellants argued that by restricting the length of wireless contracts to two years and limiting the penalties a wireless provider could impose onto customers for switching providers early, the CRTC impermissibly interfered with vested rights retrospectively by preventing them from recovering the cost of subsidized mobile devices.

    In its arguments to the Federal Court of Appeal CIPPIC, representing OpenMedia, argued that the Code was actually future-facing (not retrospective) and that, regardless, the CRTC had the regulatory authority to interfere with past vested rights. The switching costs imposed on customers for moving to another provider early -- out of frustration with the service or because better deals emerged in the market -- were in reality penalties imposed on customers for future actions. This is borne out by the record of the proceeding, where a number of service providers testified that these penalties were a means of minimizing churn (preventing customers from moving to a competitor) not a means of recouping mobile device costs. Many of these penalties exceeded the value of any device, which is the reason the CRTC regulated the amount of early termination fees, forcing providers to tie these to device subsidies. More importantly, the CRTC is entrusted with overseeing a comprehensive regulatory regime that requires the balancing of complex policy objectives in a highly specialized environment. It would be impossible if not impractical for the CRTC to carry out its task without the ability to interfere with vested rights. In a carefully thought out decision, the Federal Court of Appeal found that the Wireless Code did in fact interfere with vested rights retrospectively, but that the CRTC was empowered to do so as long as it acted reasonably which, in this instance, it did. As a result, all Canadians, including those who are currently stuck in three year contracts, will be able to benefit from the Code's protections as of June 3, 2015. This includes the ability to leave a service contract without penalty 24 months from the day the contract began. For more information, see our resource pages on the Wireless Code and on our intervention in Bell v. Amtelecom.

  • – 2015-05-18 –

    CIPPIC has joined over 65 civil society organizations from around the world in an open letter to Mark Zuckerberg regarding its initiative. is Facebook's portal for mobile Internet access in developing countries. The portal is essentially a mobile app through which individuals can access other Internet sites, after first passing through Facebook's servers. The portal is zero rated, meaning that Facebook has entered into deals with wireless providers around the world that exclude usage from data charges. While Facebook presents this as an altruistic initiative designed to get the next 3 billion Internet users connected, many have questioned whether it is truly altruistic or simply an attempt to place Facebook at the centre of the future Internet, establishing it as gatekeeper to downstream content and innovation. Meanwhile, the initiative detracts from other charitable efforts designed to provide true connectivity capacity in developing countries and, as domestic telcos are forced to shoulder the costs of the initiative, it is not clear what benefit Facebook provides to developing countries at all.

    Regardless of its motivation, Facebook's leaves much to be desired. Where it is active, individuals already think of Facebook as 'the Internet'. However, the Internet provided by Facebook is a highly curated environment, which only allows sites pre-approved by Facebook that operate on Facebook's terms. In this sense, it threatens the expressive and innovative force of the Internet, which has always relied on the capacity to innovate and express without permission. It is, indeed, this 'innovation without permission' model that allowed Facebook itself to supplant MySpace as the world's leading social networking site - Facebook's ability to reach its audience was not dependent on MySpace's (or anyone else's) permission. Additionally, all traffic passes through Facebook's servers, raising concerns it will in time feed into Facebook's broader profiling activities while acting as a one-stop hub for state censorship initiatives. simply comes with too many strings attached.

  • – 2015-05-14 –

    Cloudmark's recently issued 2015 Q1 Security Threat Report demonstrates the initial effectiveness of the recently enacted Canadian Anti-Spam & Spyware Law (CASL), SC 2010, c. 23, in reducing the amount of unwanted spam in email boxes in Canada and abroad. In the 8 months following the coming into force of the law, the report notes a 29% reduction in the average amount of spam received by Canadians each month. It notes an even more significant 37% reduction in spam sent from Canada to the United States. The larger reduction in US-bound spam is unsurprising, as Canada (who was one of the last countries in the developed world to finally adopt an anti-spam law) had become a spam haven, with 78% of all Canadian spam being US bound. By contrast, only about 50% of spam received by Canadians is from the United States, which has regulated spam to some degree for many years.

    With respect to Canadian-received spam, the report notes that only about 17% of unwanted spam email received by Canadians relates to fraudulent "bootleg pharmaceuticals, diet pills and adult services." This amount of spam was reduced by about 5% in the months since CASL came into force (29% overall reduction x 16% of all spam). The most marked reduction, however, was from 'grey area' marketers, which the report describes as "unscrupulous email marketers" who "grow[] their mailing lists by co-marketing or easy-to-miss opt out checkboxes." The 24% reduction in this brand of unwanted email spam (which the report terms as 'legitimate' because it is legal under U.S. spam laws) affirms that the broader approach to spam adopted by CASL is necessary to make any meaningful inroads in spam reduction. CASL adopted a definition of 'spam' that allows Canadians to decide for themselves what emails they do or do not want to receive, whereas the US anti-spam law relies on easy to abuse 'opt out checkboxes'. And Canadians have taken to the law in droves, with the CRTC receiving an unprecedented 47,000 plus complaints against unwanted emails in just the first month after CASL came into effect.

  • – 2015-05-05 –

    The CRTC released its long anticipated vision for the future of wholesale wireless today. The decision is noteworthy for its recognition of the market concentration inherent in Canada's mobile markets. Historically, mobile services were forborne, meaning that the Commission held back several of its most potent regulatory tools. The mobile industry is highly concentrated and susceptible to risk of coordinated activities. As CIPPIC (on behalf of OpenMedia) demonstrated in its submission to the proceeding, this has led to high prices, some of the lowest mobile adoption rates in the developed world and minimal service innovation. Even in their own advertisements, some incumbents are hard pressed to differentiate themselves from their competitors on price and quality! The Commission recognized this, and reapplied its full regulatory powers to mobile wireless.

    However, the CRTC adopted a disappointingly minimalist approach in doing so. It mandated cost-based roaming, a move that will improve the ability of existing new entrants into the mobile market such as WIND to compete more effectively. Historically, these new entrants were prevented from offering their customers compelling services because the moment a customer stepped outside the entrant's service area, they faced extreme roaming rates. The CRTC decision improves on this state of affairs, allowing new entrants to compete far more effectively as they take the time to build out their national networks. The CRTC did not, however, adopt other important measures such as mandating wholesale access in general and MVNO access in particular. Mandating wholesale access is necessary to facilitate a truly competitive landscape that is not bound by finite spectrum availability, and stimulates investment in radio access network equipment. Mandating MVNO access is necessary to facilitate market innovations such as international roaming and to expand highly underdeveloped Canadian niche markets such as pre-paid. While taking some important steps towards fixing Canada's mobile market, it is disappointing that the CRTC did not go further in spite of its recognition that the market is concentrated and in need of more competition.

  • – 2015-04-30 –

    CIPPIC, OpenMedia and Canadian Journalists for Free Expression have released a primer on Bill C-51, the government's latest initiative to expand its state security apparatus. As the primer explains the Bill, which has been opposed from broad segments of Canadian society, signals a dramatic new direction for Canadian security. Presented as anti-terror legislation, the Bill adopts an excessive approach that will harm online innovation, political discourse and our civil liberties. It will reverse Canada’s rich multicultural heritage and replace it with an atmosphere of fear, distrust and racial profiling – where neighbours are encouraged to turn on neighbours on the basis of ‘reasonable fears’. The Bill was drafted and defended in an atmosphere openly hostile to civil liberties, and this is reflected in every element of it. One element of the Bill even seeks to allow our spy agencies to violate the Charter of Rights and Freedoms – our most vital protection against egregious state intrusion into our lives. It signals a return to a time when our security agencies were empowered to carry out dirty tricks against our citizens – and did so with impunity.

    It fails to address long standing and well-documented problems with Canada’s already excessively broad security powers, the misuse of which has led to the torture, detention, flight restriction and privacy invasion of many innocent Canadians since they were introduced post 9/11. Innocent Canadians’ lives have been ruined. This Bill not only fails to remedy those flaws, it replicates and expands the underlying problems without adding any meaningful safeguards to ensure the expansive powers it grants will not be similarly abused. It is little wonder that few who have carefully examined the Bill can fully support it in its current form. In spite of this, the government is currently rushing the Bill through not just one house of parliament, but both.

  • – 2015-04-22 –

    CIPPIC and a number of other civil society groups and experts has put out an open letter to Industry Minister James Moore, highlighting a roadmap for how to fix a number of loopholes in Canada's Notice-Notice copyright regime. The Notice-Notice regime was enacted with the objective of creating a minimally intrusive mechanism for rights holders to contact alleged infringers. However, it is being exploited by some rights holders to send settlement demands that are unreasonable. Typical abusive notices include extravagant demands for damages well in excess of what would be available under Canada's Copyright Act, and might be sent without meaningful corroboration that the threatened recipient is actually the rights infringer. Some also include threats that the recipient will have her Internet access account terminated if they do not pay up. Third parties often flood ISPs with notices in a 'scattershot' approach not designed to facilitate an actual lawsuit based on proof of wrongdoing, but rather to encourage recipients to pay in order to make the matter go away - a highly questionable monetization technique. While rights infringers should not be able to hide behind ISPs in order to justify conduct, the current model is being abused to inappropriately threaten individuals who, often, have done nothing wrong at all.

  • – 2015-03-24 –

    Bill S-4, the Digital Privacy bill, introduces amendments to PIPEDA, Canada's federal commercial sector privacy law. The Bill, a result of PIPEDA's first five year review conducted in 2006, introduces some far overdue improvements to Canada's privacy protection toolset at a time when privacy has never faced greater challenges. These include the adoption of a breach notification regime which would obligate companies to notify customers (as well as the Privacy Commissioner) whenever a privacy breach can place affected individuals at risk of significant harm, and the adoption of more robust consent obligations. However, as CIPPIC pointed out in its testimony and response to follow-up questions, the framework adopted by Bill S-4 in addressing these issues is flawed. The data breach notification regime in particular will fail to instill incentives for better security safeguards as it only applies to breaches that pose a significant threat of harm to affected individuals. Yet the reality of security breaches is that it will often be highly uncertain whether data was even exposed, meaning many serious breaches will go unreported. Moreover, even trivial breaches that do not pose a specific risk to individuals are often indicative of a general laxity in technical safeguards. These too will remain unreported.

    Of greater concern, the Bill also includes a number of troubling exceptions that would expand the conditions under which organizations can hand over sensitive customer information to third parties. One exception would allow ISPs, online blogging discussion fora, social media sites and others to help companies trying to sue their customers by handing over sensitive customer information. It also allows for nigh unlimited information-sharing in the context of a cybersecurity breach. Such breaches often implicate immense amounts of sensitive data. The PIPEDA amendments fail to impose any obligations for companies dealing with a breach to minimize privacy impact when handing over these data troves. Additionally, our national security agencies are increasingly implicated in domestic security breaches, yet Bill S-4 does nothing to prevent them from repurposing the data troves they receive for security breaches into general security information and keeping it indefinitely. As such, there is serious concern that the emails, financial/banking information, health data, and other sensitive information that is commonly implicated in data breaches will simply be rolled in to these security agencies general profiling activities and ultimately used against the individuals who the data breach notification regimes is supposed to protect. Indeed, Bill C-51, currently being rushed through both houses of parliament at once, will make it even easier by removing barriers to 'all of government' information sharing for cybersecurity purposes.

  • – 2015-03-12 –

    CIPPIC is intervening an important Supreme Court case about copyright and technological neutrality. CBC v SODRAC concerns royalties payable by broadcasters for digital copies of music embedded in the production and broadcast of television programs. The Court’s decision could have implications for the way in which all Canadians access and pay for digital content, including music, movies and television programs, e-books, and many other online materials.  Professor Jeremy de Beer and CIPPIC Director David Fewer will appear in the case on behalf of CIPPIC. The hearing takes place on Monday, March 16, 2015, and will be webcast. Common Law students Jillian Brenner, Chelsey Colbert, Parineeta Chahal, Tracey Doyle, Laura Garcia, Grace Ko, Laura MacDonald, Samantha Peters, Sadegh Fattah, Laura Garcia and Mayuran Sivagurunathan have all assisted in preparations for the case.