Feed aggregator

Why should we care about characters?

I appear in the latest edition of the Writing Excuses podcast (MP3), recorded live at Westercon in Salt Lake City last summer, with Mary Robinette Kowal, Brandon Sanderson, Dan Wells and Howard Tayler, talking about why we care about characters.

The Price of Admission to the TPP Talks Revealed: U.S. Demanded Canada Pass Anti-Counterfeiting Legislation

Michael Geist Law RSS Feed - Fri, 2014/11/28 - 10:51

In the years leading up to Canada’s entry into the Trans Pacific Partnership negotiations, there was considerable speculation about demands imposed by the U.S. For example, I wrote in 2012 about two reported demands: that Canada was stuck with any chapters concluded before entry and that it would not have any veto authority. This meant that if all other countries agreed on a particular provision, Canada would be required to accept it.

Yesterday, Industry Minister James Moore provided the first official confirmation of at least one other condition of admission to the talks: anti-counterfeiting legislation. Bill C-8, the anti-counterfeiting bill that focuses on providing new border measures provisions such as enhanced search and seizure powers for customs agents without court oversight, is really a bill about satisfying U.S. demands for TPP entry. According to Moore:

“This legislation contributes to a more effective relationship between Canada and the United States on raising Canada to the international standard and meeting the standard that the American government frankly asked the government of Canada to meet in order for us to move forward with our participation in the Trans Pacific Partnership negotiations so we think we’ve checked all the necessary boxes.”

While Moore rightly confirmed that Canada will not add in-transit seizures to the bill (as the U.S. is now seeking and will try to get included in the TPP), the admission that the bill checks the necessary U.S. boxes raises the question of who is driving Canadian intellectual property policy. The last copyright reform bill included restrictive digital lock rules at the insistence of the U.S. (and over the objection of the overwhelming majority of Canadians that participated in a government consultation on copyright reform) and now the anti-counterfeiting bill is acknowledged as part of the U.S. price of admission for Canada to enter the TPP talks.

The post The Price of Admission to the TPP Talks Revealed: U.S. Demanded Canada Pass Anti-Counterfeiting Legislation appeared first on Michael Geist.

CASL 2.0: The Computer Program Provisions (Part 1)

IPBlog (Calgary) - Thu, 2014/11/27 - 14:00
- By Richard Stobbe It's mid-October. Like many businesses in Canada, you may be weary of hearing about CASL compliance. Hopefully that weariness is due to all the hard work you did 3 months ago to bring your organization into compliance for the July 1st start-date. If you're a software vendor, then you ...

Drafting IT Agreements: Oct. 14-15

IPBlog (Calgary) - Wed, 2014/11/26 - 14:00
- By Richard Stobbe I will be speaking next week at the 10th Essentials of Commercial Contracts Course in Calgary, Alberta (Download PDF) on the subject of IT contracting. This session will discuss key considerations in IT licensing and service agreements including: Key clauses in IT agreements and common mistakes Various models for licensing software Overlap ...

Carol Todd on Bill C-13: “What Happened to Democracy?”

Michael Geist Law RSS Feed - Wed, 2014/11/26 - 10:00

The Senate Committee on Justice and Human Rights continues its study later today on Bill C-13, the cyber-bullying/lawful access bill that has already passed the House of Commons and seems certain to clear the Senate shortly. I appeared before the committee last week, but one person who will not appear is Carol Todd, the mother of cyber-bullying victim Amanda Todd. Ms. Todd wrote to me yesterday to express her dismay at the committee process with Conservative Senators mischaracterizing her views and the committee declining to offer her an invitation to appear, likely due to her criticisms of the privacy-related provisions in the bill.

Ms. Todd did appear before the House of Commons committee studying Bill C-13, telling Members of Parliament:

“While I applaud the efforts of all of you in crafting the extortion, revenge, porn, and cyberbullying sections of Bill C-13, I am concerned about some of the other unrelated provisions that have been added to the bill in the name of Amanda, Rehtaeh, and all of the children lost to cyberbullying attacks.

I don’t want to see our children victimized again by losing privacy rights. I am troubled by some of these provisions condoning the sharing of the privacy information of Canadians without proper legal process. We are Canadians with strong civil rights and values. A warrant should be required before any Canadian’s personal information is turned over to anyone, including government authorities. We should also be holding our telecommunication companies and Internet providers responsible for mishandling our private and personal information. We should not have to choose between our privacy and our safety.

We should not have to sacrifice our children’s privacy rights to make them safe from cyberbullying, sextortion and revenge pornography.”

The comments generated considerable media attention as it pointed to the divide even among cyberbullying victims about legislation that the lumps together provisions designed to address cyberbullying with lawful access rules with serious implications for the privacy of Canadians.

Since her testimony, the government has tried to downplay her concerns. Justice Minister Peter MacKay told the committee that he met with Ms. Todd and that “she came away with a much better sense of comfort and confidence in what the government was attempting to do.” When I raised Ms. Todd’s views during my Senate appearance, Senator Denise Batters responded that she had since “clarified her views on the bill.”

Yet the reality is that Ms. Todd is more troubled than ever with the government’s approach. In October, she wrote to me hours after the bill passed the House of Commons:

“I was stunned at how the government is going to push it forward considering the discussion and what was said at the hearings last spring.” 

As the Senate hearings continue, she has now expressed surprise and disappointment that she has been excluded from the process, noting that the government does not want her voice to be included and asking “what happened to democracy?”

What happened is that the government no longer wants to hear from one of the country’s most prominent voices on cyberbullying given her concerns that “we should not have to choose between our privacy and our safety.”

The post Carol Todd on Bill C-13: “What Happened to Democracy?” appeared first on Michael Geist.

Why Uber Has a Canadian Privacy Problem

Michael Geist Law RSS Feed - Mon, 2014/11/24 - 10:37

The mounting battle between Uber, the popular app-based car service, and the incumbent taxi industry has featured court dates in Toronto, undercover sting operations in Ottawa, and a marketing campaign designed to stoke fear among potential Uber customers. As Uber enters a growing number of Canadian cities, the ensuing regulatory fight is typically pitched as a contest between a popular, disruptive online service and a staid taxi industry intent on keeping new competitors out of the market.

My weekly technology law column (Toronto Star version, homepage version) notes that if the issue was only a question of choosing between a longstanding regulated industry and a disruptive technology, the outcome would not be in doubt. The popularity of a convenient, well-priced alternative, when contrasted with frustration over a regulated market that artificially limits competition to maintain pricing, is unsurprisingly going to generate enormous public support and will not be regulated out of existence.

While the Uber regulatory battles have focused on whether it constitutes a taxi service subject to local rules, last week a new concern attracted attention: privacy. Regardless of whether it is a taxi service or a technological intermediary, it is clear that Uber collects an enormous amount of sensitive, geo-locational information about its users.  In addition to payment data, the company accumulates a record of where its customers travel, how long they stay at their destinations, and even where they are located in real-time when using the Uber service.

Reports indicate that the company has coined the term “God View” for its ability to track user movements. The God View enables it to simultaneously view all Uber cars and all customers waiting for a ride in an entire city. When those mesh – the Uber customer enters an Uber car – they company can track movements along city streets.  Uber says that use of the information is strictly limited, yet it would appear that company executives have accessed the data to develop portfolios on some of its users.

In fact, Uber blogged in 2012 about “Rides of Glory”, which it characterized as “anyone who took a ride between 10pm and 4am on a Friday or Saturday night, and then took a second ride from within 1/10th of a mile of the previous nights’ drop-off point 4-6 hours later.” The blog posting identified which cities had the largest number of such rides.

Canadian Uber users can be forgiven for wondering whether the company takes their privacy rights seriously since it does not even have a Canada-specific privacy policy. The Uber website features three privacy policies: one for the United States, one for South Korea, and a global catch-all policy for users in 48 other countries. That approach effectively lumps Canadians into a privacy policy shared by users everywhere from Beirut to Beijing to Bogota.

The policy identifies certain privacy rights (and seeks to bring global users under a European Union privacy umbrella), but does nothing to ensure that it is fully compliant with Canadian privacy law standards. Interestingly, the company does have a Canada-specific user agreement, so the company’s legal rights are designed to comply with Canadian law.

Geo-location privacy is frequently invoked within the context of online marketing, with some concerned about the prospect of being “followed” as they walk down a city street, receiving coupons or real-time offers from nearby stores. Yet the Uber situation provides an important reminder that geo-locational privacy issues extend far beyond just marketing as they allow for tracking and inferences about user behaviour that is not otherwise publicly available.

Providing locational information is a trade-off that many are prepared to make, particularly if backed by privacy rules that safeguard misuse and provide some measure of oversight. In the case of Uber, the failure to develop Canada-specific protections raises serious questions about whether the company sees itself as outside the scope of more than just local taxi regulations.

The post Why Uber Has a Canadian Privacy Problem appeared first on Michael Geist.

Why Uber Has a Canadian Privacy Problem

Michael Geist Law RSS Feed - Mon, 2014/11/24 - 10:35

Appeared in the Toronto Star on November 22, 2014 as Why Uber has a Canadian Privacy Problem

The mounting battle between Uber, the popular app-based car service, and the incumbent taxi industry has featured court dates in Toronto, undercover sting operations in Ottawa, and a marketing campaign designed to stoke fear among potential Uber customers. As Uber enters a growing number of Canadian cities, the ensuing regulatory fight is typically pitched as a contest between a popular, disruptive online service and a staid taxi industry intent on keeping new competitors out of the market.

If the issue was only a question of choosing between a longstanding regulated industry and a disruptive technology, the outcome would not be in doubt. The popularity of a convenient, well-priced alternative, when contrasted with frustration over a regulated market that artificially limits competition to maintain pricing, is unsurprisingly going to generate enormous public support and will not be regulated out of existence.

While the Uber regulatory battles have focused on whether it constitutes a taxi service subject to local rules, last week a new concern attracted attention: privacy. Regardless of whether it is a taxi service or a technological intermediary, it is clear that Uber collects an enormous amount of sensitive, geo-locational information about its users.  In addition to payment data, the company accumulates a record of where its customers travel, how long they stay at their destinations, and even where they are located in real-time when using the Uber service.

Reports indicate that the company has coined the term “God View” for its ability to track user movements. The God View enables it to simultaneously view all Uber cars and all customers waiting for a ride in an entire city. When those mesh – the Uber customer enters an Uber car – they company can track movements along city streets.  Uber says that use of the information is strictly limited, yet it would appear that company executives have accessed the data to develop portfolios on some of its users.

In fact, Uber blogged in 2012 about “Rides of Glory”, which it characterized as “anyone who took a ride between 10pm and 4am on a Friday or Saturday night, and then took a second ride from within 1/10th of a mile of the previous nights’ drop-off point 4-6 hours later.” The blog posting identified which cities had the largest number of such rides.

Canadian Uber users can be forgiven for wondering whether the company takes their privacy rights seriously since it does not even have a Canada-specific privacy policy. The Uber website features three privacy policies: one for the United States, one for South Korea, and a global catch-all policy for users in 48 other countries. That approach effectively lumps Canadians into a privacy policy shared by users everywhere from Beirut to Beijing to Bogota.

The policy identifies certain privacy rights (and seeks to bring global users under a European Union privacy umbrella), but does nothing to ensure that it is fully compliant with Canadian privacy law standards. Interestingly, the company does have a Canada-specific user agreement, so the company’s legal rights are designed to comply with Canadian law.

Geo-location privacy is frequently invoked within the context of online marketing, with some concerned about the prospect of being “followed” as they walk down a city street, receiving coupons or real-time offers from nearby stores. Yet the Uber situation provides an important reminder that geo-locational privacy issues extend far beyond just marketing as they allow for tracking and inferences about user behaviour that is not otherwise publicly available.

Providing locational information is a trade-off that many are prepared to make, particularly if backed by privacy rules that safeguard misuse and provide some measure of oversight. In the case of Uber, the failure to develop Canada-specific protections raises serious questions about whether the company sees itself as outside the scope of more than just local taxi regulations.

Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can be reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.

The post Why Uber Has a Canadian Privacy Problem appeared first on Michael Geist.

How do we decide how much to reveal? (Hint: Our privacy behavior might be socially constructed.)

Freedom to Tinker - Mon, 2014/11/24 - 09:00
[Let's welcome Aylin Caliskan-Islam, a graduate student at Drexel. In this post she discusses new work that applies machine learning and natural-language processing to questions of privacy and social behavior. — Arvind Narayanan.] How do we decide how much to share online given that information can spread to millions in large social networks? Is it always our […]

The Spencer Effect: No More Warrantless Access to Subscriber Info With Five Minutes of Police Work

Michael Geist Law RSS Feed - Fri, 2014/11/21 - 10:48

The Canadian Press reports that the RCMP has abandoned some Internet-related investigations because it is unable to obtain warrantless access to subscriber information. The article is based on an internal memo expressing concern with the additional work needed to apply for a warrant in order to obtain access to subscriber information. The changes have arisen due to the Supreme Court of Canada’s Spencer decision, which held that there is a reasonable expectation of privacy in subscriber information. As a result, it is believed that most telecom and Internet providers have rightly stopped voluntary disclosures without a warrant (some have still not publicly stated their disclosure practices).

The article notes how easily subscriber information was disclosed prior to Spencer:

Prior to the court decision, the RCMP and border agency estimate, it took about five minutes to complete the less than one page of documentation needed to ask for subscriber information, and the company usually turned it over immediately or within one day. The agencies say that following the Supreme Court ruling about 10 hours are needed to complete the 10-to-20 pages of documentation for a request, and an answer can take up to 30 days.

The troubling aspect of the story is not that some investigations are being curtailed because law enforcement is now following due process and that telecom providers are requiring a warrant before disclosing subscriber information. It is that for millions of requests prior to Spencer, it took nothing more than five minutes to fill out a form with the information voluntarily released without court oversight and without notifying the affected subscriber.

Moreover, the change in practice points to how the government’s claims that Spencer does not change anything with respect to Bills C-13 and S-4 is simply not credible. Those bills rely heavily on expanding voluntary disclosure at the very time that the approach has been discredited by the courts and abandoned by the telecom and Internet providers.

If the government were serious about providing law enforcement with effective investigative tools, it would drop the emphasis on warrantless voluntary disclosure and rethink its approach to new Internet warrants. As the Privacy Commissioner of Canada argued yesterday at a Senate committee, the threshold for a metadata warrant should be raised consistent with the privacy importance of the information. Meanwhile, the government could explore a new basic subscriber information warrant that would ensure court oversight but allow for access on an expedited basis. By maintaining that Spencer has no effect on its legislative proposals, it leaves everyone unhappy: police do not get the information they need (with appropriate oversight), the public is concerned with the privacy implications of lawful access, and the government’s hand-picked Privacy Commissioner criticizes it for failing to strike the right balance.

The post The Spencer Effect: No More Warrantless Access to Subscriber Info With Five Minutes of Police Work appeared first on Michael Geist.

Little Brother middle school English curriculum materials


James Scot Brodie is a teacher at Presidio Middle School in San Francisco, where Jen Wang and I spoke last month on our tour for In Real Life; prior to my arriving, he assigned my book Little Brother to his students, and produced some curricular materials that he's generously given to me to publish.

Little Brother Portfolio | Little Brother Acronym Challenge | Little Brother Biography project

He writes,

I was thrilled when the librarian announced that Cory Doctorow was going to make an appearance at our school. As an English teacher, aspiring writer, and complete nerd -- I find author visits a nice perk to the job. The students too, like to get out of the classroom whenever they can and author visits are a rare treat. I’ve been teaching for about five years and I’ve met two authors. It then dawned on me that we seldom read the books of the authors that come to visit our school. Mainly because our closets are filled with tons of dead people. Maybe five percent of our class sets are from the living, although Mr. Gomez somehow scored 40 copies of The Fault In Our Stars (he must know someone).

Nevertheless, it was early September and Doctorow was set to visit on October 16. I was determined to have my students read the book, but we only had ten copies from a box on loan from the public library. Now, Doctorow is super generous with his stuff and offers a lot of material to educators and students for free via his website, so I figured I would tap into this and download the book. At the same time I didn’t want to print up 102 copies for my 3 English classes. That would take forever, cost a lot, and kill too many trees. So, long story short, this is what I did: I purchased the audio book, and two copies of the text. I read the book, making “marginal” and underlining vocabulary words, slowly sculpting it into a “teacher’s edition.” I also came up with questions for each chapter. Most the questions are simple guided questions (who, what, when, where and why), but I also made sure that each chapter has a question where the students can relate the reading to their own lives -- these inquiries were also great springboards for interesting classroom discussions. I printed up these sheets and students completed them as we listened to the audio book. This is where the second book comes into play – I used the unmarked version of the text to display on the white board at the front of the class via my ELMO projector for all the class to see. I was surprised at how huge I could get the book -- it was roughly four feet by six feet and I didn’t know this but the little orange button on the left is for focusing (a student pointed this out to me). I’ll have to say it was one of the most positive reading experiences I’ve ever had with a class. It may be psychological but the minute I projected the book on the board and hit the play button on the audio book -- students were enthralled as if watching a movie. Of course it may also have something to do with Mr. Doctorow’s book -- there is a lot in there that the modern day teenager can relate to.

The entire unit took about six weeks. Students gathered all their vocabulary/question sheets into a portfolio. I purchased card stock and brass fasteners for students to make covers for these portfolios (which they decorated themselves) and this turned out to be a great boon for students that couldn’t afford to purchase their own copies of the book, because when the big day came -- Doctorow autographed copies for his admirers. And this is how the lesson plan ended up here, Cory signed a few, thought they were cool and offered to post them. There are a couple of other activities that I’ve thrown in, but the above is the real meat and potatoes. Use them as you like, put your own personal spin on them and hopefully it will save you some time.

James Scot Brodie
English Teacher
SFUSD

Wide-ranging conversation with Portland’s KBOO about Information Doesn’t Want to Be Free


Last month, I sat down for a long conversation (MP3) with Ken Jones for the Between the Covers at Portland, Oregon's KBOO community radio station, talking about my book Information Doesn't Want to be Free. They've posted the audio so people from outside of Portland can hear it too!

Tackling Teen Substance Abuse: New Online Tools for Families Seeking Answers

Google Public Policy BLOG - Thu, 2014/11/20 - 17:12
Earlier this year, we began working with the Partnership for Drug-Free Kids to help people find helpful information about substance abuse online.  This is a guest post from their President and CEO, Steve Pasierb, describing our efforts together and the organization’s ongoing work to keep teens safe. -Ed

The Partnership for Drug-Free Kids is dedicated to reducing teen substance abuse and helping families impacted by addiction. We are the only family-focused nonprofit that provides resources and direct support to help families prevent and cope with teen drug and alcohol abuse.

The modern path to substance abuse looks very different than it did when today's parents were teens themselves. As we all know, people are spending more of their time online, across a variety of connected devices.  As a result, it’s increasingly important for our information to be accessible anytime, on the web and in mobile apps.

Thanks to a recent donation from Google, we’ve created innovative new content and tools that will help countless families find answers in the midst of a crisis, or before one ever happens.

Since beginning our work together in April, Google has funded search advertising campaigns, helped develop a mobile app with substance abuse-related information, improved our website, and plans to revamp our YouTube channel.  All of this is complemented by their ongoing efforts to fight rogue online pharmacies — Google has removed more than 7 million ads for these outfits this year alone. This work makes it harder for people to buy controlled substances online without a valid prescription, thereby reducing illicit access to these medications and reducing abuse.  
Search advertising campaigns funded by Google

Users will be able to find information about substance-abuse including: images, common slang terms, short- and long-term effects of each drug, and how to get help in our upcoming mobile app
Our national action campaign, the Medicine Abuse Project, is rallying parents, educators, health care providers, communities, and law enforcement to collectively help prevent half a million teens from abusing prescription drugs and over-the-counter cough medicine.  Thanks to invaluable partners like Google, we are able to expand our reach, sharpen our tools and help parents navigate the teen years with help at their fingertips.
Posted by Steve Pasierb, President and CEO, Partnership for Drug-Free Kids

SFLC Seeks Legal Interns for Summer 2015

SFLC News Releases - Thu, 2014/11/20 - 14:14
SFLC Seeks Legal Interns for Summer 2015

Choosing Between Privacy and Cyberbullying: My Appearance on Bill C-13 Before the Senate Legal and Constitutional Affairs Committee

Michael Geist Law RSS Feed - Thu, 2014/11/20 - 11:08

Yesterday I appeared before the Senate Committee on Legal and Constitutional Affairs, which is studying Bill C-13, the lawful access/cyberbullying bill. The full transcript of the spirited discussion is not yet available (webcast here), but my opening statement is posted below.

Appearance before the Senate Standing Committee on Legal and Constitutional Affairs, November 19, 2014

Good afternoon. My name is Michael Geist.  I am a law professor at the University of Ottawa, where I hold the Canada Research Chair in Internet and E-commerce Law. I appear today in a personal capacity representing only my own views.

Given the limited time,  I’m going to confine my remarks to three privacy-related issues: immunity for voluntary disclosure, the low threshold for transmission data warrants, and the absence of reporting and disclosure requirements.

First let me emphasize that criticism of lawful access legislation does not mean opposition to ensuring our law enforcement agencies have the tools they need to address crime in the online environment. As Carol Todd, Amanda’s mother, told the House of Commons committee studying C-13, “we should not have to choose between our privacy and our safety.”  Similarly, Sue O’Sullivan, the federal ombuds for victims, told the committee that victims were divided on Bill C-13 due to the privacy concerns.

Immunity for Voluntary Disclosure

First, the creation of an immunity provision for voluntary disclosure of personal information. I believe that this immunity provision must be viewed within the context of five facts:

1.    The Supreme Court of Canada’s Spencer decision confirms that there is a reasonable expectation of privacy in subscriber information and clearly indicates that absent exigent circumstances, disclosures should involve a warrant.
2.    Pre-Spencer, intermediaries disclosed personal information on a voluntary basis without a warrant with shocking frequency. The recent revelation of 1.2 million requests to telecom companies for customer information in 2011 affecting 750,000 user accounts provides a hint of the privacy impact of voluntary disclosures.
3.    Disclosures have involved more than just basic subscriber information.  Indeed, the House of Commons committee studying this bill heard directly from law enforcement, where the RCMP noted that “currently specific types of data such as transmission or tracking data may be obtained through voluntary disclosure by a third party.”
4.    Intermediaries do not notify users about their disclosures, keeping hundreds of thousands of Canadians in the dark. Contrary to some discussion on Bill C-13 this committee heard, there is no notification requirement within the bill nor any auditing mechanism.
5.    This voluntary disclosure provision should also be viewed in concert with the lack of meaningful changes in Bill S-4, that would collectively expand warrantless voluntary disclosure to any organization.

Given this background, I would argue that the provision is a mistake and should be removed. The provision unquestionably increases the likelihood of voluntary disclosures at the very time that Canadians and the courts are increasingly concerned with such activity.  Moreover, it does so with no reporting requirements, oversight, or transparency.

Low Threshold for Transmission Data Warrants

Second, Bill C-13 contains a troubling, lower “reason to suspect” threshold for transmission data warrants. The kind of information sought by transmission data warrants is more commonly referred to as metadata. While some have tried to argue that metadata is non-sensitive information, that is simply not the case.

There has been some confusion regarding how much metadata is included as ‘transmission data’. This is far more than who phoned who for how long. It includes highly sensitive information relating to computer-to-computer links. This form of metadata may not contain the content of the message, but its privacy import is very significant. Late last year, the Supreme Court of Canada ruled in R. v. Vu on the privacy importance of computer generated metadata, noting:

In the context of a criminal investigation, however, it can also enable investigators to access intimate details about a user’s interests, habits, and identity, drawing on a record that the user created unwittingly

Security officials have also commented on the importance of metadata. General Michael Hayden, former director of the NSA and the CIA has stated “we kill people based on metadata.” Stewart Baker, former NSA General Counsel, has said “metadata absolutely tells you everything about somebody’s life. If you have enough metadata, you don’t really need content.”

There are numerous studies that confirm Hayden and Baker’s comments.  For example, some studies point to calls to religious organizations that allow for inferences of a person’s religion.  Calls to medical organizations can often allow for inferences on medical conditions. In fact, a recent U.S. court brief signed by some of the world’s leading computer experts notes:

Telephony metadata reveals private and sensitive information about people. It can reveal political affiliation, religious practices, and people’s most intimate associations. It reveals who calls a suicide prevention hotline and who calls their elected official; who calls the local Tea Party office and who calls Planned Parenthood. The aggregation of telephony metadata – about a single person over time, about groups of people, or with other datasets – only intensifies the sensitivity of the information

Further, the Privacy Commissioner of Canada has released a study on the privacy implications of IP addresses, noting how they can be used to develop a highly personal look at an individual.

Indeed, even the Justice ministers report that seems to serve as the policy basis for Bill C-13 recommends the creation of new investigative tools in which “the level of safeguards increases with the level of privacy interest involved.”

Given the level of privacy interest with metadata, the approach in Bill C-13 for transmission data warrants should be amended by adopting the reasonable grounds to believe standard.

Transparency and Reporting

Third, the lack of transparency, disclosure, and reporting requirements associated with warrantless disclosures must be addressed. The stunning revelations about requests and disclosures of personal information – the majority without court oversight or warrant – points to an enormously troubling weakness in Canada’s privacy laws.  Most Canadians have no awareness of these disclosures and have been shocked to learn how frequently they are used and that bills before Parliament propose to expand their scope.  In my view, this makes victims of us all – disclosure of our personal information often without our awareness or explicit consent.

I’ll stop there and welcome your questions.

The post Choosing Between Privacy and Cyberbullying: My Appearance on Bill C-13 Before the Senate Legal and Constitutional Affairs Committee appeared first on Michael Geist.

Washington Post publishes Q&A with Eben Moglen

SFLC News Releases - Wed, 2014/11/19 - 15:06
Washington Post publishes Q&A with Eben Moglen

The Importance of Online Anonymity

Michael Geist Law RSS Feed - Tue, 2014/11/18 - 11:15

Appeared in the Toronto Star on November 15, 2014 as The Importance of Online Anonymity

If you could change or enact one Internet law, what would it be?  For some Canadians, it might be new rules to promote greater competition among Internet providers or increased copyright flexibilities matching the U.S. fair use provision.  For others, it would mean toughening online privacy protection or examining whether Canadian net neutrality rules are sufficient.

When Scott Naylor, a detective inspector with the Ontario Provincial Police was asked the question during a Senate hearing earlier this month on the government’s lawful access legislation, he responded that he would eliminate anonymity on the Internet. Naylor likened Internet access to obtaining a driver’s licence or a marriage licence, noting that we provide identification for many different activities, yet there is no requirement to identify yourself (or be identified) when using the Internet.

While acknowledging that a universal identification system is impractical, he said would ideally like a mandatory digital fingerprint for Internet users that would identify them sitting behind the computer. Naylor’s comments were quickly greeted with support from Conservative Senator Tom McInnis, who lamented the use of assumed names and agreed that identifying the identity of online users would be a good thing.

Law enforcement support for the elimination or erosion of online anonymity is particularly ironic since the Supreme Court of Canada just emphasized its importance in a landmark ruling on Internet privacy. The Spencer decision is best known for affirming that Internet users have a reasonable expectation of privacy in their subscriber information.

The implications of that ruling are that law enforcement officials now have little choice but to obtain a court order to obtain subscriber information from Internet providers. Moreover, Internet providers who were previously willing to voluntarily disclose basic subscriber information without court oversight have abandoned the practice.

While the decision altered the landscape of Internet privacy, it is important to recognize that the court pointed to online anonymity as particularly important in the context of Internet use. In fact, it identifies precisely the kinds of cases of importance to law enforcement as the reason to preserve online anonymity.

For example, it notes that there may be situations where police want the list of names that correspond to identification numbers on a survey. In such situations, “the privacy interest at stake…is not simply the individual’s name, but the link between the identified individual and the personal information provided anonymously.”

Anonymity can create a challenge for law enforcement (though one that is frequently surmountable through digital detective work), but it also plays an important positive role for the police. Anonymous tip lines or information from anonymous individuals are frequently an important source of information for investigators. Eliminating anonymity would run the risk of hampering age-old investigative techniques.

The importance of online anonymity extends far beyond law enforcement, however. Corporate whistleblowers, women in abusive relationships, visible minorities, and a myriad of other people are emboldened by anonymity to speak out in a manner that would otherwise be unavailable if they were forced to identify themselves.

The Supreme Court’s recognition of anonymity as a particularly important component of Internet privacy will not come as a surprise to millions of Internet users to rely upon it to varying degrees to exercise free speech rights and to preserve their privacy. What is surprising – or at least discouraging – is that the OPP and a Canadian Senator would seemingly jump at the chance to bring it to an end.

Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. He can be reached at mgeist@uottawa.ca or online at www.michaelgeist.ca.

The post The Importance of Online Anonymity appeared first on Michael Geist.

Let’s Encrypt: Bringing HTTPS to Every Web Site

Freedom to Tinker - Tue, 2014/11/18 - 11:00
HTTPS, the cryptographic protocol used to secure web traffic as it travels across the Internet, has been in the news a lot recently. We’ve heard about security problems like Goto Fail, Heartbleed, and POODLE — vulnerabilities in the protocol itself or in specific implementations — that resulted in major security headaches. Yet the single biggest […]

Information Doesn’t Want to Be Free interview with Baltimore morning radio

I'm heading to Ann Arbor, DC and Baltimore this week for a series of talks -- I did a a quick interview with Baltimore's WYPR (MP3) that came out very well!

Huxleyed into the Full Orwell


​Huxleyed Into the Full Orwell is a new short story I wrote for Vice Magazine's just-launched science fiction section Terraform, which also has new stories up by Claire Evans, Bruce Sterling, and Adam Rothstein.

"Huxleyed" is a story about the way that entertainment companies' war on general purpose computing could lead into a horrible mashup of the surveillance tyranny of Orwell and the entertainment tyranny of Huxley.


The First Amendment Area was a good 800 yards from the courthouse, an imposing cage of chicken-wire and dangling zip-cuffs. The people inside the First Amendment area were weird. I mean, I include myself in that group. After all, I vacuformed my own Guy Fawkes mask mold. That is not the action of a sane woman. Shandra was weirder, though. She'd thought up the whole demonstration, socialed the everfuck out of the news, rallied a couple hundred weirdos to join her in the chicken-farm, shouting impotently at the courthouse, ringed by cops scarily into their Afghanistan-surplus riot-gear.

"Shandra, how is this supposed to work again?"

"Like this," she said, and powered up her—weird—device. It started life as a compact projector, the kind of thing you use for screening dull-ass presentations in school auditoriums. But then she'd added a hydrogen-cell that she wore in a backpack, and a homebrew steadicam rig that she strapped to her front, making her look like the world's most overburdened suicide bomber. I could tell that she was already freaking out the cops on the other side of the chicken wire, and they snapped into palpable alert when a beam of light emerged from the projector. I could only imagine how many tasers, sniper-rifles and gas-grenades were trained on her at that moment. But she didn't give any sign that she noticed or cared.

​Huxleyed Into the Full Orwell


(Image: Koren Shadmi)

Eben Moglen replies to GCHQ op-ed attack on privacy

SFLC News Releases - Thu, 2014/11/13 - 17:03
Eben Moglen replies to GCHQ op-ed attack on privacy
Syndicate content