TranceAddict Forums (www.tranceaddict.com/forums)
- Canada - Toronto & Southern Ont.
-- Harper's new cyber-security plan

Harper's new cyber-security plan

Cyber-security plan must heed privacy concerns too
The Ottawa Citizen
Thursday, June 1, 2006
Page: F5
Section: Tech Weekly
Byline: Michael Geist
Column: Michael Geist
Source: The Ottawa Citizen


Since taking office in late January, Prime Minister Stephen Harper has sought to distance himself from the policies of the preceding Liberal governments. Perhaps no longer. Information posted recently on a government directory indicates that the Conservatives are preparing to launch a new cyber-security initiative that may originate from a Liberal plan which was first proposed in April 2004.

In the aftermath of the events of 9/11, all governments moved rapidly to assess their national security needs. The Canadian assessment led to a report entitled Securing an Open Society: Canada's National Security Policy. Touted as the first document of its kind, it featured a detailed plan for addressing future security threats.

The report specifically identified cyber-security as a critical infrastructure issue, noting that "the threat of cyber-attacks is real, and the consequences of such attacks can be severe." The report committed to substantially improving Canada's analysis of the vulnerability of Internet infrastructures as well as to strengthen its ability to defend its networks and to respond to cyber-attacks.

To achieve those goals, the report promised to establish a new national cyber-security task force, featuring both private and public sector participation, to be charged with the responsibility of reducing Canada's vulnerability to cyber-attacks. The Liberal government solicited potential participant interest in the cyber-security task force. To date, nothing has materialized.

It would appear that is about to change. Although the website of the Ministry of Public Security and Emergency Preparedness Canada (PSEPC) does not contain any information on a cyber-security task force, the Government Electronic Directory Service, an online directory of thousands of federal government employees, foreshadows its establishment.

GEDS was recently updated to include a Cyber Security Task Force Secretariat within PSEPC. The secretariat, which apparently will function as its own bureaucratic unit within the ministry, is already staffed with an assistant deputy minister and a senior policy analyst.

While the move to address shortcomings in Canada's cyber-security framework is welcome, the creation of this task force raises three important issues.

First, who will be on the task force? It is essential that the task force include representation from both privacy and civil liberties groups. Security is a critical value, yet it must be imbued with full respect for the privacy and civil liberty rights of all Canadians. Indeed, recent revelations of widespread telephone communications surveillance in the United States -- frequently with the active, secret participation of telecommunications companies -- has provided ample evidence of the danger of focusing on security without counterbalancing with a privacy and civil liberties perspective.

Second, what other legislation could be introduced in such an environment? With a cyber-security task force on the way, speculation will increase that the Conservative government is also preparing to bring back so-called "lawful access" legislation. Introduced last fall by the Liberal government, the Modernization of Investigative Techniques Act, despite its innocuous name, envisioned the implementation of a host of new legal powers associated with near-ubiquitous surveillance technologies.

The bill, which failed to advance past first reading, included provisions requiring Internet service providers to install new interception capabilities into their systems with capabilities of capturing data and identifying specific subscriber activities. Moreover, the legislation established new "production orders" that could be used to compel disclosure of tracking data such as cell phone usage as well as transmission data, including telecommunications and Internet usage information.

Most troubling was the lack of judicial oversight that accompanied the proposals. These are precisely the concerns that have surfaced in connection with the United States surveillance revelations. Law enforcement authorities, defined to include CSIS agents, police officers and Competition Bureau investigators, were granted the right to obtain ISP subscriber information simply by requesting it -- without a warrant.

If MITA does return to the legislative agenda, the Conservatives would do well to consider improving the bill by incorporating the judicial oversight missing from the earlier proposal.

Third, how will Canadians be protected against online fraud and other Internet-based criminal activity? The National Task Force on Spam (of which I was a member), expressed concerns about the ineffectiveness of Canadian law to counter spam, phishing, and spyware. It recommended that the government introduce new legislation to help prevent such activities, which have been closely linked with identity theft, massive consumer losses, as well as reduced confidence in e-commerce and Internet communications.

Given the growing reliance on Internet communications, the move to address cyber-security issues is long overdue. In tackling the issue, however, the government should ensure that privacy, civil liberties and consumer protection considerations are included in the discussions.

Michael Geist holds the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law.

E-mail: [email protected]


Sounds pretty invasive to me. I like the part where it says they can get information without a warrant. What the hell is that?

TOOT TOOT INTERNET POLICE COMING THROUGH GET ON THE TRAIN TOOT TOOT

Re: Harper's new cyber-security plan

Totally misleading thread title that doesn't reflect what the article says.

quote:

Originally posted by TO guy Second, what other legislation could be introduced in such an environment? With a cyber-security task force on the way, speculation will increase that the Conservative government is also preparing to bring back so-called "lawful access" legislation. Introduced last fall by the Liberal government, the Modernization of Investigative Techniques Act, despite its innocuous name, envisioned the implementation of a host of new legal powers associated with near-ubiquitous surveillance technologies.

quote:

The bill, which failed to advance past first reading, included provisions requiring Internet service providers to install new interception capabilities into their systems with capabilities of capturing data and identifying specific subscriber activities. Moreover, the legislation established new "production orders" that could be used to compel disclosure of tracking data such as cell phone usage as well as transmission data, including telecommunications and Internet usage information.

I was under the impression that systems performing these duties allready exist...

Hmmm...interesting i've covered all these issues in my internet and computer law course this past semester

The task force had some really great recommendations and findings and I would LOOOOVE to see them all being implemented (those that were recommended by the previous government that is). Currently Canada has no internet securty/spam/privacy laws.

Lawful access is AKA awful access - makes life hard for businesses mostly.

Re: Harper's new cyber-security plan

quote:

Originally posted by TO guy The report specifically identified cyber-security as a critical infrastructure issue, noting that "the threat of cyber-attacks is real, and the consequences of such attacks can be severe." The report committed to substantially improving Canada's analysis of the vulnerability of Internet infrastructures as well as to strengthen its ability to defend its networks and to respond to cyber-attacks.

It is debateable that the threat of "cyber attacks" are real, or if they are even exist at all.

I would like to know exactly what these "cyber attacks" are that they're referring to, and what they expect these "severe consequences" to be.

This sounds like a scapegoat to invade our privacy to me.

Re: Re: Harper's new cyber-security plan

quote:

Originally posted by The Highroller It is debateable that the threat of "cyber attacks" are real, or if they are even exist at all. I would like to know exactly what these "cyber attacks" are that they're referring to, and what they expect these "severe consequences" to be. This sounds like a scapegoat to invade our privacy to me.

Cyber crime is very real.

The fact that the committee would be made up of government and private members is a good idea.
If it was an all government inititive I'd be a little more worried.

Re: Re: Re: Harper's new cyber-security plan

quote:

Originally posted by Fir3start3r Cyber crime is very real. The fact that the committee would be made up of government and private members is a good idea. If it was an all government inititive I'd be a little more worried.

I agree that the threat of cyber crime is very real. The threat of a cyber attack on infrastructure, however, is not.

I think the events of last night in TO (arrests of individuals related to terror operations) are some of the major drivers for the "lawful access" idea...and with good reason. It'll be a huge headache for businesses and ISPs to implement but there's certainly a benefit of knowing.

Powered by: vBulletin
Copyright © 2000-2021, Jelsoft Enterprises Ltd.