Warrantless access to ISP user data
p2pnet news view Freedom | P2P:- Increasing use of ‘we will disclose’ language in ISP contracts, “tilts the balance of privacy away from individuals toward the police, without the ability of the Courts to impartially consider what is reasonable in the circumstances”.
So says Canadian privacy lawyer David T.S. Fraser (right) on his Canadian Privacy Law Blog, quoting justice Leslie Pringle in Bell. R. v. Cuttell.
The case isn’t yet on CanLii (with free access to online Canadian full-text court decisions), but Fraser has posted a copy online.
In it, justice Pringle stresses it appears that »»»
[...] Bell, Telus, Rogers and Shaw all have contracts requiring that their subscribers agree to disclosure of subscriber information in certain situations, suggesting that the continuing expectation of privacy may be unreasonable in light of some contracts. Therefore, it may be that in most cases, the issue of whether there is a reasonable expectation of privacy describer information will be resolved by the contract between the parties.
Unfortunately, this means that in cases where the contract decides the issue, any debate about obtaining subscriber information to access very personal information by law enforcement will have moved beyond the reach of the courts, at the least prior to any intrusion taking place.
It means that the police would be the ones to decide if there are grounds to believe that crime has been committed before making a request, and it will be left to ISPs could decide if they wish to comply with this request subscriber information,” Judge writes, adding:
In short, it means that the safeguard of an independent judicial arbiter will no longer be available to assess, in advance, whether the individual’s right to privacy should give way to the law-enforcement goals of the state.”
Explains Fraser »»»
The Court concluded there is a reasonable expectation of privacy in your account records, but this expectation can be destroyed by your ISP if their service agreement grants them wide latitude to hand over customer information. The judge accepts that a broadly-worded statement in Bell’s contract with the customer might supplant the reasonable expectation of privacy. (I would also question whether a form contract that the customer likey has not read would be enough to mean that subjectively there is no reasonable expectation of privacy.)
In this case, there was no proof brought by the police that the Bell contract applied to this customer so a Charter breach was found.
The Court importantly notes that PIPEDA does not give the police the right to seek information and rejects every crown argument that the police may have had “lawful authority” in the circumstances.
But, in the end, the records were admissible as the police acted in good faith.
Stay tuned.
(Cheers, RW)
Canadian Privacy Law Blog – New decision on warrantless access to ISP customer data, October 8, 2009
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
Related Articles
Del.Icio.Us this! | Digg this! | Reddit this! | Stumble this!
No comments yet