Slashdot Mirror
Canadian ISPs Could Take On Big Brother Role
QGambit writes: "C|Net is reporting that the Canadian Government is considering a proposal that would force ISPs to keep logs of web browsing for up to 6 months, allow police to get search warrants allowing them to find 'hidden electronic and digital devices' and ban the possession of computer viruses.
Canada and the U.S. have both endorsed this proposal, contained in a cybercrime treaty of the Council of Europe. Both countries are non-voting members of the Council.
George Radwanski, Canada's privacy commissioner has not yet commented on the proposal."
I'm pretty sure the majority of people who are "in possession" of computer virii would rather not be, if only windows would stop executing them.
In all seriousness, though, how can you ban the possession of something that can be pretty much invisibly placed in your property?
Uhm... that's pretty stupid. It's like banning medical doctors from studying real viruses and bacteria.
If you don't know how your enemies weapons work, how can you possibly defend against them?
I, for one, hope that they *Do* institute this restriction... and then squirm and cry as they realize that they've closed themselves off to a huge section of tech development.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
It could be a good idea for tracking down all those little script kiddies and real hackers that are out there to do harm, intentional or unintentional. But I know most of us don't want the RCMP being able to look and see what we have been doing on the web, especially if it relates to porn. Cause that is the only thing that is embarrassing. If they had a filter, of some magical sort, that would filter out all the porn transfers and keep everything else in the log, most of us would be ok with them keeping records of our internet use. Porn consumption is something everyone does and doesn't want anyone else to find out about. I know I have nothing else to hide but porn.
Also: Who decides if it is a virus? Would that include trojan horses? Computer virii are kind of like guns. I may personally hate both (especially guns), but how can you make one illegal without doing the same to other?
If the discussion draft were to become law, it would outlaw the possession of computer viruses, authorize police to order Internet providers to retain logs of all Web browsing for up to six months, and permit police to obtain a search warrant allowing them to find "hidden electronic and digital devices" that a suspect might be concealing.
Oh no! My BE-300 might become illgeal (and not for the valid reason of Casio shipping it with Windows CE 3.0.)
Seriously though, I doubt that any action will come of this in Canadian government. Speaking as a Canadian, hardly anything gets done nationally - if anything, the provincial government takes on a liberal or extremist form and enforces/creates what they want to.
Arguing that more and more communications take place in electronic form, Canadian officials say such laws are necessary to fight terrorism and combat even run-of-the-mill crimes.
I can say that monitoring gas stations for criminals is necessary, as the majority of criminals use cars. Besides, other things are necessary to fight terrorism and crimes, including proper funding for education and other non-invasive things.
The article does point out some truth; Canadian use of wireless and mobile electronics is significant and any database or cyberpolice created would kill anonimity. However, I feel that the average user (here, at least) is aware of the fragility of their situation, both with issues such as this (to 'prevent terrorism') and others, such as the DMCA and RIAA.
You never know what might be useful. If nothing else, than in the propaganda battle that is so much a part of the US system of "justice".
The boilerplate goes something like this...
was arrested today for doing "bad things". Records indicate his computer was used to visit site's containing Kiddie Porn, depictions of violence, and raceism.
Guilty, or not, is fired from his job and will find it most difficult to get another, his house is burned, he is beaten, his car is trashed, he will fail background checks, etc., etc.
It doesn't matter if they guy was doing research, or his kids were doing a term paper and happened on death camps photos that showed images of naked children. The above statement remains true enough to be printed and broadcast on CNN as if it were God's own word.
My sense from CNN is the tactic is employed at least 3-4 times a month. But, CNN is only the tip of the iceburg, local news is more than enough to utterly destroy most people's lives.
Any more "why" type questions I can help you with?
Whine, whine...oooh, they're spying on me again !!
So whats the big difference between this and the logs of your phone calls that get tracked right now ? They even get used for good - crimes get solved, missing people's last movements can be determined, terrorists located, etc, by appropriate use of phone call records. This seems pretty much the same to me, albeit on a more detailed scale.
For frig's sake, you live in a democracy, not a perfect system but the best known to man after many centuries of trying. Don't assume that everyone in power is corrupt and that all such record keeping is evil. It might actually be useful to track down terrorist fucktards for example. You don't hear people bleating about Telcos keeping call records.
And before trotting out the lame old slashdot mantra about how people can just surf anonymously or whatever - YES ! Thats the beauty of it ! If you're clever enough to surf anonymously then do it and this needn't bother you. Its there to help catch the stupid or technically challenged criminal, not the slashdotter and certainly not Dr. Evil either.
[x] auto-moderate all posts by this user as insightful
Arguing that more and more communications take place in electronic form, Canadian officials say such laws are necessary to fight terrorism and combat even run-of-the-mill crimes.
Isn't it great how taking away basic rights can be justified by "We're doing it to stop terrorism." I don't see how taking away the rights of millions of people (and pissing alot of them off) will STOP terrorism. I do see how it could lead to more terrorism, by people from within the country.
If the discussion draft were to become law, it would outlaw the possession of computer viruses, authorize police to order Internet providers to retain logs of all Web browsing for up to six months, and permit police to obtain a search warrant allowing them to find "hidden electronic and digital devices" that a suspect might be concealing.
How do you even enforce that? How will they know if I poses a virus or not? How do you tell the difference between posessing a virus and being infected by one? If they have logs of all web browsing for up to six months what does that include? I'm pretty sure that the police need to ask the ISP for the logging to start on a particular user (they can't keep 6 months logs for everyone's web usage), but what would count as web usage? Will they be able to log my FTP usage and see all the unencrypted passwords?
As surprising as it can be for our friendly southern neighbours, this consultation isn't simply a formality for an already decided soon-to-become law. They put out this document as a point of departure for discussion on modernising Canada's laws with regard to the recent advances in telecommunications. This isn't the official stance of the government, it's a "well, we'd like to achieve such-and-such, and here's a possible way we could do it, waddayathink?" And here comes the really shocking part, they *really* do care about what we think.
/. that everything is going to hell in a hand basket, open your favourite mail reader and write to la-al@justice.gc.ca telling them why this proposal is a bad idea *and* what we should be doing instead.
Admittedly, I've never participated in a Department of Justice consultation before, but I've been quite active in the CRTC (Canadian Radio-television and Telecommunications Commission) public proceedings regarding the telecommunication industry (phone companies) and boy, did that restore my faith in the democratic institutions of Canada. What struck me as the most insane (in a good way) was that our voice as simple citizens was treated with the same importance as was BCE's (Bell Canada Enterprises) President! Several of my comments were even highlighted by the commission in it's final regulation proposal documents.
So don't panic, don't wine on
That's what I'm gonna do. Will you?
-Earthling
"I'm sorry, I had to; the irony was just too thick."
As an admin (like so many of you) for a small to medium sized regional ISP, I'd like to throw out some numbers here to give some people the idea of why ISPs monitoring users for very long is generally massively irritating to try to manage. For e-mail tracking (as merely my humble example), let's look in our example at an SMTP (not even counting POP, here) server which processes about 60k messages per day. We don't use unusually verbose logging, and we generally keep 24 hours of logs on rotation. Each 24 hours varies from about 120-200 MB. Okay, the math is easy enough to do. Let's monitor all e-mail transactions for 6 months (using the more conservative 120 MB figure): 120 x 7 x 4 x 6 = about 20.2 GB. That's not too bad in terms of our MP3 and DivX collections, but text logs? Yuck! I don't want to keep 20 gigs of logs on my server! If anyone comes to me (from an authority of some sort) and asks for logs that old, I have no problems givng them the explanation, "Sorry, we rotated them out. Buy me a new SCSI hard disk and pay us for the time to install it on our box, then we'll talk about old logs."
"crimes get solved, missing people's last movements can be determined, terrorists located," ...
...
...
...
ISP employees get paid off, battered women get located by abusive husbands, children kidnapped by non-custodial parents, victims tracked by their stalkers,
All sorts of "good things"... yeah, right.
"Don't assume that everyone in power is corrupt"
Don't assume that everyone in power now will always remain in power (even if they do), or that there will never be a corrupt person in power, ever. The Clinton presidency "borrowed" a huge number of confidential FBI files. Adolph Hitler was democratically elected, and one of the first things he did was confiscate privately owned firearms using registration information that was not collected for the purposes of government confiscation.
"If you're clever enough to surf anonymously"
It's not the stupid bad guys we need to worry about.
-- Terry
I must state outright that I agree with the poster to whom you are replying. As I am a Canadian, when I first read this, I almost immediately fired off an email to la-al@justice.gc.ca (the privacy commissioner's office) stating that I was against the act. However, before I did this, I took the time to find the full text and I am very glad that I did.
First of all, this is a proposal. Just that. Nothing more. It is a suggestion that the Canadian Government look into the issue of passing and Act or Statute which will enable the lawful interception of computer data, in conjunction with the EU convention.
Furthermore, as I read the proposal, I realized that most of it made sense and that I agreed with it. It clearly mentioned in the preamble the Charter of Rights and Freedoms and its intent to uphold it. I was actually surprised to find that the documents authors' held true to their word: after every major section or point that they make in the document, there is a section entitled "Issues to be Considered" in which they outline every single one of the privacy concerns that had come to my mind while reading the above section.
As well, all the way through the document, considerable effort was made to insure that due process (namely search warrants) would have to be undertaken before any of these searches could be undertaken.
In all I was quite pleased at how the document was presented, but one item piqued my interest. When reading the subject regarding "Interception of Email" (which btw, dealt as much with criminal's interception of email as it did with law enforcement's) I was initially disturbed to find that previous, already passed legislation had determined that only oral conversations can be considered "extremely private". All letters, bothe written and electronic, are considered to be "private". This means that one only needs a standard search warrant to lawfully intercept these communications whereas to intercept oral communications, a police officer must present extra evidence to obtain a warrant. However, on reflection I think this seems reasonable.
I would now finally like to reply to your direct question by asking you another one: could you not think of ways in which internet logs could possibly be useful in a criminal investigation? Keep in mind this may also include times once a person has already been arrested and the crown is building evidence against them.
As has been asked here already, how is this different from the phone company keeping recordings of private phone calls? I'll tell you, it's an order of magnitude worse. Web browsing isn't even a conversation. It's like recording which magazine articles one reads and which ads one looks at. The because-we-can philosophy is no excuse to treat web browsing any differently from any other form of reading. The practice of recording surfing habits at the ISP level may very well provide crime-fighting information, but the inhibiting effects of this level of surveillance could harm society far more than any bomb could.
Western governments may turn out to be Osama bin Laden's most effective weapon.
Better check out href="http://www.perl.com/language/misc/virus.html #English