A rational look at Bill C-30


The debate surrounding the federal government’s recently introduced “The Protecting Children from Internet Predators Act”, or Bill C-30, has raised emotions on all sides.  The need to protect children from exploitation has been pitted against the the individual’s right to privacy, so there’s no surprise that sparks are flying. But let’s take a rational look at the legislation and what it could mean for Canadians.

I’ve talked about the fact that trust underlies the success of the Internet. The reality is that the Internet is a series of transactions among people, whether through personal communication or technological/ informational communication at the domain name system (DNS). Legislation like C-30 erodes this trust by allowing an unknown, unauthorized party access to what was previously considered private communications. Ironically, this is the very thing that we in the Internet industry are trying to protect by implementing DNSSEC.

The Internet has become omnipresent in our lives. Between our search history, online activity and GPS enabled smart phones, we leave our digital footprints everywhere. And if given the power to do so, the government can easily put together a very detailed profile of any individual, all without a warrant. In my opinion, without the oversight of the courts in gaining this information, the potential for mistakes, or even abuse, is too great. We don’t have to look very far to find instances where law enforcement overstepped its bounds to catch the ‘bad guy’ and got it wrong. We now know that Mahar Arar was tortured in a Syrian prison based on misinformation provided by Canadian law enforcement authorities.

Not to be alarmist, but we don’t have a great history of state surveillance. It’s within the lifetime of most of us that informants or the ‘Stasi’ in Eastern Germany, and its equivalent in Poland, the former Yugoslavia, and other Eastern Bloc nations had neighbours spy on neighbours and report back to the state. Having the technology to now do the surveillance for us – thereby removing the human element – doesn’t make it anymore acceptable to a democratic society. It is ultimately the same paradigm of an informant-based means of controlling society. As Benjamin Franklin wrote nearly 300 years ago, “They who would give up an essential liberty for temporary security deserve neither liberty nor security.” Just because we can surveil citizens en masse doesn’t mean we should. In fact, given that technology can now easily and cheaply monitor just about everything you do and everywhere you go, I would argue that government needs to be even more vigilant in protecting its citizens’ right to privacy. The current government is correct that we need to modernize the legislation around this issue, let’s just make sure we modernize the right things.

Governments also don’t have a stellar track record of protecting data on its citizens when it’s collected, either. From health information to detailed information on taxpayers, data breaches within government departments happen all too often to make me comfortable with the government having a database of Canadians’ browsing history.

Ontario’s Privacy Commissioner, Ann Cavoukian, called Minister Toew’s assertion that the Bill would ensure law enforcement have the tools they need to fight crime in the 21st century “nonsense.” In fact, all of Canada’s privacy commissioners have come out against C-30.

Yes, we need to stop malicious activity on the Internet. There is no question about that. But legislation like C-30 casts a net over the entire population based on the actions of an incredibly small number of people. This is akin to dropping a nuke to kill a cockroach – the same analogy I used a few weeks ago to describe SOPA. Effective? Maybe, but at what cost? Too high, in my opinion. Anything that erodes the trust that has enabled the tremendous economic and social growth the Internet has been responsible for over the past two decades cannot be worth the outcome.

I am in total agreement that there is a need for a quick and efficient means of taking town unlawful online materials or websites. But, this can be done in a variety of ways that doesn’t require sweeping legislation like Bill C-30. In fact, CIRA already have an example of how the privacy of Canadians can be protected while still allowing law enforcement the ability to act quickly without needing to take the judicial route (i.e. court orders) with our WHOIS database.

Our WHOIS has an administrative instrument (no court order required) whereby domain names can be disabled if it is “directly or indirectly, intentionally or unintentionally, is or may become involved” in one of a set of activities (which includes the distribution of child pornography). All without infringing upon an individual’s right to privacy.

Canadians are an ingenious lot – I’m pretty sure, given the right resources and people, we can come up with a well thought out, rational approach that will enable law enforcement to do their job without compromising the rights of Canadians. As a free and democratic nation, we should expect nothing less.

What do you think? Can we protect the most vulnerable in our society without infringing on citizen’s rights?

Share on Tumblr
  • Christopher

    Those who want to remain hidden will simply set up their own private connection to the Internet.

    From what’s happening with similar legislation in the US and UK, C-30 could be used in a manner it was not promoted as. Judicial scrutiny is essential.

  • IamME

    I agree!! Judicial scrutiny is essential. I’m not willing to give up my freedom over a bill I think will ultimately be ineffective it it’s, so called, purpose. Mind you, the police had a different thing to say about it’s purpose, didn’t they?

    If C-30 doesn’t pass, it “could limit the ability of police to access basic subscriber information in non-emergencies” and warrants are “generally granted for criminal investigations. Requiring a warrant would be problematic when police undertake non-criminal, general policing duties, such as contacting next-of-kin after a traffic accident or returning stolen property,” the records state.”

    C’mon, is this the best they could come up with? Returning stolen goods? OMG!!!

    Basic rights must be protected, privacy, due process, judicial oversight, innocent until proven guilty with the burden of proof on the accuser, not guilty until the accused can prove their own innocence. Removing any of this is a slippery slope in to a police state. More and more people are putting more and more of their lives on-line, it should not have a lower standard of privacy than other private information.

    As others have stated in so many other places, just because, technically, you can track everything someone does, doesn’t mean it should be legal…for anyone.

  • http://Google Neville Toole

    B-C30 IS ATROCIOUS, every I.P address will have to be monitored to find those engaged , which means invasion of privacy.

  • http://adnausi.ca/ Chad English

    A very well written piece. (A side note that some question the source of the Ben Franklin quote, though its point remains valid.)

    I see two fundamental problems with these legislative approaches to combating nefarious activities online. The first you hint at, that the technology community is largely left out of the discussion. For child pornography it appears to be police and security lobbyists who are the source of the mechanisms for attacking the problem. For copyright issues like SOPA/PIPA and C-11, the sources are the copyright lobbyists. In both cases they forget to include the larger internet community in coming up with solutions.

    The more fundamental problem I see, though, appears to be perception problem. It appears to me that those at the legislative level, and possibly in the internet security field, think of the internet as some form of software “tool” used by “consumers” and thus regulated as a product in terms of safety and control.

    They do not appear to see it for what it really is: a communications infrastructure. It should be treated as we treat speech, and expression, and mobility. The ability to follow somebody online and tie it to a name and address is huge violation of privacy rights, unless they have a warrant with judicial oversight recognizing probable cause. We would not stand for it if they did this physically. We do not stand for it if they try the same thing digitally.

  • IamME

    You someone over on Geist’s blog pointed this out…sound familiar? In comparison to recent events this quote is extremely chilling, at least to me.

    “The state must declare the child to be the most precious treasure of the people. As long as the government is perceived as working for the benefit of the children, the people will happily endure almost any curtailment of liberty and almost any deprivation.”

    Adolf Hitler – Mein Kampf

  • paul

    Why don’t they just buy all our profiles from google. They have our MAC, IP, and Home address crossed referenced with everything we do through their search engine of software — like chrome. Chrome’s address bar is the search bar so google can justify having everything we type in it (search or internet address) gets stored with our profile. If we type in a chat room (secure or not), Chrome can ship that data to google as well. Its just one simple example. Google products and new privacy policy explain this. If I turn my ad block off, when I type a secure gmail, relevant ads pop up to what I am typing. Is that scanning, monitoring, reading? Whatever our live our wide open, I could say 3 times as much about smart phones and Ipads.

  • Mike

    “The state must declare the child to be the most precious treasure of the people. As long as the government is perceived as working for the benefit of the children, the people will happily endure almost any curtailment of liberty and almost any deprivation. ”

    – From Mein Kampf, by Adolf Hitler

  • Rwolf


    The Canadian (Commons Bill C-30) that would among other electronic invasions—give any Canadian police officer without a warrant—the power to request Internet service providers turn over customer information (see section 17 of C-30) will cause the same loss of electronic privacy and civil liberties the British Government recently proposed—to monitor the electronic activity and communications of Brits. Is it coincidence the British and Canadian proposals mirror legislation the U.S. Government said it wanted passed in 2011 to spy on U.S. Citizens? Overlooked by mainstream media is that Britain and Canada signed with the U.S Government an array of (Asset Forfeiture Sharing Agreements) to share with Canadian and British Police/Governments assets seized from Brits and Canadians resulting from evidence or information gleaned from wiretapping and other electronic surveillance of Citizens’ communications, e.g., emails, faxes, Internet activity, Internet actively, phone records including GPS tracking.

    Compare U.S. Government’s proposal to electronically monitor Americans without a warrant—with Canada’s recent Commons’ eavesdropping (Bill C-30) and British Government’s plan to spy on its Citizens’ private communications.

    The U.S. Government wants the power to (introduce as evidence) in criminal prosecutions and government civil trials, any phone call record, email or Internet activity. That would open the door for Police to take out of context any innocent—hastily written email, fax or phone call record to allege a crime or violation was committed to cause a person’s arrest, fines and or civil asset forfeiture of their property. There are more than 350 laws and violations that can subject property to government asset forfeiture. Government civil asset forfeiture requires only a civil preponderance of evidence for police to forfeit property, little more than hearsay.

    If the U.S. Justice Department has its way, any information the FBI derives from circumventing the Fourth Amendment, i.e. (no warrant searches) of Web Server Records; a Citizen’s Internet Activity, personal emails; fax / phone calls may be used by the FBI for (fishing expeditions) to issue subpoenas in hopes of finding evidence or to prosecute Citizens for any alleged crime or violation. Consider that neither Congress nor the courts—determined what Bush II NSA electronic surveillance, perhaps illegal could be used by police or introduced into court by government to prosecute Americans criminally or civilly. If U.S. Justice Department is permitted (No-Warrant) surveillance of all electronic communications, it is problematic state and local law enforcement agencies and private government contractors will want access to prior Bush II NSA and other government illegally obtained electronic records not limited to—Americans’ Internet activity; private emails, faxes and phone calls to secure evidence to arrest Americans, assess fines and or civilly forfeit their homes, businesses and other assets under Title 18USC and other laws. Of obvious concern, what happens to fair justice in America if police become dependent on “Asset Forfeiture” to help pay their salaries and budget operating costs?

    The “Civil Asset Forfeiture Reform Act of 2000” (effectively eliminated) the “five year statue of limitations” for Government Civil Asset Forfeiture: the statute now runs five years (from the date) police allege they “learned” an asset became subject to forfeiture. It is foreseeable should (no warrant) government electronic surveillance be approved; police will relentlessly sift through business and Citizen’s (government retained Internet data), emails and phone communications to discover possible crimes or civil violations. A corrupt despot U.S. Government can too easily use no-warrant—(seized emails, Internet data and phone call information) to blackmail Americans, corporations and others in the same manner Hitler utilized his police state passed laws to extort support for the Nazi fascist government, including getting parliament to pass Hitler’s 1933 Discriminatory Decrees that suspended the Constitutional Freedoms of German Citizens. A Nazi Government threat of “Property Seizure” Asset Forfeiture of an individual or corporation’s assets was usually sufficient to ensure Nazi support.

    Under U.S. federal civil forfeiture laws, a person or business need not be charged with a crime for government to forfeit their property. Most U.S. Citizens, property and business owners that defend their assets against Government Civil Asset Forfeiture claim an “innocent owner defense.” This defense can become a “Catch 22” a criminal prosecution trap for both guilty and innocent property owners. Any fresh denial of guilt made to government when questioned about committing a crime “even when you did not do the crime” may (involuntarily waive) a defendant’s right to assert in their defense—the “Criminal Statute of Limitations” past for prosecution; any fresh denial of guilt even 30 years after a crime was committed may allow Government prosecutors to use old and new evidence, including information discovered during a Civil Asset Forfeiture Proceeding to launch a criminal prosecution. For that reason many innocent Americans, property and business owners are reluctant to defend their property and businesses against Government Civil Asset Forfeiture.

    Re: waiving Criminal Statute of Limitations: see USC18, Sec.1001, James Brogan V. United States. N0.96-1579. U.S. See paragraph (6) at:

  • MShortpants

    I am pleased to see our CIRA president taking a public position on this important issue.

    It should not be overlooked that a great many micro-businesses, who register their .ca domains and then operate a server from their home office, will be put out of business if the bill survives in its current form.

    Under Interpretation, the law is to be applied to telecommunications service providers defined as:

    ““telecommunications service” means a service, or a feature of a service, that is provided by means of telecommunications facilities, whether the provider owns, leases or has any other interest in or right respecting the telecommunications facilities and any related equipment used to provide the service.”

    ““telecommunications service provider” means a person that, independently or as part of a group or association, provides telecommunications services.”

    A “service or feature” if the person has ANY interest.

    Without some narrowing of those definitions, the reach is extremely wide, including domain resellers who might do a dozen registrations a month. Not worth spending thousands on government surveillance equipment; better to close up shop.

    It is a wildly over-reaching piece of legislation and why the heck would it matter if some other countries are already doing the same thing? Bad laws are bad laws, regardless who else might be imposing them.

  • http://www.empcontracting.ca Mr. Erik Parti

    I really liked your blog on C-30 Byron, you proved very nicely with the authoring, and also gained my respect for your position with CIRa, spoken like a good Canadian.
    To the rest of Canada, child porn is a sickness, solved by treatment or a bullet, no in-between – Un fortunately we can’t shoot the perps, but we can stand as a nation against people whom are doing things wrong, not by bogging down the Police, or by starting roomers, but by talking to kids – and knowing what they are into – if you are an older air cadet – senior in high school – don’t just text your brother, travel by his grade seven blog, and talk to the members of his online community to see if they are for real, and if by chance you do stumble upon child pornography, or are sent any pop ups do not hesitate to contact the RCMP, or phonebusters.com or the fbi, but community is more powerful than anything, 10 dads that hang out and show them self’s in the community as good role models is far more threatening, as God works with the Nuclear family and healthy mentor relationships, then any un seen force. This simple, giving a care about members of your community, talking to children or finding out what is wrong with the man next door, in a caring manner! Maybe his wife died, maybe he needs a ride to Narcotics Anonymous or is simply lonely, or he is involved with an addiction such as child porn find out just by caring for your neighbours in an un intrusive way!
    10 Dads, keeping good relationships, or even a couple real older brothers that don’t need to be drunk or smoking a joint, and can host a good ol fashioned street hockey games reaching out to the shy misfit, that will scare the pedophiles and hopefully through good healthy relationships – face to face not text to facebook the pervs will be exposed, or simply pre occupied before they learn from being victims, growing into victimizers by slowly following the same learned patterns that the perv generation before taught him.
    Although, any sever form of misconduct well like I said – rights and legislation can only go so far one way or the other before either Gay sex leads to child exploitation, or C-30 turns into a third party door way to anyone’s personal console – going past in my vote opinion Canadian morality.
    I was just talking with my wife about this bill tonight, right on Byron, you’re not just a good ceo of Canadian Internet Registry Authority, but you are a REAL CANUCK!

  • http://tarcoteca.blogspot.com.es/ Pablo Heraklio

    Translation from the article: Canadian Police urge Parliamente to pass domestic spying bill. RT